Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c82f6061-7db7-45ee-988a-56a3a004d938.roa
File:                     c82f6061-7db7-45ee-988a-56a3a004d938.roa (raw, json)
Hash identifier:          8wlt2MZr6HrgL9ND8v8YOFKlRiy4IJ1Fvox5UpRczmY=
Subject key identifier:   EE:AB:C6:7C:D0:16:D5:7D:8C:8E:14:DA:88:75:58:1A:BB:AF:0D:12
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       12B8DCAFAD3CD027E8594B629702788B190175E1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c82f6061-7db7-45ee-988a-56a3a004d938.roa
Signing time:             Wed 23 Jul 2025 00:22:20 +0000
ROA not before:           Wed 23 Jul 2025 00:22:20 +0000
ROA not after:            Wed 27 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        184.73.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 08 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:b8:dc:af:ad:3c:d0:27:e8:59:4b:62:97:02:78:8b:19:01:75:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 23 00:22:20 2025 GMT
            Not After : Aug 27 23:59:59 2025 GMT
        Subject: serialNumber=1bafa817da82f256e64441d84663ace2463b81374e11d585d7450e7e036b7185, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:1a:61:13:1d:db:a3:34:cf:7c:7f:f5:63:8c:
                    c4:fe:a6:c0:11:1b:56:b7:2c:98:68:c2:ee:fa:72:
                    d6:c4:77:29:66:ae:36:c4:ab:0e:f6:4f:1c:3a:ec:
                    9f:1d:43:00:ad:47:95:34:bd:fe:ce:e1:a5:31:36:
                    07:06:e4:31:31:d8:50:bc:ed:17:66:7f:8c:a7:a5:
                    7c:b4:b7:e4:e9:7a:ce:62:5c:8d:7b:b7:98:e8:e8:
                    74:24:f7:1d:d0:7b:05:43:4f:05:26:f7:dc:d3:8d:
                    66:dc:d4:55:88:90:75:21:50:f4:fa:ae:fc:aa:88:
                    f0:7b:3a:ce:f9:ae:a6:3f:39:34:5e:04:7b:e0:92:
                    a0:e9:55:49:e1:7b:e7:b6:84:2b:86:84:3d:5d:45:
                    47:84:9c:64:32:95:a1:53:d0:c4:22:6d:59:ab:b2:
                    1e:5c:ad:ad:66:d4:54:21:85:a0:79:07:fb:a8:cb:
                    09:ad:cc:a2:50:0b:01:6b:fb:9b:4d:5b:d4:1f:5d:
                    67:1a:97:e9:ed:21:dc:3c:ce:51:6c:27:da:6c:59:
                    19:9a:74:4b:39:67:a8:a0:8f:aa:5d:97:cc:e8:3e:
                    a5:55:df:1d:35:77:c0:af:aa:b9:9f:d9:4f:6b:e0:
                    2d:bb:36:ec:b2:e9:5d:f4:9f:25:60:da:0f:bb:89:
                    ae:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:AB:C6:7C:D0:16:D5:7D:8C:8E:14:DA:88:75:58:1A:BB:AF:0D:12
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c82f6061-7db7-45ee-988a-56a3a004d938.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  184.73.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         21:bf:e3:c0:e9:3a:3b:97:ec:92:d6:56:a8:36:2b:3f:5d:5b:
         3e:66:17:fd:c2:2e:81:f3:f9:cf:c9:6f:57:b8:30:ba:1d:b7:
         31:d1:0b:4f:bc:f5:df:3f:73:e8:20:bc:b7:33:67:05:d2:de:
         38:23:fa:58:0c:74:fc:65:1f:c0:a3:ab:33:23:c9:76:fd:7b:
         b3:02:e4:74:65:94:54:dd:f0:ff:6a:00:5a:22:cf:0b:71:74:
         f9:36:63:05:42:08:b8:db:dd:7d:7d:33:ed:c3:ba:e6:26:5b:
         73:8c:1e:e7:cb:4e:06:7d:03:79:18:7b:43:d4:b4:31:fc:db:
         00:15:36:a2:1d:6f:0c:e3:ff:5a:b1:27:c9:83:02:9d:22:91:
         e8:9b:52:16:39:ce:66:7e:98:4f:05:eb:4f:be:ad:1b:28:57:
         8b:de:96:8d:09:ed:0b:7d:88:33:90:86:b2:ae:6f:c8:05:6b:
         51:0c:8e:b5:ef:61:59:f2:fb:32:96:34:d6:12:2c:93:5e:ef:
         08:af:9b:d6:a5:e9:6c:2b:a5:01:ea:66:60:2f:de:8e:23:96:
         c9:3d:58:f7:71:12:f7:ca:f8:72:a9:de:34:99:3f:bf:7d:78:
         80:bd:1f:5b:9d:44:93:a9:c8:05:2a:11:b8:8b:78:0c:c5:d8:
         06:be:1e:77
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUErjcr6080CfoWUtilwJ4ixkBdeEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzIzMDAyMjIwWhcNMjUwODI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AxYmFmYTgxN2RhODJmMjU2ZTY0NDQxZDg0NjYzYWNlMjQ2
M2I4MTM3NGUxMWQ1ODVkNzQ1MGU3ZTAzNmI3MTg1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCbGmETHdujNM98f/VjjMT+psARG1a3LJhowu76ctbEdylm
rjbEqw72Txw67J8dQwCtR5U0vf7O4aUxNgcG5DEx2FC87Rdmf4ynpXy0t+Tpes5i
XI17t5jo6HQk9x3QewVDTwUm99zTjWbc1FWIkHUhUPT6rvyqiPB7Os75rqY/OTRe
BHvgkqDpVUnhe+e2hCuGhD1dRUeEnGQylaFT0MQibVmrsh5cra1m1FQhhaB5B/uo
ywmtzKJQCwFr+5tNW9QfXWcal+ntIdw8zlFsJ9psWRmadEs5Z6igj6pdl8zoPqVV
3x01d8Cvqrmf2U9r4C27Nuyy6V30nyVg2g+7ia4xAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU7qvGfNAW1X2MjhTaiHVYGruvDRIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M4MmY2MDYxLTdkYjctNDVlZS05ODhhLTU2YTNhMDA0ZDkzOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwC4STANBgkqhkiG9w0BAQsFAAOCAQEAIb/jwOk6O5fsktZWqDYrP11bPmYX
/cIugfP5z8lvV7gwuh23MdELT7z13z9z6CC8tzNnBdLeOCP6WAx0/GUfwKOrMyPJ
dv17swLkdGWUVN3w/2oAWiLPC3F0+TZjBUIIuNvdfX0z7cO65iZbc4we58tOBn0D
eRh7Q9S0MfzbABU2oh1vDOP/WrEnyYMCnSKR6JtSFjnOZn6YTwXrT76tGyhXi96W
jQntC32IM5CGsq5vyAVrUQyOte9hWfL7MpY01hIsk17vCK+b1qXpbCulAepmYC/e
jiOWyT1Y93ES98r4cqneNJk/v314gL0fW51Ek6nIBSoRuIt4DMXYBr4edw==
-----END CERTIFICATE-----
Generated at Thu Aug 7 04:28:38 2025 by rpki-client