Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ce405dda-d644-4b18-9da6-a7f51dc6cbf2.roa
File:                     ce405dda-d644-4b18-9da6-a7f51dc6cbf2.roa (raw, json)
Hash identifier:          HaiuxGILUaEEaFgi9763qfbER3ymy2VZVsygQEi7JiY=
Subject key identifier:   DD:5A:54:55:8E:DD:9B:28:DB:78:62:1F:C4:48:30:C4:22:D4:1E:AC
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7E6E7801E60B8E1DEB10F043A3EFDFED10AD4F4B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ce405dda-d644-4b18-9da6-a7f51dc6cbf2.roa
Signing time:             Fri 13 Jun 2025 17:40:20 +0000
ROA not before:           Fri 13 Jun 2025 17:40:20 +0000
ROA not after:            Fri 18 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.151.106.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:6e:78:01:e6:0b:8e:1d:eb:10:f0:43:a3:ef:df:ed:10:ad:4f:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 13 17:40:20 2025 GMT
            Not After : Jul 18 23:59:59 2025 GMT
        Subject: serialNumber=43d6270af887075592e9dc57d5f0448526903755f4992f13c3f3259adac331d3, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:be:eb:28:97:5b:ce:f4:89:0c:fd:c7:92:0f:
                    c9:5a:ee:22:f9:fd:24:47:66:d5:78:4f:a9:61:61:
                    d6:39:2d:24:cf:0b:07:dd:e3:93:70:04:25:6f:a4:
                    ee:67:c9:fa:09:09:e4:62:48:04:29:04:89:41:07:
                    f8:2d:61:48:4c:19:75:b1:94:99:f9:a7:2d:ed:2a:
                    08:31:7d:0c:52:f1:74:e9:3d:6f:59:24:5a:80:35:
                    5a:54:17:f6:23:e0:16:f0:07:c5:19:74:70:9e:1b:
                    15:45:7a:71:04:68:a3:e2:cf:28:9a:e9:66:69:6a:
                    78:a7:27:49:93:69:18:71:8c:7a:2c:00:07:12:d0:
                    5c:48:c8:3f:4f:23:f1:5f:5e:e2:20:46:14:b0:7b:
                    de:03:93:dc:60:f5:de:8e:2f:9b:0d:5a:b5:f8:e4:
                    bf:eb:18:34:37:eb:0f:b4:80:fd:f4:59:07:83:1a:
                    75:83:0f:21:54:08:18:76:82:9b:8e:cc:3c:e5:df:
                    7a:df:27:0c:1d:65:80:3c:17:bc:4f:7a:d6:29:48:
                    14:b6:5e:3d:04:87:7f:0b:9d:e1:22:52:1c:3e:88:
                    47:3e:63:ba:dc:f3:d4:8c:b5:26:ef:f6:4d:7b:20:
                    6f:0f:81:10:e8:25:25:f2:2a:c8:c7:8d:0b:7a:7b:
                    c4:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:5A:54:55:8E:DD:9B:28:DB:78:62:1F:C4:48:30:C4:22:D4:1E:AC
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ce405dda-d644-4b18-9da6-a7f51dc6cbf2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.151.106.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:09:05:99:c5:b7:c0:7e:af:50:18:d3:09:c2:13:e5:e6:e8:
         fe:21:43:71:75:02:e8:fb:db:59:12:c2:71:1c:71:a5:17:62:
         47:07:17:c2:63:23:ae:8e:63:43:62:e1:13:34:3c:4b:26:c3:
         b2:31:2c:08:53:e1:cd:a8:ab:02:bc:ae:3b:ff:a0:17:1a:07:
         43:a9:75:99:3f:6e:cf:91:e5:e9:ca:b0:c9:a9:1d:f8:5c:7e:
         85:6f:e5:85:cd:dd:8b:d0:30:19:96:3d:33:84:c3:8c:e8:d6:
         2e:60:20:be:dd:b6:41:42:c3:6c:f7:da:a3:b3:2d:b0:96:c7:
         04:3e:06:b1:c2:76:a9:da:8c:23:35:c7:21:94:02:01:3d:6d:
         ca:3c:10:75:78:50:69:3c:20:80:fa:68:86:af:c7:05:21:c7:
         46:97:41:5d:ec:2d:86:bf:5d:36:1d:ee:01:47:08:f5:ba:33:
         5e:b2:61:63:16:45:af:23:36:5d:ff:31:87:f6:3a:85:8d:de:
         05:21:de:10:b1:1e:00:90:83:1f:bb:33:ab:3c:ed:c7:02:48:
         a7:54:9d:7c:91:e2:39:05:44:80:1c:3c:c3:85:c5:34:c8:75:
         01:70:76:63:f7:a6:f5:c6:38:2a:27:1d:49:ce:54:02:ce:88:
         31:48:a5:e5
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfm54AeYLjh3rEPBDo+/f7RCtT0swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjEzMTc0MDIwWhcNMjUwNzE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A0M2Q2MjcwYWY4ODcwNzU1OTJlOWRjNTdkNWYwNDQ4NTI2
OTAzNzU1ZjQ5OTJmMTNjM2YzMjU5YWRhYzMzMWQzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCsvusol1vO9IkM/ceSD8la7iL5/SRHZtV4T6lhYdY5LSTP
Cwfd45NwBCVvpO5nyfoJCeRiSAQpBIlBB/gtYUhMGXWxlJn5py3tKggxfQxS8XTp
PW9ZJFqANVpUF/Yj4BbwB8UZdHCeGxVFenEEaKPizyia6WZpaninJ0mTaRhxjHos
AAcS0FxIyD9PI/FfXuIgRhSwe94Dk9xg9d6OL5sNWrX45L/rGDQ36w+0gP30WQeD
GnWDDyFUCBh2gpuOzDzl33rfJwwdZYA8F7xPetYpSBS2Xj0Eh38LneEiUhw+iEc+
Y7rc89SMtSbv9k17IG8PgRDoJSXyKsjHjQt6e8TxAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU3VpUVY7dmyjbeGIfxEgwxCLUHqwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NlNDA1ZGRhLWQ2NDQtNGIxOC05ZGE2LWE3ZjUxZGM2Y2JmMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjl2owDQYJKoZIhvcNAQELBQADggEBAGcJBZnFt8B+r1AY0wnCE+Xm6P4h
Q3F1Auj721kSwnEccaUXYkcHF8JjI66OY0Ni4RM0PEsmw7IxLAhT4c2oqwK8rjv/
oBcaB0OpdZk/bs+R5enKsMmpHfhcfoVv5YXN3YvQMBmWPTOEw4zo1i5gIL7dtkFC
w2z32qOzLbCWxwQ+BrHCdqnajCM1xyGUAgE9bco8EHV4UGk8IID6aIavxwUhx0aX
QV3sLYa/XTYd7gFHCPW6M16yYWMWRa8jNl3/MYf2OoWN3gUh3hCxHgCQgx+7M6s8
7ccCSKdUnXyR4jkFRIAcPMOFxTTIdQFwdmP3pvXGOConHUnOVALOiDFIpeU=
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:40:30 2025 by rpki-client