Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ba899484-5882-499b-8b7f-4bcbdb569b44.roa
File:                     ba899484-5882-499b-8b7f-4bcbdb569b44.roa (raw, json)
Hash identifier:          zoW+JV0Z3/n0TUAENPd1dDm9S+IJViz5+ZtvtqyuHMc=
Subject key identifier:   16:5F:39:56:BD:97:92:63:06:48:4D:F4:C9:70:CD:2E:D3:24:7D:35
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       706DD966F566094203F654DB71F40D9E13150D0E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ba899484-5882-499b-8b7f-4bcbdb569b44.roa
Signing time:             Wed 06 Aug 2025 00:31:37 +0000
ROA not before:           Wed 06 Aug 2025 00:31:37 +0000
ROA not after:            Wed 10 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        45.57.128.0/17 maxlen: 17
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:6d:d9:66:f5:66:09:42:03:f6:54:db:71:f4:0d:9e:13:15:0d:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  6 00:31:37 2025 GMT
            Not After : Sep 10 23:59:59 2025 GMT
        Subject: serialNumber=e3be1360e7b9fa9452994585ce70fc972fcf51d5ad3c2e65a3a787e1a4b28171, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:22:f2:26:0e:34:8c:b0:36:72:2d:dc:3d:12:
                    54:45:85:ba:0b:bc:c0:78:5d:25:4f:35:1c:17:a5:
                    f7:da:b7:65:50:b2:28:60:03:89:10:de:e0:7f:8a:
                    4d:f1:4d:4f:fe:34:7f:68:06:70:80:90:cc:b1:92:
                    3f:fe:b1:77:68:59:8f:ca:b2:0b:23:4f:5b:6d:25:
                    69:18:87:6c:5f:6a:13:fb:8d:72:91:84:67:7c:51:
                    7f:f3:de:4a:f3:cf:c7:59:7c:83:0a:bb:e6:09:cd:
                    05:c4:a0:6a:e4:c4:fe:f6:ef:bc:5f:af:6e:dc:3c:
                    5e:8f:0d:d6:4f:89:f1:d2:06:17:7f:64:80:42:5f:
                    39:d1:80:69:85:f6:19:f2:35:d4:62:41:31:28:72:
                    da:85:a1:d5:53:93:6c:ae:55:c9:db:df:d9:7a:1c:
                    d3:59:31:2b:d8:86:c9:b0:92:3e:9e:8e:71:44:cc:
                    4c:bd:6e:f7:08:bb:4b:cd:b8:c9:8c:73:e9:06:83:
                    cd:49:8f:ba:1d:c3:f1:4c:d9:d8:3b:29:dc:d1:ea:
                    01:07:a6:90:c9:33:8d:bd:3c:63:ad:bc:81:15:dc:
                    e2:25:3f:82:02:48:74:d0:80:37:7e:0e:6c:66:be:
                    e5:8e:55:05:1a:97:a6:51:89:8a:85:e1:08:04:f1:
                    ff:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:5F:39:56:BD:97:92:63:06:48:4D:F4:C9:70:CD:2E:D3:24:7D:35
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ba899484-5882-499b-8b7f-4bcbdb569b44.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.57.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         75:f3:f0:2a:9d:5e:8e:a9:1c:36:be:6e:56:5b:66:e1:de:f8:
         cf:51:24:cc:42:19:7b:c3:7c:63:7a:2f:95:e1:fa:fa:53:36:
         43:97:85:c5:63:81:e8:d2:a0:11:22:f1:a3:b0:08:8e:99:4d:
         07:e4:e1:d4:f8:b2:cb:5f:87:07:02:a1:0b:0c:10:cb:6c:0f:
         c4:c3:fc:b2:31:93:34:3a:c2:86:11:c8:57:d8:fc:45:05:a0:
         b8:81:a3:0c:3b:b8:a2:2e:13:56:ed:e0:70:74:65:21:3a:25:
         c7:05:3a:1c:03:36:a2:75:7c:c3:ea:fe:05:b2:b8:33:86:d9:
         ae:55:f8:69:b2:3d:68:50:2a:e1:2e:28:d1:66:a8:1a:8b:c1:
         26:99:77:ac:c2:91:46:3c:62:d7:4f:7a:05:57:ba:fc:5d:ca:
         19:a0:ba:dd:d3:11:76:63:ea:d4:15:3a:8e:1e:b7:47:5a:9f:
         c1:1a:0b:a3:77:42:a9:13:e8:dd:67:0c:7e:77:19:3f:f1:24:
         ee:0c:dc:a6:0d:38:f2:2e:da:0e:1c:ab:e6:cc:7a:59:c8:4e:
         96:42:a6:b0:e6:76:42:9d:8d:94:0e:79:70:fc:af:7f:53:b1:
         63:3d:5c:91:96:26:9e:09:f3:86:29:30:21:d9:97:9e:d3:f7:
         4d:f7:c8:36
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcG3ZZvVmCUID9lTbcfQNnhMVDQ4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA2MDAzMTM3WhcNMjUwOTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BlM2JlMTM2MGU3YjlmYTk0NTI5OTQ1ODVjZTcwZmM5NzJm
Y2Y1MWQ1YWQzYzJlNjVhM2E3ODdlMWE0YjI4MTcxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCfIvImDjSMsDZyLdw9ElRFhboLvMB4XSVPNRwXpffat2VQ
sihgA4kQ3uB/ik3xTU/+NH9oBnCAkMyxkj/+sXdoWY/KsgsjT1ttJWkYh2xfahP7
jXKRhGd8UX/z3krzz8dZfIMKu+YJzQXEoGrkxP7277xfr27cPF6PDdZPifHSBhd/
ZIBCXznRgGmF9hnyNdRiQTEoctqFodVTk2yuVcnb39l6HNNZMSvYhsmwkj6ejnFE
zEy9bvcIu0vNuMmMc+kGg81Jj7odw/FM2dg7KdzR6gEHppDJM429PGOtvIEV3OIl
P4ICSHTQgDd+DmxmvuWOVQUal6ZRiYqF4QgE8f9fAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUFl85Vr2XkmMGSE30yXDNLtMkfTUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JhODk5NDg0LTU4ODItNDk5Yi04YjdmLTRiY2JkYjU2OWI0NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBActOYAwDQYJKoZIhvcNAQELBQADggEBAHXz8CqdXo6pHDa+blZbZuHe+M9R
JMxCGXvDfGN6L5Xh+vpTNkOXhcVjgejSoBEi8aOwCI6ZTQfk4dT4sstfhwcCoQsM
EMtsD8TD/LIxkzQ6woYRyFfY/EUFoLiBoww7uKIuE1bt4HB0ZSE6JccFOhwDNqJ1
fMPq/gWyuDOG2a5V+GmyPWhQKuEuKNFmqBqLwSaZd6zCkUY8YtdPegVXuvxdyhmg
ut3TEXZj6tQVOo4et0dan8EaC6N3QqkT6N1nDH53GT/xJO4M3KYNOPIu2g4cq+bM
elnITpZCprDmdkKdjZQOeXD8r39TsWM9XJGWJp4J84YpMCHZl57T9033yDY=
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:42:35 2025 by rpki-client