Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d33539b3-75f5-4d3f-b4c6-fc82d221db42.roa
File:                     d33539b3-75f5-4d3f-b4c6-fc82d221db42.roa (raw, json)
Hash identifier:          s3A4U7wME4T9EOMsFhWw0kRUvPKuzYyieiyJm9cC/FI=
Subject key identifier:   A6:14:AE:88:C2:CF:F3:75:5C:0B:9A:E6:C4:0C:F3:0E:E5:AE:7D:04
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       641C70BA65E25D5ED7D93BFBF477CA9825BF3AE6
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d33539b3-75f5-4d3f-b4c6-fc82d221db42.roa
Signing time:             Tue 22 Jul 2025 00:10:26 +0000
ROA not before:           Tue 22 Jul 2025 00:10:26 +0000
ROA not after:            Tue 26 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.162.88.0/21 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            64:1c:70:ba:65:e2:5d:5e:d7:d9:3b:fb:f4:77:ca:98:25:bf:3a:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 22 00:10:26 2025 GMT
            Not After : Aug 26 23:59:59 2025 GMT
        Subject: serialNumber=b8dfc6aa9e98e611191751a508ade2445da8557f7d2ddb7fffbfb6cf25aa2e20, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:d2:cc:5b:cd:f5:a8:cf:61:2e:5f:b7:8e:b1:
                    c2:f0:80:77:2b:60:a9:3b:a0:d1:d1:b8:ea:90:27:
                    56:53:26:6c:4c:bc:4d:17:74:45:fc:0c:ca:f5:87:
                    02:4c:5a:6c:39:d2:fc:8b:f4:cd:86:43:68:46:a9:
                    4e:70:b1:fc:a4:30:18:f4:9b:5d:28:bf:89:9e:bb:
                    ab:a0:4a:fe:5e:41:23:da:2d:44:e6:8b:00:b1:1a:
                    fc:c8:0e:6d:87:b3:2d:06:0c:f0:23:22:5f:81:6f:
                    6f:e2:17:78:80:1c:d9:20:c9:a9:5e:c4:9a:a0:e1:
                    ec:04:61:3e:20:0c:69:26:62:6f:92:0b:e5:29:50:
                    c2:69:d6:f7:da:4c:9c:47:6e:5d:96:5e:2b:c0:f9:
                    10:42:34:17:a5:62:b4:9d:9d:de:30:2c:de:cd:60:
                    24:9b:fd:7d:53:0c:41:5b:0e:83:d5:16:90:2d:bc:
                    f6:39:6c:4c:e8:6a:ff:00:e7:08:69:28:46:bb:b9:
                    b1:d4:f9:7e:d6:6a:27:6f:25:64:13:66:e0:9f:c7:
                    6d:0a:6f:a9:9c:1b:a5:77:bb:03:91:44:9a:64:34:
                    94:17:10:ce:1d:8b:48:d6:e9:bf:17:0a:42:da:5d:
                    83:17:c6:12:62:18:b9:fc:29:42:09:85:47:45:42:
                    53:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:14:AE:88:C2:CF:F3:75:5C:0B:9A:E6:C4:0C:F3:0E:E5:AE:7D:04
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d33539b3-75f5-4d3f-b4c6-fc82d221db42.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.162.88.0/21

    Signature Algorithm: sha256WithRSAEncryption
         ae:0b:94:b9:c3:64:31:af:e7:11:7c:21:bb:ec:f7:34:db:cb:
         73:fb:76:24:be:b1:38:ab:5a:58:90:83:53:88:0f:bd:ef:01:
         78:bc:26:47:0f:5d:cc:6f:cf:2b:26:90:83:33:14:ae:e4:b2:
         a5:b1:48:b5:03:a3:02:44:e4:34:e0:3c:7e:e6:35:59:38:45:
         5f:26:f7:1f:0c:4c:ad:74:9d:c7:ee:91:93:52:43:5c:c5:d7:
         0f:b4:06:47:dd:f9:81:68:9b:e3:67:e2:b8:a7:f9:af:43:cd:
         9c:f2:5f:4e:6b:3f:39:3d:ff:0a:22:5b:bc:f4:d4:69:83:f1:
         9f:30:b6:7d:bd:28:db:a7:8f:f8:66:ea:f4:a9:65:72:f5:b1:
         73:ff:62:20:b9:08:c1:30:ca:0d:69:32:50:ed:92:2b:d5:b1:
         a1:4a:56:dd:3c:c2:1f:ce:fa:cd:5c:65:80:37:ab:9b:fd:04:
         7d:ff:a9:ed:be:45:43:86:33:98:29:45:dd:3d:5c:f4:56:08:
         84:6b:89:aa:16:8e:7a:8d:26:09:5c:1f:89:0f:37:f5:96:a4:
         21:25:fd:d0:bc:79:18:12:5e:d5:69:f5:a0:17:f8:51:bd:b1:
         88:e3:35:5e:60:26:ea:7f:bc:dd:60:54:04:08:72:a8:0c:f5:
         7b:1c:3b:f5
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUZBxwumXiXV7X2Tv79HfKmCW/OuYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzIyMDAxMDI2WhcNMjUwODI2MjM1OTU5
WjB6MUkwRwYDVQQFE0BiOGRmYzZhYTllOThlNjExMTkxNzUxYTUwOGFkZTI0NDVk
YTg1NTdmN2QyZGRiN2ZmZmJmYjZjZjI1YWEyZTIwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCb0sxbzfWoz2EuX7eOscLwgHcrYKk7oNHRuOqQJ1ZTJmxM
vE0XdEX8DMr1hwJMWmw50vyL9M2GQ2hGqU5wsfykMBj0m10ov4meu6ugSv5eQSPa
LUTmiwCxGvzIDm2Hsy0GDPAjIl+Bb2/iF3iAHNkgyalexJqg4ewEYT4gDGkmYm+S
C+UpUMJp1vfaTJxHbl2WXivA+RBCNBelYrSdnd4wLN7NYCSb/X1TDEFbDoPVFpAt
vPY5bEzoav8A5whpKEa7ubHU+X7WaidvJWQTZuCfx20Kb6mcG6V3uwORRJpkNJQX
EM4di0jW6b8XCkLaXYMXxhJiGLn8KUIJhUdFQlNHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUphSuiMLP83VcC5rmxAzzDuWufQQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2QzMzUzOWIzLTc1ZjUtNGQzZi1iNGM2LWZjODJkMjIxZGI0Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMNolgwDQYJKoZIhvcNAQELBQADggEBAK4LlLnDZDGv5xF8Ibvs9zTby3P7
diS+sTirWliQg1OID73vAXi8JkcPXcxvzysmkIMzFK7ksqWxSLUDowJE5DTgPH7m
NVk4RV8m9x8MTK10ncfukZNSQ1zF1w+0Bkfd+YFom+Nn4rin+a9DzZzyX05rPzk9
/woiW7z01GmD8Z8wtn29KNunj/hm6vSpZXL1sXP/YiC5CMEwyg1pMlDtkivVsaFK
Vt08wh/O+s1cZYA3q5v9BH3/qe2+RUOGM5gpRd09XPRWCIRriaoWjnqNJglcH4kP
N/WWpCEl/dC8eRgSXtVp9aAX+FG9sYjjNV5gJup/vN1gVAQIcqgM9XscO/U=
-----END CERTIFICATE-----
Generated at Wed Aug 6 10:11:04 2025 by rpki-client