Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b2262b90-44fa-401f-842c-4ae44ec786a4.roa
File:                     b2262b90-44fa-401f-842c-4ae44ec786a4.roa (raw, json)
Hash identifier:          C2HeDz6LIyufhr+RCgZRv2712bJi9qID+rUO0y/DRH0=
Subject key identifier:   ED:68:3E:0F:E2:C9:A2:2B:F2:C0:EC:4A:F0:04:42:70:39:84:49:E9
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3D9FAB1DC328639BBF0CF51E4CE1C2A1D11D0346
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b2262b90-44fa-401f-842c-4ae44ec786a4.roa
Signing time:             Wed 23 Jul 2025 00:22:24 +0000
ROA not before:           Wed 23 Jul 2025 00:22:24 +0000
ROA not after:            Wed 27 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        184.73.144.0/21 maxlen: 21
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:9f:ab:1d:c3:28:63:9b:bf:0c:f5:1e:4c:e1:c2:a1:d1:1d:03:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 23 00:22:24 2025 GMT
            Not After : Aug 27 23:59:59 2025 GMT
        Subject: serialNumber=97a1ab5afb799796ef0a2b4c6ba56a903db575f41da481a3b50a122dc20b284c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:2d:63:99:35:f0:66:31:3a:48:88:57:d6:b3:
                    f6:29:a0:06:b8:42:5a:ff:3b:32:f5:0f:ab:2b:23:
                    76:fd:e2:3b:5d:ce:71:df:93:87:79:b0:cd:86:17:
                    e2:57:c5:9b:02:92:ae:07:0e:d3:99:56:89:cd:59:
                    aa:cb:72:8c:00:73:94:97:74:85:37:cb:ec:86:a1:
                    2b:30:69:16:8f:1e:06:67:6b:97:65:19:7b:32:6b:
                    ed:7a:67:c3:e5:52:70:7d:63:e9:88:be:f9:72:ee:
                    d7:b5:1e:8f:65:3e:cd:d3:0a:02:e3:c5:a8:16:80:
                    77:f5:70:7a:39:4d:64:42:8c:70:25:32:24:9d:d3:
                    be:5d:c2:76:c1:28:08:7c:b5:31:63:38:37:ed:52:
                    ad:5a:c9:03:ff:e2:94:2a:70:97:dd:40:8d:ae:e5:
                    ea:b5:bf:56:04:a8:b2:b7:82:bf:74:30:ec:e2:f5:
                    98:9c:e5:e7:b9:50:f2:0d:d7:5a:9a:1b:1a:83:69:
                    f5:0a:99:3d:2d:45:01:9f:fa:e8:92:81:c4:8d:38:
                    53:19:45:3d:90:aa:68:db:c6:83:a0:68:ff:39:71:
                    ea:66:e9:5a:3b:b3:67:8b:44:49:14:cc:ec:1e:ad:
                    aa:f0:b3:0d:72:28:51:c3:a9:86:19:20:69:53:9e:
                    3b:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:68:3E:0F:E2:C9:A2:2B:F2:C0:EC:4A:F0:04:42:70:39:84:49:E9
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b2262b90-44fa-401f-842c-4ae44ec786a4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  184.73.144.0/21

    Signature Algorithm: sha256WithRSAEncryption
         7a:3b:8d:8d:b5:4a:10:eb:80:70:6c:ab:4f:2f:94:a1:b4:0b:
         ec:71:3f:1b:58:ca:27:b9:bc:a0:52:4e:12:e0:13:1d:cf:c6:
         23:12:c2:02:f2:09:13:20:72:60:60:bd:16:88:83:46:ae:04:
         32:07:37:bb:da:7c:10:a8:38:1e:45:45:cd:08:98:14:dd:70:
         ac:87:fa:07:23:b0:2f:85:7b:45:f7:8a:f1:89:17:89:f8:7d:
         fa:3f:43:b2:3d:42:3a:66:8c:cf:b4:53:fc:96:87:87:c5:d4:
         7b:cf:45:30:61:fc:db:e9:2b:ad:a2:73:3f:e3:74:0a:36:bf:
         6d:41:21:0d:64:47:c2:41:07:81:f9:09:d3:71:aa:03:e8:aa:
         a0:40:8f:7b:b6:cd:d9:80:d0:9d:36:88:95:38:63:49:20:2c:
         e5:d4:90:4b:7d:d0:81:72:2e:fe:c9:58:1a:a3:7f:81:9a:62:
         ad:14:a2:27:0b:68:66:48:d6:03:ef:b2:02:32:d1:58:10:12:
         72:3e:c3:60:a2:11:f9:30:89:fc:df:92:84:12:68:3d:99:77:
         b6:8f:ec:15:04:d7:4c:82:87:3c:1b:39:88:a4:e4:aa:e0:f5:
         26:a5:c5:e6:12:0e:51:1a:ba:d1:c1:44:6f:5f:f8:1b:09:65:
         55:d4:cb:79
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUPZ+rHcMoY5u/DPUeTOHCodEdA0YwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzIzMDAyMjI0WhcNMjUwODI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A5N2ExYWI1YWZiNzk5Nzk2ZWYwYTJiNGM2YmE1NmE5MDNk
YjU3NWY0MWRhNDgxYTNiNTBhMTIyZGMyMGIyODRjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDtLWOZNfBmMTpIiFfWs/YpoAa4Qlr/OzL1D6srI3b94jtd
znHfk4d5sM2GF+JXxZsCkq4HDtOZVonNWarLcowAc5SXdIU3y+yGoSswaRaPHgZn
a5dlGXsya+16Z8PlUnB9Y+mIvvly7te1Ho9lPs3TCgLjxagWgHf1cHo5TWRCjHAl
MiSd075dwnbBKAh8tTFjODftUq1ayQP/4pQqcJfdQI2u5eq1v1YEqLK3gr90MOzi
9Zic5ee5UPIN11qaGxqDafUKmT0tRQGf+uiSgcSNOFMZRT2QqmjbxoOgaP85cepm
6Vo7s2eLREkUzOwerarwsw1yKFHDqYYZIGlTnjsNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU7Wg+D+LJoivywOxK8ARCcDmESekwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2IyMjYyYjkwLTQ0ZmEtNDAxZi04NDJjLTRhZTQ0ZWM3ODZhNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAO4SZAwDQYJKoZIhvcNAQELBQADggEBAHo7jY21ShDrgHBsq08vlKG0C+xx
PxtYyie5vKBSThLgEx3PxiMSwgLyCRMgcmBgvRaIg0auBDIHN7vafBCoOB5FRc0I
mBTdcKyH+gcjsC+Fe0X3ivGJF4n4ffo/Q7I9QjpmjM+0U/yWh4fF1HvPRTBh/Nvp
K62icz/jdAo2v21BIQ1kR8JBB4H5CdNxqgPoqqBAj3u2zdmA0J02iJU4Y0kgLOXU
kEt90IFyLv7JWBqjf4GaYq0UoicLaGZI1gPvsgIy0VgQEnI+w2CiEfkwifzfkoQS
aD2Zd7aP7BUE10yChzwbOYik5Krg9SalxeYSDlEautHBRG9f+BsJZVXUy3k=
-----END CERTIFICATE-----
Generated at Wed Aug 6 10:15:13 2025 by rpki-client