Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e635426b-1e04-4c4a-ab70-f48e4c0272bb.roa
File:                     e635426b-1e04-4c4a-ab70-f48e4c0272bb.roa (raw, json)
Hash identifier:          08sIrJljiepNRjHOgpbNQxfNA5PTTabLpYgiacPLnF0=
Subject key identifier:   BA:32:C1:77:A1:4E:71:80:27:54:2E:61:5C:CB:92:1A:3C:BD:D8:09
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0524432D33F86B97D6D34BCF5247D04C09364FFF
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e635426b-1e04-4c4a-ab70-f48e4c0272bb.roa
Signing time:             Mon 28 Jul 2025 15:20:27 +0000
ROA not before:           Mon 28 Jul 2025 15:20:27 +0000
ROA not after:            Mon 01 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        167.229.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:24:43:2d:33:f8:6b:97:d6:d3:4b:cf:52:47:d0:4c:09:36:4f:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 28 15:20:27 2025 GMT
            Not After : Sep  1 23:59:59 2025 GMT
        Subject: serialNumber=b4f4503e95ce332dea8a345532d07d8afbb1c03584ae25844b1486afa856a119, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:50:68:fb:a7:b9:80:0b:81:45:b2:d4:21:f8:
                    23:35:60:23:12:e6:a7:85:9a:7c:84:a2:41:12:6d:
                    07:b3:66:97:19:a3:d1:a9:34:f3:36:eb:2a:05:04:
                    4d:96:1e:6f:85:20:1f:a4:6a:f0:c6:c0:08:34:8f:
                    a5:77:6e:ac:17:03:95:28:48:6b:09:14:59:01:99:
                    13:1d:18:d6:7d:df:55:8c:5d:57:93:26:d8:6e:7f:
                    38:4d:26:ab:f9:1b:d2:cc:5f:a7:e1:6e:bb:ca:c1:
                    fa:37:f3:a1:c7:50:1f:8b:bc:fc:e9:e6:72:d7:fb:
                    a9:38:8b:ec:e8:ea:56:fb:b0:73:f8:0a:e8:81:17:
                    df:db:51:9f:66:d3:e2:34:aa:83:d5:fc:dc:76:9c:
                    3b:7d:db:b4:f6:7b:1d:a9:20:18:75:39:b2:db:73:
                    26:af:45:01:7a:7e:bc:8e:65:cf:82:df:13:e9:72:
                    ca:2d:d5:6d:f2:4a:86:d4:8b:89:e8:e9:2a:0b:50:
                    15:21:ba:c6:f7:eb:f6:c2:d9:c5:2e:9d:13:13:aa:
                    f7:fa:33:53:90:3e:c8:4f:1d:56:0f:7f:ad:8a:d9:
                    31:74:77:61:3b:cb:eb:1b:71:20:b5:43:4b:61:a6:
                    62:10:eb:2d:07:93:6a:95:b6:ab:c1:d6:8a:0d:f1:
                    26:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:32:C1:77:A1:4E:71:80:27:54:2E:61:5C:CB:92:1A:3C:BD:D8:09
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e635426b-1e04-4c4a-ab70-f48e4c0272bb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  167.229.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         19:1c:39:0a:14:9b:fb:d5:0e:2a:3c:fa:43:26:8c:1d:07:b1:
         14:29:30:cd:16:c7:b6:19:fb:3a:3b:0c:fc:9a:92:2f:b9:13:
         3e:57:df:c9:4e:04:7f:92:34:25:44:f4:bd:37:31:54:30:d5:
         81:53:1d:87:5b:59:c6:8d:ba:45:ce:be:2a:ff:f3:25:ec:14:
         e4:b7:54:45:b1:96:c2:27:61:8f:91:fc:f7:ce:9c:92:86:f3:
         e9:56:4b:d1:f9:b4:13:69:91:00:c5:b7:70:fc:ca:e7:82:4f:
         fb:3a:c1:5e:6b:ce:03:fa:e6:29:ed:7a:1b:6a:c3:cf:07:f4:
         8b:6b:54:43:0d:41:5f:f4:3a:74:d3:4c:e9:ab:d0:ed:79:f6:
         11:5c:00:17:3b:89:fc:dd:d6:ed:62:28:5a:6a:88:0a:39:40:
         68:a8:b4:5c:ed:e8:bd:8a:9d:fb:a6:20:7b:e2:b7:07:37:b5:
         6e:12:57:1b:6e:7b:18:5c:59:6b:fe:a5:0c:99:d6:48:d3:ab:
         7a:62:a5:52:e3:cc:0e:1d:9a:ba:b6:35:f3:ca:e9:ad:88:52:
         90:d2:3c:eb:6b:dc:35:ca:5a:59:ed:49:e4:b9:5c:01:02:a5:
         9e:2a:b7:59:c4:7a:a6:9c:a0:e2:e2:29:61:5f:4b:27:33:a6:
         45:64:a4:82
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUBSRDLTP4a5fW00vPUkfQTAk2T/8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzI4MTUyMDI3WhcNMjUwOTAxMjM1OTU5
WjB6MUkwRwYDVQQFE0BiNGY0NTAzZTk1Y2UzMzJkZWE4YTM0NTUzMmQwN2Q4YWZi
YjFjMDM1ODRhZTI1ODQ0YjE0ODZhZmE4NTZhMTE5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCiUGj7p7mAC4FFstQh+CM1YCMS5qeFmnyEokESbQezZpcZ
o9GpNPM26yoFBE2WHm+FIB+kavDGwAg0j6V3bqwXA5UoSGsJFFkBmRMdGNZ931WM
XVeTJthufzhNJqv5G9LMX6fhbrvKwfo386HHUB+LvPzp5nLX+6k4i+zo6lb7sHP4
CuiBF9/bUZ9m0+I0qoPV/Nx2nDt927T2ex2pIBh1ObLbcyavRQF6fryOZc+C3xPp
csot1W3ySobUi4no6SoLUBUhusb36/bC2cUunRMTqvf6M1OQPshPHVYPf62K2TF0
d2E7y+sbcSC1Q0thpmIQ6y0Hk2qVtqvB1ooN8SaZAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUujLBd6FOcYAnVC5hXMuSGjy92AkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U2MzU0MjZiLTFlMDQtNGM0YS1hYjcwLWY0OGU0YzAyNzJiYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCn5TANBgkqhkiG9w0BAQsFAAOCAQEAGRw5ChSb+9UOKjz6QyaMHQexFCkw
zRbHthn7OjsM/JqSL7kTPlffyU4Ef5I0JUT0vTcxVDDVgVMdh1tZxo26Rc6+Kv/z
JewU5LdURbGWwidhj5H8986ckobz6VZL0fm0E2mRAMW3cPzK54JP+zrBXmvOA/rm
Ke16G2rDzwf0i2tUQw1BX/Q6dNNM6avQ7Xn2EVwAFzuJ/N3W7WIoWmqICjlAaKi0
XO3ovYqd+6Yge+K3Bze1bhJXG257GFxZa/6lDJnWSNOremKlUuPMDh2aurY188rp
rYhSkNI862vcNcpaWe1J5LlcAQKlniq3WcR6ppyg4uIpYV9LJzOmRWSkgg==
-----END CERTIFICATE-----
Generated at Wed Aug 6 05:19:34 2025 by rpki-client