Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b7a02b21-64a7-4629-8149-a98f47ed09a5.roa
File:                     b7a02b21-64a7-4629-8149-a98f47ed09a5.roa (raw, json)
Hash identifier:          JU+gt7WCabKt34+4ur+9vJ2WtpaakMJ9/3pPuh+Ut50=
Subject key identifier:   57:F2:8F:A4:C0:94:16:3F:54:DB:4C:65:8A:33:3F:46:20:DA:27:CF
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       778FB78D4BE0DAA70975EDB66EBA0FB43E9688E8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b7a02b21-64a7-4629-8149-a98f47ed09a5.roa
Signing time:             Fri 18 Jul 2025 00:41:34 +0000
ROA not before:           Fri 18 Jul 2025 00:41:34 +0000
ROA not after:            Fri 22 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        66.221.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:8f:b7:8d:4b:e0:da:a7:09:75:ed:b6:6e:ba:0f:b4:3e:96:88:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 18 00:41:34 2025 GMT
            Not After : Aug 22 23:59:59 2025 GMT
        Subject: serialNumber=3329c5bb8ede66efa3cd5ebfddf4a2c5fa008c222ba6974b762f1f0a038b487a, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:91:22:31:c2:b4:25:74:c6:64:a0:c5:d8:fc:
                    3f:33:e7:3b:69:e9:9e:21:f9:87:1c:f6:d0:d6:f5:
                    3d:db:71:96:08:20:49:72:4d:8f:c0:3b:0d:90:28:
                    e8:79:72:18:35:03:5e:db:8c:50:ff:69:1e:bb:79:
                    f0:19:51:0f:64:75:45:96:19:97:d6:94:cc:5a:fa:
                    63:1d:1a:d9:a9:6b:69:b3:d0:4d:12:99:66:17:ad:
                    d1:98:db:0c:de:60:42:7b:f3:5d:83:1a:52:22:0c:
                    d6:6d:51:e6:43:fd:38:2c:7a:62:dc:91:d9:ab:6e:
                    22:7b:58:01:15:35:6b:78:4e:55:0d:cd:4f:03:f8:
                    80:50:12:10:ca:fc:e3:50:d2:ab:71:6a:01:52:8b:
                    9d:78:4d:9a:53:6d:bc:5b:4c:24:40:ee:d7:62:e6:
                    ff:ef:55:df:c2:6d:64:1c:01:88:48:a7:3f:93:c9:
                    8d:eb:18:11:07:87:32:8b:6a:dc:e6:e2:5e:e6:2a:
                    d4:6d:4f:16:a9:96:9d:67:dd:c5:e1:35:5b:1b:0e:
                    01:45:93:33:4e:d6:2f:7f:10:a5:7e:52:b1:dd:29:
                    93:41:b0:bb:f2:5f:ce:c6:f8:77:9a:8b:cd:aa:ba:
                    b0:e4:52:f0:b3:0c:ca:5b:4c:fa:34:4e:5b:ae:7f:
                    68:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:F2:8F:A4:C0:94:16:3F:54:DB:4C:65:8A:33:3F:46:20:DA:27:CF
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b7a02b21-64a7-4629-8149-a98f47ed09a5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.221.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         8f:72:14:26:a9:5c:7d:d2:f4:19:f9:20:14:e1:bf:3c:6c:88:
         cf:a5:6a:3a:6b:58:e3:df:41:39:f5:62:5f:39:97:5f:95:cf:
         ff:d4:f7:bf:f6:29:e3:5c:77:88:2c:55:3b:b7:11:4b:83:b0:
         7a:ab:27:46:26:fa:08:66:a9:27:f7:85:1a:b6:d6:b2:d9:f7:
         52:9e:5e:57:7a:0c:33:13:37:e5:fb:df:9c:6e:b1:5c:e5:41:
         8a:97:8e:20:0b:f3:e0:97:20:11:68:74:bd:99:7f:ce:7f:8b:
         6b:c1:8a:6e:fc:03:c7:79:30:76:59:18:8c:75:52:c7:ae:b8:
         8e:fe:85:34:ac:95:7f:51:c7:15:a3:74:0b:0b:38:ae:cd:40:
         72:50:38:59:c4:d1:5a:dd:c0:8f:40:a1:f0:72:79:2e:36:ed:
         3a:ea:af:7e:5e:4b:50:eb:7a:02:01:89:99:af:21:41:28:b4:
         85:8e:83:74:36:a3:59:1c:38:44:e5:7d:50:d8:81:31:1d:a6:
         38:2c:48:6f:3e:53:f1:c5:b5:c0:f9:bb:11:b0:88:6a:1f:c6:
         ca:0a:cb:48:72:ed:4a:c4:73:48:85:d6:a2:3b:d8:b6:00:ce:
         95:fc:ca:c4:ae:76:a3:5a:1f:35:c9:0c:74:e8:57:2b:81:29:
         4c:ab:cb:aa
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUd4+3jUvg2qcJde22broPtD6WiOgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzE4MDA0MTM0WhcNMjUwODIyMjM1OTU5
WjB6MUkwRwYDVQQFE0AzMzI5YzViYjhlZGU2NmVmYTNjZDVlYmZkZGY0YTJjNWZh
MDA4YzIyMmJhNjk3NGI3NjJmMWYwYTAzOGI0ODdhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDdkSIxwrQldMZkoMXY/D8z5ztp6Z4h+Ycc9tDW9T3bcZYI
IElyTY/AOw2QKOh5chg1A17bjFD/aR67efAZUQ9kdUWWGZfWlMxa+mMdGtmpa2mz
0E0SmWYXrdGY2wzeYEJ7812DGlIiDNZtUeZD/TgsemLckdmrbiJ7WAEVNWt4TlUN
zU8D+IBQEhDK/ONQ0qtxagFSi514TZpTbbxbTCRA7tdi5v/vVd/CbWQcAYhIpz+T
yY3rGBEHhzKLatzm4l7mKtRtTxaplp1n3cXhNVsbDgFFkzNO1i9/EKV+UrHdKZNB
sLvyX87G+Heai82qurDkUvCzDMpbTPo0Tluuf2iVAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUV/KPpMCUFj9U20xlijM/RiDaJ88wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I3YTAyYjIxLTY0YTctNDYyOS04MTQ5LWE5OGY0N2VkMDlhNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBC3TANBgkqhkiG9w0BAQsFAAOCAQEAj3IUJqlcfdL0GfkgFOG/PGyIz6Vq
OmtY499BOfViXzmXX5XP/9T3v/Yp41x3iCxVO7cRS4OweqsnRib6CGapJ/eFGrbW
stn3Up5eV3oMMxM35fvfnG6xXOVBipeOIAvz4JcgEWh0vZl/zn+La8GKbvwDx3kw
dlkYjHVSx664jv6FNKyVf1HHFaN0Cws4rs1AclA4WcTRWt3Aj0Ch8HJ5LjbtOuqv
fl5LUOt6AgGJma8hQSi0hY6DdDajWRw4ROV9UNiBMR2mOCxIbz5T8cW1wPm7EbCI
ah/GygrLSHLtSsRzSIXWojvYtgDOlfzKxK52o1ofNckMdOhXK4EpTKvLqg==
-----END CERTIFICATE-----
Generated at Wed Aug 6 11:19:41 2025 by rpki-client