Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ed432fea-e545-4d6d-beae-21ab78adea7b.roa
File:                     ed432fea-e545-4d6d-beae-21ab78adea7b.roa (raw, json)
Hash identifier:          Xe6nu52JLVAkrDYC+c+ZG1I7/K4uzddX/7BzzKLShEs=
Subject key identifier:   AA:12:EE:3A:76:56:D8:99:CA:6C:74:2F:10:54:8C:CA:A4:EC:8A:25
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       09A4CEAF931495D1E0CE0A806E74FF738A0A496E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ed432fea-e545-4d6d-beae-21ab78adea7b.roa
Signing time:             Sat 19 Jul 2025 00:01:04 +0000
ROA not before:           Sat 19 Jul 2025 00:01:04 +0000
ROA not after:            Sat 23 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        173.246.160.0/19 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:a4:ce:af:93:14:95:d1:e0:ce:0a:80:6e:74:ff:73:8a:0a:49:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 19 00:01:04 2025 GMT
            Not After : Aug 23 23:59:59 2025 GMT
        Subject: serialNumber=08ffc28c6f38f33b0e60e0a3d63b61b5c4b0974537b8d9deaa513523adacef85, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:62:3d:59:8f:74:6e:77:60:e0:4a:e9:41:b0:
                    f3:a5:10:60:14:c9:e8:36:1b:15:cc:ae:31:70:58:
                    8e:f2:a2:ae:da:9f:19:84:3c:1e:2d:1d:bd:dd:69:
                    63:87:55:24:85:a8:ba:58:37:1d:b3:ad:2a:54:fb:
                    41:43:c3:e7:d5:39:87:b5:b6:53:6a:77:c2:ea:0b:
                    00:69:88:bb:19:0d:eb:5c:43:ba:7a:29:76:70:68:
                    2c:7a:74:bf:6c:27:3f:24:56:d0:d8:44:f6:91:50:
                    bb:ad:94:97:6e:8b:19:cc:b5:b0:b6:66:c9:52:c5:
                    0e:27:da:d3:e7:9b:22:4b:59:c3:32:35:a1:17:4f:
                    5d:f2:41:5f:0a:e1:94:d0:2b:70:b3:5a:2f:17:59:
                    e5:b2:64:80:3b:62:b0:83:a7:34:24:22:f0:52:53:
                    ff:2e:1b:a9:bc:c1:29:3d:13:fe:90:81:68:9a:e9:
                    0e:79:7c:61:2d:9d:ea:4c:04:51:b2:85:60:54:62:
                    06:2e:c6:9d:fc:56:e8:06:17:d3:07:21:ba:23:ea:
                    04:c7:d8:a8:c1:46:61:4a:55:e3:0d:a1:96:25:fa:
                    40:b4:b0:22:74:90:6e:2a:b7:af:a5:f7:e1:29:cf:
                    30:68:08:17:86:cf:0e:73:97:0a:53:72:a8:78:ac:
                    c1:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:12:EE:3A:76:56:D8:99:CA:6C:74:2F:10:54:8C:CA:A4:EC:8A:25
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ed432fea-e545-4d6d-beae-21ab78adea7b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  173.246.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         57:d5:7f:a0:00:4e:9a:a4:7d:5b:40:91:b3:d7:d4:f8:dc:9d:
         6d:8e:0b:7f:89:2a:58:79:3c:96:6b:fb:66:57:cc:84:cf:e1:
         84:73:df:3f:4b:51:17:e1:d3:0d:e5:2d:44:43:40:42:b7:f1:
         d1:29:cd:8f:31:88:f9:57:b8:9a:86:05:4c:79:5b:3e:60:d2:
         94:0d:3f:5b:27:71:09:c2:24:53:4d:c4:88:32:03:9a:d1:83:
         0a:9b:f0:91:5a:9f:a1:67:a5:b4:31:67:2f:26:96:b5:91:7c:
         49:97:6b:82:4e:8b:f5:c0:83:ec:f5:6e:c7:67:e0:8e:af:d9:
         20:79:7b:76:f0:48:94:a4:f7:ec:59:dd:f5:51:93:98:dd:16:
         5f:fd:c5:1f:ac:7b:67:19:57:0a:aa:9b:93:17:3e:89:2a:dd:
         25:18:ce:44:c2:40:94:d5:6b:38:f5:c5:2e:50:4d:16:e3:ec:
         b1:e3:f4:21:f0:54:03:f2:8b:87:c8:02:1d:71:e2:fb:df:5d:
         59:04:c1:e5:b7:33:22:81:8a:4b:36:79:31:11:74:36:71:a7:
         ab:04:63:c6:75:05:73:c3:a0:a3:1e:1a:3f:84:ef:49:99:f0:
         4f:85:d6:99:86:4d:7b:c4:f9:90:61:80:ad:a0:50:4c:ce:1f:
         c4:c5:62:59
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCaTOr5MUldHgzgqAbnT/c4oKSW4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzE5MDAwMTA0WhcNMjUwODIzMjM1OTU5
WjB6MUkwRwYDVQQFE0AwOGZmYzI4YzZmMzhmMzNiMGU2MGUwYTNkNjNiNjFiNWM0
YjA5NzQ1MzdiOGQ5ZGVhYTUxMzUyM2FkYWNlZjg1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDlYj1Zj3Rud2DgSulBsPOlEGAUyeg2GxXMrjFwWI7yoq7a
nxmEPB4tHb3daWOHVSSFqLpYNx2zrSpU+0FDw+fVOYe1tlNqd8LqCwBpiLsZDetc
Q7p6KXZwaCx6dL9sJz8kVtDYRPaRULutlJduixnMtbC2ZslSxQ4n2tPnmyJLWcMy
NaEXT13yQV8K4ZTQK3CzWi8XWeWyZIA7YrCDpzQkIvBSU/8uG6m8wSk9E/6QgWia
6Q55fGEtnepMBFGyhWBUYgYuxp38VugGF9MHIboj6gTH2KjBRmFKVeMNoZYl+kC0
sCJ0kG4qt6+l9+EpzzBoCBeGzw5zlwpTcqh4rMGdAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUqhLuOnZW2JnKbHQvEFSMyqTsiiUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2VkNDMyZmVhLWU1NDUtNGQ2ZC1iZWFlLTIxYWI3OGFkZWE3Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAWt9qAwDQYJKoZIhvcNAQELBQADggEBAFfVf6AATpqkfVtAkbPX1PjcnW2O
C3+JKlh5PJZr+2ZXzITP4YRz3z9LURfh0w3lLURDQEK38dEpzY8xiPlXuJqGBUx5
Wz5g0pQNP1sncQnCJFNNxIgyA5rRgwqb8JFan6FnpbQxZy8mlrWRfEmXa4JOi/XA
g+z1bsdn4I6v2SB5e3bwSJSk9+xZ3fVRk5jdFl/9xR+se2cZVwqqm5MXPokq3SUY
zkTCQJTVazj1xS5QTRbj7LHj9CHwVAPyi4fIAh1x4vvfXVkEweW3MyKBiks2eTER
dDZxp6sEY8Z1BXPDoKMeGj+E70mZ8E+F1pmGTXvE+ZBhgK2gUEzOH8TFYlk=
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:11:45 2025 by rpki-client