Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/efb54f3e-2c1a-4dbb-876a-f86620b04208.roa
File:                     efb54f3e-2c1a-4dbb-876a-f86620b04208.roa (raw, json)
Hash identifier:          ECXrZd5gtcqQmwaMkqWXSyTK4PvKVbrQzGwWwiEkbFs=
Subject key identifier:   44:42:90:EB:87:FF:ED:4F:6D:25:E8:7E:D3:69:01:94:5D:EF:A2:7F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       68C5CE395D8B5CB9428F4B8CCB26977C20D09925
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/efb54f3e-2c1a-4dbb-876a-f86620b04208.roa
Signing time:             Sat 19 Jul 2025 00:41:16 +0000
ROA not before:           Sat 19 Jul 2025 00:41:16 +0000
ROA not after:            Sat 23 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        76.223.164.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 08 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:c5:ce:39:5d:8b:5c:b9:42:8f:4b:8c:cb:26:97:7c:20:d0:99:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 19 00:41:16 2025 GMT
            Not After : Aug 23 23:59:59 2025 GMT
        Subject: serialNumber=71e9b0d91ad89d1a8e12bcb5c37940f2863c91784cab7846d902ba0a703232d7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:8a:8c:78:77:3f:7f:07:ba:bd:2f:f1:f2:bd:
                    5d:3a:ba:03:07:1b:e8:01:c1:73:9b:42:b2:f3:a8:
                    4a:7d:65:3b:f8:75:c8:e8:56:cf:29:2d:36:4f:2d:
                    a9:5b:7b:aa:0f:8c:51:1e:ee:00:33:67:9b:02:91:
                    dd:ac:2b:6f:a6:f1:b7:17:1c:2d:14:57:91:0e:cd:
                    3b:3e:50:d5:2a:21:30:f4:74:75:68:1d:69:a5:2c:
                    31:23:4b:8a:87:13:cb:22:db:c2:ee:20:86:b6:8b:
                    54:21:88:8f:94:4d:4b:50:03:a1:99:fb:d4:26:0b:
                    cc:0b:ad:f7:00:9f:74:c9:51:92:bc:ca:34:5c:3a:
                    fb:66:be:d2:32:27:48:42:62:33:8d:b2:7f:73:0d:
                    5a:21:2e:3e:d5:16:9a:0a:00:5c:c4:1b:e2:13:c4:
                    ba:b8:c1:25:64:89:95:a9:d8:d3:ad:c7:e6:97:c9:
                    1b:f7:f6:43:2b:f6:dc:4a:8c:b1:b3:2c:05:12:56:
                    eb:90:38:1b:f6:ff:e6:a1:7b:71:a6:8a:0e:09:e8:
                    b5:f3:b2:41:ac:dd:e9:de:6b:89:03:e4:f3:54:d8:
                    8c:78:08:7f:c1:72:b0:be:08:79:ef:a6:e3:26:93:
                    77:55:6a:fb:4e:7d:61:01:b3:c0:21:9d:9e:1e:98:
                    c9:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:42:90:EB:87:FF:ED:4F:6D:25:E8:7E:D3:69:01:94:5D:EF:A2:7F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/efb54f3e-2c1a-4dbb-876a-f86620b04208.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  76.223.164.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:2c:64:bc:70:85:03:7e:25:18:68:f4:95:af:d0:b0:d2:61:
         4f:53:6e:3d:8e:54:e3:1b:58:ef:cd:80:cd:d7:4c:52:64:cc:
         10:fb:c8:e4:85:00:59:be:8e:d2:43:b7:d1:7d:c2:c2:fa:68:
         c9:ae:c4:23:74:b7:e3:6b:f8:cc:5c:1b:f5:2f:3e:4e:9e:d9:
         9d:1a:ef:ce:24:37:41:42:cb:09:22:f0:81:95:70:84:10:25:
         95:a0:65:fc:fb:e4:20:83:73:a4:d3:51:31:7b:40:cd:c5:37:
         0f:28:74:8a:d9:a6:da:62:ca:35:01:7a:b8:e2:64:e8:51:81:
         53:1e:63:fc:25:4b:c3:09:7e:f4:ca:52:12:af:d8:7d:14:35:
         40:da:df:9b:5e:aa:81:12:9e:b8:de:3d:94:3c:05:18:4e:d5:
         86:b9:24:68:6c:89:3c:14:79:a9:bf:e1:d2:b9:30:3b:b3:d6:
         1d:cb:72:fb:5d:a5:eb:9f:23:41:ac:4c:be:74:ab:45:5e:94:
         74:2e:a8:7d:65:e8:40:81:0d:71:b1:72:71:94:7f:6e:a9:18:
         d1:ed:6a:ec:98:e4:21:17:51:1a:d0:bb:15:8c:d9:64:b1:7f:
         fa:75:ed:c5:ae:05:23:13:7f:eb:98:88:df:fa:ce:48:0f:69:
         08:43:76:66
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUaMXOOV2LXLlCj0uMyyaXfCDQmSUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzE5MDA0MTE2WhcNMjUwODIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A3MWU5YjBkOTFhZDg5ZDFhOGUxMmJjYjVjMzc5NDBmMjg2
M2M5MTc4NGNhYjc4NDZkOTAyYmEwYTcwMzIzMmQ3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCriox4dz9/B7q9L/HyvV06ugMHG+gBwXObQrLzqEp9ZTv4
dcjoVs8pLTZPLalbe6oPjFEe7gAzZ5sCkd2sK2+m8bcXHC0UV5EOzTs+UNUqITD0
dHVoHWmlLDEjS4qHE8si28LuIIa2i1QhiI+UTUtQA6GZ+9QmC8wLrfcAn3TJUZK8
yjRcOvtmvtIyJ0hCYjONsn9zDVohLj7VFpoKAFzEG+ITxLq4wSVkiZWp2NOtx+aX
yRv39kMr9txKjLGzLAUSVuuQOBv2/+ahe3Gmig4J6LXzskGs3enea4kD5PNU2Ix4
CH/BcrC+CHnvpuMmk3dVavtOfWEBs8AhnZ4emMnHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUREKQ64f/7U9tJeh+02kBlF3von8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2VmYjU0ZjNlLTJjMWEtNGRiYi04NzZhLWY4NjYyMGIwNDIwOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABM36QwDQYJKoZIhvcNAQELBQADggEBAJAsZLxwhQN+JRho9JWv0LDSYU9T
bj2OVOMbWO/NgM3XTFJkzBD7yOSFAFm+jtJDt9F9wsL6aMmuxCN0t+Nr+MxcG/Uv
Pk6e2Z0a784kN0FCywki8IGVcIQQJZWgZfz75CCDc6TTUTF7QM3FNw8odIrZptpi
yjUBerjiZOhRgVMeY/wlS8MJfvTKUhKv2H0UNUDa35teqoESnrjePZQ8BRhO1Ya5
JGhsiTwUeam/4dK5MDuz1h3LcvtdpeufI0GsTL50q0VelHQuqH1l6ECBDXGxcnGU
f26pGNHtauyY5CEXURrQuxWM2WSxf/p17cWuBSMTf+uYiN/6zkgPaQhDdmY=
-----END CERTIFICATE-----
Generated at Wed Aug 6 19:36:58 2025 by rpki-client