Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b9aa3453-9174-4296-bb91-a7a12b37376d.roa
File:                     b9aa3453-9174-4296-bb91-a7a12b37376d.roa (raw, json)
Hash identifier:          goBiLvB8meEaOY4HrFplGciJj1a74IduVUbSKrljzKo=
Subject key identifier:   E9:6E:B2:D9:1B:CD:B8:89:35:00:E4:7C:C0:20:A5:61:B4:19:3B:3C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0E9A9DD83153284F30816354A715EF9F8E4D9BD3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b9aa3453-9174-4296-bb91-a7a12b37376d.roa
Signing time:             Mon 28 Jul 2025 15:41:41 +0000
ROA not before:           Mon 28 Jul 2025 15:41:41 +0000
ROA not after:            Mon 01 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        216.87.4.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:9a:9d:d8:31:53:28:4f:30:81:63:54:a7:15:ef:9f:8e:4d:9b:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 28 15:41:41 2025 GMT
            Not After : Sep  1 23:59:59 2025 GMT
        Subject: serialNumber=7a2a580bdb7d80b0ef60d61cace76672faa58af995236cd27e6ba49eb7fc90e2, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:fc:e7:09:f8:4a:53:14:5a:44:8f:b8:6a:bc:
                    7d:47:11:41:7c:40:47:94:51:ad:fa:55:8b:3e:67:
                    8b:fd:37:c3:bb:90:af:11:6d:bf:06:aa:a0:de:95:
                    ca:e9:9f:92:19:cd:5e:62:35:4e:c3:74:d9:f7:5d:
                    f7:bf:3b:ba:13:ce:10:4b:44:d5:a2:17:c0:14:f8:
                    2b:05:a9:f8:50:0e:59:1c:5c:05:97:92:df:72:6e:
                    e3:2a:a2:34:5a:d7:21:be:df:26:e6:39:d9:40:25:
                    76:cd:07:4b:17:05:ba:41:06:de:b2:15:4a:0f:5e:
                    3a:c1:81:be:ac:eb:bf:9f:14:8f:0e:6b:00:3c:96:
                    8d:1c:50:16:c9:de:40:de:8c:65:2b:04:32:7c:b1:
                    12:57:4b:fe:87:fd:b2:c9:be:1e:33:5f:23:38:f7:
                    6f:0e:c7:46:b8:20:3a:2a:81:3b:93:a1:7a:2d:44:
                    6a:8d:63:34:0c:aa:d0:be:ed:c7:72:af:c3:61:11:
                    cb:8f:b3:e7:89:77:93:38:da:5b:28:47:08:73:8e:
                    eb:a6:18:38:c6:d1:38:44:c6:dd:85:61:69:d2:11:
                    36:ac:a0:8b:0a:69:e6:27:1d:55:19:45:19:99:0a:
                    a0:9c:2a:e0:65:8c:75:c6:bc:55:0c:c5:ff:27:6e:
                    b9:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:6E:B2:D9:1B:CD:B8:89:35:00:E4:7C:C0:20:A5:61:B4:19:3B:3C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b9aa3453-9174-4296-bb91-a7a12b37376d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.87.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b0:9a:3d:1c:03:0e:6f:47:04:f7:66:80:7e:ed:99:09:3c:45:
         ac:42:53:4c:3b:ea:a8:50:99:0d:9c:97:0d:be:ce:8b:7a:41:
         b1:a1:05:e3:4b:ea:a0:2b:ad:33:b3:60:9b:a1:1a:fd:93:e1:
         3c:79:74:b4:2d:5a:b0:1c:01:f0:66:22:c0:63:51:72:5a:27:
         b9:26:c9:be:13:8a:e5:04:21:67:18:2a:09:cf:de:e5:df:63:
         06:61:ba:c2:6b:50:b3:07:a8:a1:0f:2d:86:35:9d:09:db:8b:
         e9:23:f7:11:b2:34:47:bf:f1:dd:2e:77:53:0a:d3:75:2a:b7:
         5d:25:d9:4e:0e:db:12:50:02:77:d8:00:d0:e9:ca:ef:19:ab:
         35:01:66:8b:db:95:96:72:a2:ce:a1:d1:d9:b8:81:7f:57:a9:
         2d:c8:f5:3c:d2:2e:e4:db:d0:e8:1e:de:f6:59:86:b3:28:99:
         a2:54:e7:f4:e0:fa:20:a1:b5:bf:0a:41:c5:c6:93:9f:13:b8:
         b1:f8:3e:1b:67:89:44:ad:14:47:03:79:6a:97:af:37:f2:d4:
         6d:0d:8f:93:0d:89:c6:fc:10:1f:4c:c7:2b:e0:1e:c1:99:8c:
         df:b9:05:26:e5:3f:63:4e:18:c8:2f:11:44:a7:59:a4:64:95:
         31:3a:c1:b1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDpqd2DFTKE8wgWNUpxXvn45Nm9MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzI4MTU0MTQxWhcNMjUwOTAxMjM1OTU5
WjB6MUkwRwYDVQQFE0A3YTJhNTgwYmRiN2Q4MGIwZWY2MGQ2MWNhY2U3NjY3MmZh
YTU4YWY5OTUyMzZjZDI3ZTZiYTQ5ZWI3ZmM5MGUyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCh/OcJ+EpTFFpEj7hqvH1HEUF8QEeUUa36VYs+Z4v9N8O7
kK8Rbb8GqqDelcrpn5IZzV5iNU7DdNn3Xfe/O7oTzhBLRNWiF8AU+CsFqfhQDlkc
XAWXkt9ybuMqojRa1yG+3ybmOdlAJXbNB0sXBbpBBt6yFUoPXjrBgb6s67+fFI8O
awA8lo0cUBbJ3kDejGUrBDJ8sRJXS/6H/bLJvh4zXyM4928Ox0a4IDoqgTuToXot
RGqNYzQMqtC+7cdyr8NhEcuPs+eJd5M42lsoRwhzjuumGDjG0ThExt2FYWnSETas
oIsKaeYnHVUZRRmZCqCcKuBljHXGvFUMxf8nbrnxAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU6W6y2RvNuIk1AOR8wCClYbQZOzwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I5YWEzNDUzLTkxNzQtNDI5Ni1iYjkxLWE3YTEyYjM3Mzc2ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBALYVwQwDQYJKoZIhvcNAQELBQADggEBALCaPRwDDm9HBPdmgH7tmQk8RaxC
U0w76qhQmQ2clw2+zot6QbGhBeNL6qArrTOzYJuhGv2T4Tx5dLQtWrAcAfBmIsBj
UXJaJ7kmyb4TiuUEIWcYKgnP3uXfYwZhusJrULMHqKEPLYY1nQnbi+kj9xGyNEe/
8d0ud1MK03Uqt10l2U4O2xJQAnfYANDpyu8ZqzUBZovblZZyos6h0dm4gX9XqS3I
9TzSLuTb0Oge3vZZhrMomaJU5/Tg+iChtb8KQcXGk58TuLH4PhtniUStFEcDeWqX
rzfy1G0Nj5MNicb8EB9MxyvgHsGZjN+5BSblP2NOGMgvEUSnWaRklTE6wbE=
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:04:58 2025 by rpki-client