Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bfcfe9a0-5cb3-497e-a0bc-f735c12c78a0.roa
File:                     bfcfe9a0-5cb3-497e-a0bc-f735c12c78a0.roa (raw, json)
Hash identifier:          QMaM6q5m8xWB2801I1ZnyOCPlLCTkdaU9mak2Yj5+YY=
Subject key identifier:   EA:37:A0:49:83:82:CC:D1:7F:6F:CD:25:25:8C:78:C6:F4:B7:93:B2
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       08284B9ECCED755CB19251E0DDFA68050986446A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bfcfe9a0-5cb3-497e-a0bc-f735c12c78a0.roa
Signing time:             Sat 07 Jun 2025 00:20:28 +0000
ROA not before:           Sat 07 Jun 2025 00:20:28 +0000
ROA not after:            Sat 12 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        203.110.198.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:28:4b:9e:cc:ed:75:5c:b1:92:51:e0:dd:fa:68:05:09:86:44:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun  7 00:20:28 2025 GMT
            Not After : Jul 12 23:59:59 2025 GMT
        Subject: serialNumber=84ada2292ca9c8d410b72c01296ff40a61d491674d3e2b4d74c9109b1852bacb, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:18:86:a7:3e:7b:d6:7f:d1:4d:20:8d:4b:ac:
                    d4:41:1a:6f:8c:89:a3:ef:45:65:b3:97:ff:e7:7e:
                    6b:78:0e:8f:65:9d:28:3a:40:ed:c9:f9:60:13:bf:
                    5e:5a:2f:0e:c1:ea:05:78:36:65:06:2b:80:bb:30:
                    3e:c9:9e:51:4f:56:1d:e7:6d:d7:d6:91:ab:62:af:
                    3b:3b:ac:c5:a6:0a:ac:62:a2:65:35:0d:bf:c1:38:
                    d0:59:d3:f4:c8:34:73:a7:42:4c:73:5d:1f:c3:35:
                    0c:31:a4:9d:ee:c1:60:d5:1d:9f:98:62:a2:a8:33:
                    bf:a3:11:fa:f5:c4:d2:42:65:21:d8:48:16:83:09:
                    00:02:91:88:f8:38:14:8b:bd:fd:57:d5:6b:40:83:
                    d9:3d:4b:7f:63:b5:30:09:de:70:bd:51:95:88:53:
                    ee:79:c7:ae:46:46:d7:26:9d:c4:46:41:26:af:ab:
                    27:bd:df:94:bd:43:dc:59:a2:86:a9:83:2e:7d:54:
                    ea:ed:31:3a:95:5c:c0:99:e9:49:c8:67:9b:05:30:
                    53:8d:7f:1b:c1:28:91:03:06:d0:c0:0c:9d:fc:8e:
                    e8:d9:68:ba:86:9f:25:b2:e1:a1:9e:bc:b0:ce:44:
                    47:40:10:ce:ca:0a:72:0f:30:f3:fa:2e:f3:45:d6:
                    df:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:37:A0:49:83:82:CC:D1:7F:6F:CD:25:25:8C:78:C6:F4:B7:93:B2
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bfcfe9a0-5cb3-497e-a0bc-f735c12c78a0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.110.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:36:0d:0d:e1:df:8b:99:a1:fc:4d:2b:87:a3:c2:67:aa:34:
         12:98:e5:ba:4a:87:91:30:8e:8b:10:92:3d:75:39:4f:6f:b1:
         4f:93:42:03:1a:70:31:e6:b2:a5:3e:35:48:fc:f8:ec:11:a1:
         c5:19:d3:a5:ba:f2:3a:b7:58:68:1a:20:3e:08:d2:61:d7:d2:
         ca:11:fa:c0:b3:a3:8b:b1:2c:88:f0:12:e1:35:f7:ab:ba:0d:
         d4:dd:76:45:ea:57:93:63:b1:8f:c8:6f:0e:0b:3d:99:14:f4:
         1e:d8:60:65:e2:c5:bf:3c:54:56:1e:82:02:6e:47:2a:93:96:
         45:44:b5:e2:65:a2:a8:56:c5:13:bb:c5:80:63:3e:47:db:64:
         36:fe:f2:7d:1d:55:81:b2:f1:47:37:d2:49:1f:c5:3d:24:0f:
         da:69:a7:09:6b:03:d7:ca:d2:d8:74:92:99:94:d8:45:ea:d2:
         40:d4:31:92:d6:96:bc:8f:89:f8:fc:ef:12:fb:64:ce:7d:39:
         41:2b:33:d6:05:80:dd:6c:5f:81:8d:67:c3:cb:a8:4e:7d:51:
         6c:90:16:fa:9e:3d:43:86:fa:46:ba:4f:8e:2b:9d:80:74:bb:
         fa:da:05:7c:14:de:90:bf:cc:05:f6:af:16:44:92:f4:f2:0c:
         f7:0d:72:50
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCChLnsztdVyxklHg3fpoBQmGRGowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjA3MDAyMDI4WhcNMjUwNzEyMjM1OTU5
WjB6MUkwRwYDVQQFE0A4NGFkYTIyOTJjYTljOGQ0MTBiNzJjMDEyOTZmZjQwYTYx
ZDQ5MTY3NGQzZTJiNGQ3NGM5MTA5YjE4NTJiYWNiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCZGIanPnvWf9FNII1LrNRBGm+MiaPvRWWzl//nfmt4Do9l
nSg6QO3J+WATv15aLw7B6gV4NmUGK4C7MD7JnlFPVh3nbdfWkatirzs7rMWmCqxi
omU1Db/BONBZ0/TINHOnQkxzXR/DNQwxpJ3uwWDVHZ+YYqKoM7+jEfr1xNJCZSHY
SBaDCQACkYj4OBSLvf1X1WtAg9k9S39jtTAJ3nC9UZWIU+55x65GRtcmncRGQSav
qye935S9Q9xZooapgy59VOrtMTqVXMCZ6UnIZ5sFMFONfxvBKJEDBtDADJ38jujZ
aLqGnyWy4aGevLDOREdAEM7KCnIPMPP6LvNF1t/vAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU6jegSYOCzNF/b80lJYx4xvS3k7IwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JmY2ZlOWEwLTVjYjMtNDk3ZS1hMGJjLWY3MzVjMTJjNzhhMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADLbsYwDQYJKoZIhvcNAQELBQADggEBAAc2DQ3h34uZofxNK4ejwmeqNBKY
5bpKh5EwjosQkj11OU9vsU+TQgMacDHmsqU+NUj8+OwRocUZ06W68jq3WGgaID4I
0mHX0soR+sCzo4uxLIjwEuE196u6DdTddkXqV5NjsY/Ibw4LPZkU9B7YYGXixb88
VFYeggJuRyqTlkVEteJloqhWxRO7xYBjPkfbZDb+8n0dVYGy8Uc30kkfxT0kD9pp
pwlrA9fK0th0kpmU2EXq0kDUMZLWlryPifj87xL7ZM59OUErM9YFgN1sX4GNZ8PL
qE59UWyQFvqePUOG+ka6T44rnYB0u/raBXwU3pC/zAX2rxZEkvTyDPcNclA=
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:20:21 2025 by rpki-client