Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e2fd9155-8aca-4f0e-b0d4-1ac47bb17b2f.roa
File:                     e2fd9155-8aca-4f0e-b0d4-1ac47bb17b2f.roa (raw, json)
Hash identifier:          O4tI9oXUcJbHwdAm4hq6PPuceaEJY9FtuCBLxV6yOp8=
Subject key identifier:   43:55:F1:34:03:02:D5:F8:31:AF:46:42:B9:18:7A:5A:8F:E1:E1:01
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6EA4E195C8B8A74690405CE0C8B42BEF248169EC
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e2fd9155-8aca-4f0e-b0d4-1ac47bb17b2f.roa
Signing time:             Wed 06 Aug 2025 00:20:15 +0000
ROA not before:           Wed 06 Aug 2025 00:20:15 +0000
ROA not after:            Wed 10 Sep 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        23.228.192.0/18 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:a4:e1:95:c8:b8:a7:46:90:40:5c:e0:c8:b4:2b:ef:24:81:69:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  6 00:20:15 2025 GMT
            Not After : Sep 10 23:59:59 2025 GMT
        Subject: serialNumber=c6330b3bc282a172d01a84af768e1331b946858fdc26af08f84ed87179a4ad60, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:7c:a5:62:48:ef:2f:fe:15:78:1a:f6:68:94:
                    8f:82:26:05:c1:98:71:78:a8:c7:3e:56:15:04:8f:
                    96:4d:8f:bc:c6:19:3f:c3:cf:10:c1:7a:dc:8e:16:
                    ec:88:12:ec:70:84:91:3a:85:e6:a9:c6:23:3c:90:
                    bf:3a:0d:c2:4f:63:fc:18:3a:54:e5:15:80:39:b1:
                    0c:bc:b9:e8:6b:1b:93:95:bb:f8:13:4e:42:f4:65:
                    0d:ee:42:e3:1a:44:57:7f:a7:09:43:20:92:00:df:
                    a7:53:af:a9:61:4a:83:c8:9f:4a:07:b7:57:2b:5b:
                    24:e9:10:a2:fa:e3:e4:c5:05:96:56:eb:3b:08:96:
                    ab:63:09:91:2e:34:c6:87:2b:34:99:98:da:64:02:
                    a8:e0:03:ae:ac:8f:17:d5:3e:69:5a:1e:3b:97:2e:
                    c2:2c:5f:f8:59:d5:73:11:0d:bc:fe:53:49:fd:13:
                    6a:c8:41:97:08:7b:5d:72:4c:57:e1:75:6f:f1:31:
                    ec:db:7f:59:0b:28:4c:fe:23:ed:6d:dd:22:bf:5e:
                    42:90:8d:1d:d7:17:b7:14:5c:73:68:df:f7:f7:fc:
                    ac:8c:c8:28:f2:57:28:63:94:65:a6:7f:3b:e7:db:
                    19:82:69:ab:a6:2d:7c:d6:b5:00:1e:67:7e:4d:b4:
                    e5:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:55:F1:34:03:02:D5:F8:31:AF:46:42:B9:18:7A:5A:8F:E1:E1:01
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e2fd9155-8aca-4f0e-b0d4-1ac47bb17b2f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.228.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         d1:fa:f4:4d:30:3d:48:ef:f0:a8:05:e4:1d:d9:74:0f:46:65:
         d3:81:2f:1b:66:bb:b0:a6:af:07:93:bf:4a:34:fd:d5:97:ce:
         fe:74:eb:18:7d:ea:32:60:6f:8d:53:0f:45:58:13:a2:46:b0:
         1d:40:d4:cd:c9:9b:94:c7:6d:50:e1:9a:c0:b2:93:ae:f8:01:
         1e:00:42:34:3c:ce:e7:10:1b:60:c3:66:ac:c9:06:ac:6f:a5:
         63:96:b3:73:85:6f:94:21:a6:da:93:7c:d3:cd:01:0a:65:d4:
         aa:93:a7:30:ce:c3:50:77:b5:85:47:3d:5a:7f:c9:f6:64:9a:
         a0:83:5d:d6:b0:22:60:03:45:ed:fa:b4:79:d4:3f:0e:60:8f:
         c5:45:ca:d9:50:bb:5a:b6:13:a4:47:c4:b2:fb:01:16:f8:dd:
         59:ab:89:16:c4:80:e5:b6:0d:af:8c:f9:2d:f3:e3:48:b3:77:
         e1:41:2d:0d:be:50:47:10:3c:4b:ac:a7:69:c3:6a:ed:76:a0:
         95:12:87:85:1d:a9:09:b0:30:25:7e:b3:ed:66:05:73:48:74:
         dc:eb:9a:35:59:45:62:bb:e3:66:76:76:72:b9:69:f2:48:9a:
         6d:4d:95:42:da:87:bd:94:1b:00:db:f1:fa:85:2b:bc:d9:b0:
         74:93:fc:c1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbqThlci4p0aQQFzgyLQr7ySBaewwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA2MDAyMDE1WhcNMjUwOTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BjNjMzMGIzYmMyODJhMTcyZDAxYTg0YWY3NjhlMTMzMWI5
NDY4NThmZGMyNmFmMDhmODRlZDg3MTc5YTRhZDYwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDAfKViSO8v/hV4GvZolI+CJgXBmHF4qMc+VhUEj5ZNj7zG
GT/DzxDBetyOFuyIEuxwhJE6heapxiM8kL86DcJPY/wYOlTlFYA5sQy8uehrG5OV
u/gTTkL0ZQ3uQuMaRFd/pwlDIJIA36dTr6lhSoPIn0oHt1crWyTpEKL64+TFBZZW
6zsIlqtjCZEuNMaHKzSZmNpkAqjgA66sjxfVPmlaHjuXLsIsX/hZ1XMRDbz+U0n9
E2rIQZcIe11yTFfhdW/xMezbf1kLKEz+I+1t3SK/XkKQjR3XF7cUXHNo3/f3/KyM
yCjyVyhjlGWmfzvn2xmCaaumLXzWtQAeZ35NtOWdAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUQ1XxNAMC1fgxr0ZCuRh6Wo/h4QEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2UyZmQ5MTU1LThhY2EtNGYwZS1iMGQ0LTFhYzQ3YmIxN2IyZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAYX5MAwDQYJKoZIhvcNAQELBQADggEBANH69E0wPUjv8KgF5B3ZdA9GZdOB
Lxtmu7CmrweTv0o0/dWXzv506xh96jJgb41TD0VYE6JGsB1A1M3Jm5THbVDhmsCy
k674AR4AQjQ8zucQG2DDZqzJBqxvpWOWs3OFb5QhptqTfNPNAQpl1KqTpzDOw1B3
tYVHPVp/yfZkmqCDXdawImADRe36tHnUPw5gj8VFytlQu1q2E6RHxLL7ARb43Vmr
iRbEgOW2Da+M+S3z40izd+FBLQ2+UEcQPEusp2nDau12oJUSh4UdqQmwMCV+s+1m
BXNIdNzrmjVZRWK742Z2dnK5afJImm1NlULah72UGwDb8fqFK7zZsHST/ME=
-----END CERTIFICATE-----
Generated at Wed Aug 6 13:05:15 2025 by rpki-client