Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b4fc45e7-8bde-4b2c-ad82-302a6c0ccbfd.roa
File:                     b4fc45e7-8bde-4b2c-ad82-302a6c0ccbfd.roa (raw, json)
Hash identifier:          Uxq4vkMpuCDdKEOu8enH8BPPD2DzFZWtiVNjbNJc0lg=
Subject key identifier:   F1:6E:DE:DE:FB:D1:A2:09:20:65:92:57:C8:77:89:78:15:17:C0:63
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4D9E6D3C6C7C397F2882140A02B8BE667F821CD6
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b4fc45e7-8bde-4b2c-ad82-302a6c0ccbfd.roa
Signing time:             Mon 28 Jul 2025 15:20:26 +0000
ROA not before:           Mon 28 Jul 2025 15:20:26 +0000
ROA not after:            Mon 01 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        167.147.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:9e:6d:3c:6c:7c:39:7f:28:82:14:0a:02:b8:be:66:7f:82:1c:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 28 15:20:26 2025 GMT
            Not After : Sep  1 23:59:59 2025 GMT
        Subject: serialNumber=b1b2e3142187df948fcaed8e2ef8ce1cf346fc68f835451fc937a5891e6cc74d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:7a:3b:de:79:1d:a0:d8:c3:1a:9a:e5:79:c8:
                    9b:58:64:89:02:a1:d7:89:22:33:85:02:6b:40:bd:
                    fa:d8:97:c4:9d:a6:af:33:04:6e:25:b7:97:d8:32:
                    e3:55:2e:fb:c3:e1:e6:c0:3b:7f:04:71:5e:02:2b:
                    10:5b:d3:53:3c:70:75:60:28:e3:12:45:8b:ff:48:
                    5b:c2:a8:18:43:2e:e0:a1:2d:83:01:f8:8d:a2:54:
                    d9:5a:5a:79:e6:cd:22:d9:1a:e6:ab:90:18:f4:a6:
                    cc:17:cd:ab:ac:e5:5a:f6:8e:52:c3:33:3c:6b:ce:
                    0e:0f:6f:92:8b:ec:5f:e7:b3:2d:7a:08:93:be:ca:
                    7c:41:e2:c9:fa:f3:45:84:d5:15:99:bf:ef:ca:35:
                    c1:3b:0f:75:78:7d:80:3b:1d:9d:ec:86:22:d3:3e:
                    29:f8:e2:83:ab:7c:5d:ac:4a:e6:61:97:0b:98:89:
                    b8:5b:1b:4a:2d:20:f3:53:24:f1:8b:3b:48:74:10:
                    cd:f9:a3:af:c1:b0:9b:5a:19:bc:79:4d:a6:69:2b:
                    b4:c1:ef:35:1d:2d:a0:00:69:7a:ea:1a:cb:e0:97:
                    8d:d0:f4:0a:0e:fe:81:1d:7a:6f:35:63:67:c3:4d:
                    f7:25:41:eb:63:2a:2b:12:1c:53:8d:53:04:5c:e9:
                    31:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:6E:DE:DE:FB:D1:A2:09:20:65:92:57:C8:77:89:78:15:17:C0:63
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b4fc45e7-8bde-4b2c-ad82-302a6c0ccbfd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  167.147.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         cd:6f:0c:29:3f:aa:65:54:0b:93:39:e0:6e:b9:31:fa:e2:15:
         11:f3:f9:b2:9c:ae:a7:ac:e0:ff:93:31:3f:8f:68:1e:fe:33:
         dc:73:af:0f:20:da:bb:fb:df:1d:ff:85:9b:24:b5:6a:a2:a4:
         2e:b8:4f:3d:59:1c:e9:42:3a:70:3e:0c:c7:68:92:2f:5a:f8:
         80:7a:77:ef:93:bf:80:60:37:20:4a:92:77:4e:7f:3a:10:6a:
         d5:c8:30:34:ac:c0:a6:75:f0:ac:05:25:f4:74:a6:99:6b:bf:
         ce:63:0e:48:4e:52:2f:22:b4:a7:68:b9:72:dd:9c:08:22:44:
         7d:7f:b7:16:74:3a:6a:12:c9:73:43:a5:11:19:19:a1:24:31:
         50:9c:72:60:74:45:bd:0a:3e:f4:c8:2f:da:31:97:ee:25:b4:
         3c:45:99:28:bf:09:be:61:85:b7:85:2b:01:f4:0d:86:b2:8d:
         de:4b:f9:ba:d9:8e:4b:7f:52:4b:14:23:da:b4:c1:43:14:50:
         ea:0d:9a:6e:cb:10:59:9d:18:49:3b:88:b5:09:d2:8e:b9:04:
         73:50:b9:05:6c:6d:f4:7c:b0:9c:2d:e7:d2:46:68:47:6d:1c:
         5d:42:31:27:63:e0:43:84:21:51:10:64:98:2d:f4:6f:be:ed:
         d4:a5:97:24
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUTZ5tPGx8OX8oghQKAri+Zn+CHNYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzI4MTUyMDI2WhcNMjUwOTAxMjM1OTU5
WjB6MUkwRwYDVQQFE0BiMWIyZTMxNDIxODdkZjk0OGZjYWVkOGUyZWY4Y2UxY2Yz
NDZmYzY4ZjgzNTQ1MWZjOTM3YTU4OTFlNmNjNzRkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC9ejveeR2g2MMamuV5yJtYZIkCodeJIjOFAmtAvfrYl8Sd
pq8zBG4lt5fYMuNVLvvD4ebAO38EcV4CKxBb01M8cHVgKOMSRYv/SFvCqBhDLuCh
LYMB+I2iVNlaWnnmzSLZGuarkBj0pswXzaus5Vr2jlLDMzxrzg4Pb5KL7F/nsy16
CJO+ynxB4sn680WE1RWZv+/KNcE7D3V4fYA7HZ3shiLTPin44oOrfF2sSuZhlwuY
ibhbG0otIPNTJPGLO0h0EM35o6/BsJtaGbx5TaZpK7TB7zUdLaAAaXrqGsvgl43Q
9AoO/oEdem81Y2fDTfclQetjKisSHFONUwRc6TFjAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU8W7e3vvRogkgZZJXyHeJeBUXwGMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I0ZmM0NWU3LThiZGUtNGIyYy1hZDgyLTMwMmE2YzBjY2JmZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCnkzANBgkqhkiG9w0BAQsFAAOCAQEAzW8MKT+qZVQLkzngbrkx+uIVEfP5
spyup6zg/5MxP49oHv4z3HOvDyDau/vfHf+FmyS1aqKkLrhPPVkc6UI6cD4Mx2iS
L1r4gHp375O/gGA3IEqSd05/OhBq1cgwNKzApnXwrAUl9HSmmWu/zmMOSE5SLyK0
p2i5ct2cCCJEfX+3FnQ6ahLJc0OlERkZoSQxUJxyYHRFvQo+9Mgv2jGX7iW0PEWZ
KL8JvmGFt4UrAfQNhrKN3kv5utmOS39SSxQj2rTBQxRQ6g2abssQWZ0YSTuItQnS
jrkEc1C5BWxt9HywnC3n0kZoR20cXUIxJ2PgQ4QhURBkmC30b77t1KWXJA==
-----END CERTIFICATE-----
Generated at Tue Aug 5 17:14:12 2025 by rpki-client