Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b5930f9b-ab36-45e8-a904-5574a9426761.roa
File:                     b5930f9b-ab36-45e8-a904-5574a9426761.roa (raw, json)
Hash identifier:          NI7xkP0RdfHwJVhRgwvyGVDtAABFTs6zjO/+b7Z9IyQ=
Subject key identifier:   84:36:3E:15:E7:AD:C3:7E:01:F3:CE:0C:5E:FE:C9:90:F0:1A:55:2F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       349C4950058B68D11107A67AB2DB9ECD07814E9D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b5930f9b-ab36-45e8-a904-5574a9426761.roa
Signing time:             Wed 06 Aug 2025 01:08:50 +0000
ROA not before:           Wed 06 Aug 2025 01:08:50 +0000
ROA not after:            Wed 10 Sep 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        16.187.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            34:9c:49:50:05:8b:68:d1:11:07:a6:7a:b2:db:9e:cd:07:81:4e:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  6 01:08:50 2025 GMT
            Not After : Sep 10 23:59:59 2025 GMT
        Subject: serialNumber=290d5e9be3781af05748baf1e430f6fd720eb716d4b51ee57f917915f4bcfe84, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:3c:67:e1:f4:52:eb:51:4f:5c:00:4d:40:ee:
                    89:df:af:0e:3d:b9:bf:01:92:67:13:92:c8:09:e5:
                    14:60:07:93:fc:92:bd:81:02:eb:47:57:73:31:10:
                    f2:07:ac:14:ab:65:49:f8:69:08:5d:33:de:15:30:
                    dc:1c:2e:ae:f6:23:b9:78:61:69:4d:10:d1:4b:80:
                    76:1d:e2:6f:4e:dd:08:66:f2:9f:fd:2a:f9:39:45:
                    64:00:76:52:98:1e:8b:21:30:48:6f:e5:8f:ce:f0:
                    b1:f1:58:13:db:5a:e8:b1:9a:44:f0:7a:29:93:56:
                    c4:56:5a:a6:ef:8c:58:f9:97:44:fb:05:6e:b8:a7:
                    52:cd:d7:c6:07:f4:af:c3:10:74:da:67:28:0d:b4:
                    46:d6:e2:19:59:a5:00:22:6d:56:fd:ee:4f:8d:ee:
                    75:9c:84:d9:b7:83:89:dd:5a:27:43:68:49:53:84:
                    3b:80:4b:df:b4:d9:04:14:a2:a2:64:4d:2c:e0:db:
                    19:20:dd:1c:05:18:0f:f9:4c:6d:5a:4f:a2:7c:b1:
                    fd:40:55:99:bd:c9:b0:ec:f6:b6:e2:ca:1f:e1:cf:
                    97:b9:c8:de:8e:95:e2:11:dc:ba:65:63:67:8c:65:
                    37:79:b3:c8:78:d4:dc:a2:ab:56:e3:41:c6:ed:77:
                    66:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:36:3E:15:E7:AD:C3:7E:01:F3:CE:0C:5E:FE:C9:90:F0:1A:55:2F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b5930f9b-ab36-45e8-a904-5574a9426761.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.187.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         38:ae:02:68:79:60:fe:dd:26:a1:47:d4:ff:55:2b:31:09:33:
         1d:49:55:c0:94:14:8e:41:6a:56:73:2c:eb:d9:f9:6f:99:09:
         d4:48:b8:d1:85:b9:b5:e6:ab:76:74:af:19:1a:02:e1:ed:0a:
         26:15:b9:19:f1:0c:56:22:e9:b1:f1:b2:1c:bf:f9:f8:bd:d4:
         11:a2:42:b5:fa:0f:5c:b2:16:80:ac:14:be:42:1c:d6:40:e6:
         89:03:3f:e9:e4:8a:5d:88:dc:72:df:99:15:f6:e1:d2:88:98:
         87:58:70:a0:a9:98:b1:ce:7d:e3:0d:da:d8:0a:42:e0:73:cd:
         29:af:be:29:66:b2:f5:da:23:cd:17:c7:96:c4:8f:ee:3c:f6:
         ac:bc:cb:1f:55:34:32:ee:b2:24:26:0c:41:1c:e0:d3:cf:72:
         5f:54:c4:64:7c:3c:c4:c7:63:b7:14:41:26:13:b8:49:12:11:
         2c:06:21:1a:41:fd:9f:5e:97:95:7a:bf:ac:ce:ca:0b:65:b5:
         30:55:72:fa:d7:9f:03:3a:6a:85:5f:93:47:b6:83:4e:61:e3:
         64:1e:35:66:23:33:d7:96:77:ae:ba:f8:62:8b:ae:97:71:49:
         1d:c0:95:89:62:ad:b7:1d:7f:f8:6c:28:53:a6:18:34:9a:d4:
         fe:70:03:7b
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUNJxJUAWLaNERB6Z6stuezQeBTp0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA2MDEwODUwWhcNMjUwOTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AyOTBkNWU5YmUzNzgxYWYwNTc0OGJhZjFlNDMwZjZmZDcy
MGViNzE2ZDRiNTFlZTU3ZjkxNzkxNWY0YmNmZTg0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2PGfh9FLrUU9cAE1A7onfrw49ub8BkmcTksgJ5RRgB5P8
kr2BAutHV3MxEPIHrBSrZUn4aQhdM94VMNwcLq72I7l4YWlNENFLgHYd4m9O3Qhm
8p/9Kvk5RWQAdlKYHoshMEhv5Y/O8LHxWBPbWuixmkTweimTVsRWWqbvjFj5l0T7
BW64p1LN18YH9K/DEHTaZygNtEbW4hlZpQAibVb97k+N7nWchNm3g4ndWidDaElT
hDuAS9+02QQUoqJkTSzg2xkg3RwFGA/5TG1aT6J8sf1AVZm9ybDs9rbiyh/hz5e5
yN6OleIR3LplY2eMZTd5s8h41Nyiq1bjQcbtd2YfAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUhDY+Feetw34B884MXv7JkPAaVS8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I1OTMwZjliLWFiMzYtNDVlOC1hOTA0LTU1NzRhOTQyNjc2MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQuzANBgkqhkiG9w0BAQsFAAOCAQEAOK4CaHlg/t0moUfU/1UrMQkzHUlV
wJQUjkFqVnMs69n5b5kJ1Ei40YW5teardnSvGRoC4e0KJhW5GfEMViLpsfGyHL/5
+L3UEaJCtfoPXLIWgKwUvkIc1kDmiQM/6eSKXYjcct+ZFfbh0oiYh1hwoKmYsc59
4w3a2ApC4HPNKa++KWay9dojzRfHlsSP7jz2rLzLH1U0Mu6yJCYMQRzg089yX1TE
ZHw8xMdjtxRBJhO4SRIRLAYhGkH9n16XlXq/rM7KC2W1MFVy+tefAzpqhV+TR7aD
TmHjZB41ZiMz15Z3rrr4Youul3FJHcCViWKttx1/+GwoU6YYNJrU/nADew==
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:23:57 2025 by rpki-client