Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fb39751f-4342-48a6-a846-07297ed60442.roa
File:                     fb39751f-4342-48a6-a846-07297ed60442.roa (raw, json)
Hash identifier:          0dUwhvicA6fGdfER2vmT5x+/7pGs7cE90tMXAQjOZfg=
Subject key identifier:   9B:A7:85:FD:E0:61:CF:F3:31:D5:48:C7:9C:69:D5:06:7E:96:AF:C6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       68AA9EFDDDD80EFBBD43D7FFD119081CBC7686A7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fb39751f-4342-48a6-a846-07297ed60442.roa
Signing time:             Fri 01 Aug 2025 15:11:18 +0000
ROA not before:           Fri 01 Aug 2025 15:11:18 +0000
ROA not after:            Fri 05 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        207.36.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 11 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:aa:9e:fd:dd:d8:0e:fb:bd:43:d7:ff:d1:19:08:1c:bc:76:86:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  1 15:11:18 2025 GMT
            Not After : Sep  5 23:59:59 2025 GMT
        Subject: serialNumber=abe7ad95dbe6c842b0fdd47cb6b3a6e0ebdf5415cd6c7dd13c8c18dcea699ea4, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:5e:9e:f1:ed:bd:22:a7:23:fd:70:42:03:da:
                    00:91:c2:c3:d7:66:ca:4d:f4:43:73:68:33:b5:fc:
                    35:34:2b:a5:45:43:d5:66:23:a4:70:a0:f6:93:d4:
                    ee:dd:16:64:80:31:39:f7:f3:f3:4b:ff:aa:a0:89:
                    73:41:a6:0d:67:be:f0:ea:93:4b:e0:cc:10:65:c2:
                    2e:52:a2:57:31:69:cf:0d:47:a4:cc:76:29:fc:24:
                    76:53:0d:01:f1:63:ce:75:d4:5c:a4:db:37:a3:01:
                    e8:57:2b:88:cc:39:0a:57:08:60:57:27:e9:af:fa:
                    15:33:3d:a8:d6:28:7a:1f:4f:80:47:27:4a:c5:1d:
                    a4:a5:be:6b:5a:33:ed:c3:55:6a:d3:d8:2c:3b:fb:
                    ff:86:9b:da:7f:84:f5:67:ff:62:94:69:58:d4:80:
                    fc:d6:8b:76:33:0d:e1:84:eb:21:0e:4d:1f:3b:4d:
                    ee:5b:63:b7:73:35:de:95:b7:04:f4:28:6b:96:87:
                    17:5d:6b:a2:db:2b:fc:f1:19:b1:4e:76:2e:24:17:
                    1a:99:d6:e7:29:08:d7:3b:f7:ea:8d:77:4c:07:52:
                    6b:aa:32:07:ab:ca:42:1c:f2:b3:81:99:1c:0d:2f:
                    84:32:fa:06:2d:c9:27:fd:2f:ff:3f:ea:90:5b:4c:
                    4e:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:A7:85:FD:E0:61:CF:F3:31:D5:48:C7:9C:69:D5:06:7E:96:AF:C6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fb39751f-4342-48a6-a846-07297ed60442.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  207.36.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         49:18:44:e9:4b:1a:8a:45:6a:3e:30:93:09:b4:66:53:f2:a1:
         79:32:13:a1:92:12:9b:42:a7:5a:87:7b:1b:5d:b2:f6:3f:37:
         ea:ee:38:e0:7d:31:8a:ba:f4:60:96:b4:38:6c:d6:6f:88:87:
         ac:d6:3d:3c:b9:73:ae:04:a8:f4:50:84:cb:55:a9:15:fa:37:
         4b:d1:11:42:40:b3:00:f4:57:a6:77:3e:83:cd:9e:3c:be:1e:
         fb:d4:00:a1:a8:69:fa:d2:4f:17:d5:9a:63:87:0b:9b:63:06:
         bd:42:4c:03:b4:83:6b:27:8b:84:80:8e:57:e9:2a:3b:23:20:
         ac:f0:9d:37:88:4b:ea:85:62:4c:93:22:1e:28:bb:dd:09:9e:
         a4:25:d0:8a:eb:36:a6:9d:6c:2a:e7:44:82:30:9b:74:20:38:
         27:5b:38:e1:23:3f:41:40:fb:c6:5a:ee:09:8b:67:21:41:41:
         32:3f:21:e0:b6:08:8b:f2:b8:09:48:3f:38:51:2e:8f:04:99:
         85:16:94:d7:26:3c:d9:bd:cc:39:73:f9:95:71:db:d0:d9:39:
         48:54:e1:d3:ce:92:1e:cf:5c:cf:37:45:84:6d:fd:c9:24:91:
         79:9d:7d:48:22:92:9e:e2:1a:cd:09:b8:1b:60:e2:fc:4e:2a:
         e1:00:bf:27
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUaKqe/d3YDvu9Q9f/0RkIHLx2hqcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODAxMTUxMTE4WhcNMjUwOTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BhYmU3YWQ5NWRiZTZjODQyYjBmZGQ0N2NiNmIzYTZlMGVi
ZGY1NDE1Y2Q2YzdkZDEzYzhjMThkY2VhNjk5ZWE0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDiXp7x7b0ipyP9cEID2gCRwsPXZspN9ENzaDO1/DU0K6VF
Q9VmI6RwoPaT1O7dFmSAMTn38/NL/6qgiXNBpg1nvvDqk0vgzBBlwi5Solcxac8N
R6TMdin8JHZTDQHxY8511Fyk2zejAehXK4jMOQpXCGBXJ+mv+hUzPajWKHofT4BH
J0rFHaSlvmtaM+3DVWrT2Cw7+/+Gm9p/hPVn/2KUaVjUgPzWi3YzDeGE6yEOTR87
Te5bY7dzNd6VtwT0KGuWhxdda6LbK/zxGbFOdi4kFxqZ1ucpCNc79+qNd0wHUmuq
MgerykIc8rOBmRwNL4Qy+gYtySf9L/8/6pBbTE6XAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUm6eF/eBhz/Mx1UjHnGnVBn6Wr8YwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ZiMzk3NTFmLTQzNDItNDhhNi1hODQ2LTA3Mjk3ZWQ2MDQ0Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwDPJDANBgkqhkiG9w0BAQsFAAOCAQEASRhE6UsaikVqPjCTCbRmU/KheTIT
oZISm0KnWod7G12y9j836u444H0xirr0YJa0OGzWb4iHrNY9PLlzrgSo9FCEy1Wp
Ffo3S9ERQkCzAPRXpnc+g82ePL4e+9QAoahp+tJPF9WaY4cLm2MGvUJMA7SDayeL
hICOV+kqOyMgrPCdN4hL6oViTJMiHii73QmepCXQius2pp1sKudEgjCbdCA4J1s4
4SM/QUD7xlruCYtnIUFBMj8h4LYIi/K4CUg/OFEujwSZhRaU1yY82b3MOXP5lXHb
0Nk5SFTh086SHs9czzdFhG39ySSReZ19SCKSnuIazQm4G2Di/E4q4QC/Jw==
-----END CERTIFICATE-----
Generated at Sat Aug 9 23:11:45 2025 by rpki-client