Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3080108a-6812-4377-814d-205d77172c1f.roa
File:                     3080108a-6812-4377-814d-205d77172c1f.roa (raw, json)
Hash identifier:          p17McRttgH9mUfczDbbZMi5fOi/5ZiMa9zPioHvKIws=
Subject key identifier:   EC:36:06:D2:3C:38:A6:95:22:C0:90:49:E7:11:98:BF:05:61:0E:D6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       243C8849DA1D160D392F635B2DDD769D443AE77B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3080108a-6812-4377-814d-205d77172c1f.roa
Signing time:             Mon 14 Jul 2025 15:20:59 +0000
ROA not before:           Mon 14 Jul 2025 15:20:59 +0000
ROA not after:            Mon 18 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.232.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:3c:88:49:da:1d:16:0d:39:2f:63:5b:2d:dd:76:9d:44:3a:e7:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 14 15:20:59 2025 GMT
            Not After : Aug 18 23:59:59 2025 GMT
        Subject: serialNumber=de8594251697eff909c818c7ea746597a2b73ca7c4a2c18353fd8347350742ec, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:87:b9:6b:18:bc:ac:85:61:06:26:21:7e:19:
                    a0:9e:c6:ab:04:25:cb:94:49:4c:53:f5:2f:1a:62:
                    ad:8d:ab:e2:9d:d3:d1:0d:a8:52:fe:e0:b7:85:98:
                    c1:37:26:bd:68:73:95:1e:7e:41:e4:b0:c0:bf:4d:
                    48:ec:98:43:8d:5d:f0:81:58:93:8a:36:41:1a:80:
                    52:a7:eb:7f:4f:f6:00:65:4c:21:d7:83:6d:46:90:
                    d8:c5:67:d1:cb:d0:62:d2:8f:6c:5d:de:b3:f8:10:
                    05:90:0b:09:6d:8e:98:3a:77:cb:3b:a5:66:08:3b:
                    05:bf:49:ad:dd:65:65:4c:7d:af:c3:80:bf:4b:94:
                    63:10:ec:fd:52:be:44:b1:d2:29:a5:87:3a:31:1d:
                    ce:67:27:ae:fd:3e:36:eb:a0:92:23:46:aa:a4:38:
                    44:19:e0:7f:8c:f0:20:87:d1:10:84:70:f0:d9:4f:
                    71:47:ff:bb:a6:60:cb:69:3f:cf:af:35:09:e9:ba:
                    f5:39:4e:cb:bc:0e:ff:57:83:48:69:4f:84:7f:e7:
                    3c:81:96:b6:02:2e:8c:62:eb:eb:ff:c7:63:96:40:
                    78:f3:cc:b5:39:7c:60:39:77:3f:3f:7f:cf:36:81:
                    92:7b:88:6f:13:81:f0:3c:fb:71:2c:5a:61:c1:69:
                    ba:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:36:06:D2:3C:38:A6:95:22:C0:90:49:E7:11:98:BF:05:61:0E:D6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3080108a-6812-4377-814d-205d77172c1f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:3d:c1:23:6a:ad:d3:ce:6d:ce:80:60:22:29:07:33:ce:a3:
         b0:f1:f3:17:a7:20:56:2c:3c:dd:70:56:a7:49:76:00:b4:9b:
         d1:f7:42:e1:61:c3:fe:a8:55:c8:93:32:0b:47:f4:29:d8:3e:
         7b:07:86:57:b6:56:14:7b:70:fa:22:41:4d:fc:4b:7e:28:3b:
         69:2f:36:50:92:a7:6a:c7:34:34:2f:58:47:ba:c1:df:fa:8c:
         6b:1f:5a:9b:b1:66:ec:00:ad:76:b0:56:37:89:26:b9:38:86:
         f6:05:5f:6b:0e:6d:53:26:74:7b:6b:5a:24:82:d8:f0:7b:12:
         a3:00:e3:e4:b2:71:9f:7e:fe:52:ed:33:ac:69:c4:34:5e:6d:
         53:25:bd:47:b9:9c:12:91:7e:78:a7:af:26:e3:26:a0:3b:df:
         2d:7b:63:2d:22:37:d8:e8:24:47:f9:a5:f2:ff:e2:e0:ac:4f:
         f5:14:64:48:1b:00:37:b8:90:46:8e:af:3b:08:ca:31:f5:8d:
         62:81:05:28:e2:a5:cf:45:6e:3a:d2:22:5f:74:ce:9c:37:8a:
         1e:aa:2b:9b:21:0a:93:ad:d5:14:6c:94:d0:fb:c7:43:d8:44:
         d7:26:c4:03:14:d4:38:94:12:9f:b3:af:30:28:5f:dd:79:64:
         cf:d4:01:8d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJDyISdodFg05L2NbLd12nUQ653swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzE0MTUyMDU5WhcNMjUwODE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BkZTg1OTQyNTE2OTdlZmY5MDljODE4YzdlYTc0NjU5N2Ey
YjczY2E3YzRhMmMxODM1M2ZkODM0NzM1MDc0MmVjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCnh7lrGLyshWEGJiF+GaCexqsEJcuUSUxT9S8aYq2Nq+Kd
09ENqFL+4LeFmME3Jr1oc5UefkHksMC/TUjsmEONXfCBWJOKNkEagFKn639P9gBl
TCHXg21GkNjFZ9HL0GLSj2xd3rP4EAWQCwltjpg6d8s7pWYIOwW/Sa3dZWVMfa/D
gL9LlGMQ7P1SvkSx0imlhzoxHc5nJ679PjbroJIjRqqkOEQZ4H+M8CCH0RCEcPDZ
T3FH/7umYMtpP8+vNQnpuvU5Tsu8Dv9Xg0hpT4R/5zyBlrYCLoxi6+v/x2OWQHjz
zLU5fGA5dz8/f882gZJ7iG8TgfA8+3EsWmHBabqBAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU7DYG0jw4ppUiwJBJ5xGYvwVhDtYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzMwODAxMDhhLTY4MTItNDM3Ny04MTRkLTIwNWQ3NzE3MmMxZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTegwDQYJKoZIhvcNAQELBQADggEBABw9wSNqrdPObc6AYCIpBzPOo7Dx
8xenIFYsPN1wVqdJdgC0m9H3QuFhw/6oVciTMgtH9CnYPnsHhle2VhR7cPoiQU38
S34oO2kvNlCSp2rHNDQvWEe6wd/6jGsfWpuxZuwArXawVjeJJrk4hvYFX2sObVMm
dHtrWiSC2PB7EqMA4+SycZ9+/lLtM6xpxDRebVMlvUe5nBKRfninrybjJqA73y17
Yy0iN9joJEf5pfL/4uCsT/UUZEgbADe4kEaOrzsIyjH1jWKBBSjipc9FbjrSIl90
zpw3ih6qK5shCpOt1RRslND7x0PYRNcmxAMU1DiUEp+zrzAoX915ZM/UAY0=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:21:07 2025 by rpki-client