Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/28cf4189-648d-467b-9ef1-b6e9fa5ba3dd.roa
File:                     28cf4189-648d-467b-9ef1-b6e9fa5ba3dd.roa (raw, json)
Hash identifier:          z4yKZglMnxSKYZ5J7qrnB2BbnDpydSI3vU2MUqN9SgY=
Subject key identifier:   61:2B:F1:21:19:4F:F5:3B:52:2E:0D:87:A8:89:87:B1:31:C3:74:AC
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       369E9CA05F680E42CE639C17EA9550E65DE5D3F6
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/28cf4189-648d-467b-9ef1-b6e9fa5ba3dd.roa
Signing time:             Mon 14 Jul 2025 15:21:01 +0000
ROA not before:           Mon 14 Jul 2025 15:21:01 +0000
ROA not after:            Mon 18 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.158.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:9e:9c:a0:5f:68:0e:42:ce:63:9c:17:ea:95:50:e6:5d:e5:d3:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 14 15:21:01 2025 GMT
            Not After : Aug 18 23:59:59 2025 GMT
        Subject: serialNumber=40e3fc12c13ab9c7726c1d2a38d5bfae4f17817c577111d8d61be8b5395caf89, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:71:1e:bf:6b:5d:c7:91:47:89:e1:2d:d3:b3:
                    6f:1b:6e:0f:d9:44:12:cf:41:5e:be:74:de:43:4d:
                    78:61:d9:09:dd:da:cb:4c:22:d9:8d:9e:85:a2:ff:
                    5b:37:80:18:cf:e9:db:91:06:fc:36:fc:c2:23:83:
                    0a:56:80:d8:91:a2:4c:a5:2b:95:7c:6d:46:43:a6:
                    f3:a6:06:df:e3:c8:6e:94:67:c0:e3:af:8b:dd:19:
                    09:30:2a:27:5e:e4:b7:e4:79:3b:94:d9:cf:c9:ac:
                    9c:c8:dc:3e:c3:ff:15:61:c8:06:79:e5:0e:5e:0c:
                    03:c1:6b:dc:f1:58:58:c0:2c:bf:cd:d2:65:ac:b4:
                    d8:98:b2:d8:7e:cb:46:28:c1:6d:af:18:eb:a5:28:
                    9c:7c:b5:9d:cb:09:00:8c:38:6b:a5:ed:e3:60:4b:
                    2c:25:eb:7f:89:ae:96:94:69:08:da:1e:fc:db:1d:
                    26:d9:0f:b1:6c:0b:03:3b:e8:ee:4d:0b:60:81:eb:
                    87:18:c6:c3:5e:45:39:f2:01:aa:eb:bf:73:e1:88:
                    5e:fc:cf:2e:94:09:ed:81:74:9b:83:8e:a4:06:e2:
                    79:83:41:ae:0a:b3:d6:21:3b:e6:cc:06:c6:27:15:
                    f9:69:67:52:70:09:79:af:7d:94:2e:18:e2:b3:97:
                    ca:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:2B:F1:21:19:4F:F5:3B:52:2E:0D:87:A8:89:87:B1:31:C3:74:AC
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/28cf4189-648d-467b-9ef1-b6e9fa5ba3dd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.158.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:72:0a:27:b1:62:d9:2a:6d:fb:01:89:78:39:1c:36:27:74:
         9d:d9:b4:78:21:c4:1a:f2:08:35:ab:7c:6a:e8:d5:0c:ad:74:
         f7:8c:ed:95:fc:1f:d5:f5:bc:69:7d:08:24:1a:93:5b:c4:91:
         50:26:25:79:18:e4:7b:f5:91:46:f1:b5:3f:2a:98:9e:e2:01:
         57:f5:2c:0d:08:ec:6a:1a:b4:e8:a9:fd:f9:72:b3:6a:d6:37:
         d7:c8:f2:02:d7:a8:a0:56:1f:8b:f0:ff:54:2a:53:dd:16:37:
         a9:27:4d:14:7c:5c:da:7f:f3:03:99:98:47:89:50:91:79:5b:
         a0:e1:04:25:47:12:46:66:24:29:34:e5:6b:f9:fa:57:89:a8:
         32:51:d6:2f:3b:5c:b1:2f:86:80:c5:89:e2:db:1d:a1:50:b6:
         50:e3:3c:74:3e:84:26:35:b3:39:18:85:80:97:ee:9d:a1:bd:
         41:29:9d:73:db:c8:5d:fd:f1:64:29:ff:11:d9:f5:04:d9:80:
         31:a0:fe:dc:24:53:9f:8a:81:e7:9a:d1:09:2b:7c:f5:c8:4c:
         fc:b6:62:d2:59:ec:d6:89:55:30:e6:8a:bb:7b:5c:23:15:ae:
         80:32:49:60:dd:d5:82:7e:99:89:07:8d:bd:4b:1c:6a:79:df:
         1d:12:7b:58
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUNp6coF9oDkLOY5wX6pVQ5l3l0/YwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzE0MTUyMTAxWhcNMjUwODE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A0MGUzZmMxMmMxM2FiOWM3NzI2YzFkMmEzOGQ1YmZhZTRm
MTc4MTdjNTc3MTExZDhkNjFiZThiNTM5NWNhZjg5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDRcR6/a13HkUeJ4S3Ts28bbg/ZRBLPQV6+dN5DTXhh2Qnd
2stMItmNnoWi/1s3gBjP6duRBvw2/MIjgwpWgNiRokylK5V8bUZDpvOmBt/jyG6U
Z8Djr4vdGQkwKide5LfkeTuU2c/JrJzI3D7D/xVhyAZ55Q5eDAPBa9zxWFjALL/N
0mWstNiYsth+y0YowW2vGOulKJx8tZ3LCQCMOGul7eNgSywl63+JrpaUaQjaHvzb
HSbZD7FsCwM76O5NC2CB64cYxsNeRTnyAarrv3PhiF78zy6UCe2BdJuDjqQG4nmD
Qa4Ks9YhO+bMBsYnFflpZ1JwCXmvfZQuGOKzl8oHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUYSvxIRlP9TtSLg2HqImHsTHDdKwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI4Y2Y0MTg5LTY0OGQtNDY3Yi05ZWYxLWI2ZTlmYTViYTNkZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTZ4wDQYJKoZIhvcNAQELBQADggEBADdyCiexYtkqbfsBiXg5HDYndJ3Z
tHghxBryCDWrfGro1QytdPeM7ZX8H9X1vGl9CCQak1vEkVAmJXkY5Hv1kUbxtT8q
mJ7iAVf1LA0I7GoatOip/flys2rWN9fI8gLXqKBWH4vw/1QqU90WN6knTRR8XNp/
8wOZmEeJUJF5W6DhBCVHEkZmJCk05Wv5+leJqDJR1i87XLEvhoDFieLbHaFQtlDj
PHQ+hCY1szkYhYCX7p2hvUEpnXPbyF398WQp/xHZ9QTZgDGg/twkU5+Kgeea0Qkr
fPXITPy2YtJZ7NaJVTDmirt7XCMVroAySWDd1YJ+mYkHjb1LHGp53x0Se1g=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:09:14 2025 by rpki-client