Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/347b6e0d-52c1-412b-a446-15e7a3c40780.roa
File:                     347b6e0d-52c1-412b-a446-15e7a3c40780.roa (raw, json)
Hash identifier:          a2d1B16lGKIImn7/aidiSuQ6HB659uIMerj2Rk7Ir4g=
Subject key identifier:   0E:29:60:AB:F0:75:E8:FC:12:45:CA:9A:CB:1D:1E:4C:41:5C:88:E4
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4983E36C16B6F4C323D999D4B00A7C199957E0F3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/347b6e0d-52c1-412b-a446-15e7a3c40780.roa
Signing time:             Tue 08 Jul 2025 15:51:50 +0000
ROA not before:           Tue 08 Jul 2025 15:51:50 +0000
ROA not after:            Tue 12 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        1.178.8.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:83:e3:6c:16:b6:f4:c3:23:d9:99:d4:b0:0a:7c:19:99:57:e0:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  8 15:51:50 2025 GMT
            Not After : Aug 12 23:59:59 2025 GMT
        Subject: serialNumber=7fa08efd9a1e925cfc49974797be6b3a133f44243e864a1ee793a31464cc2c42, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:68:a8:5f:08:06:7d:2a:61:f4:31:d3:86:f5:
                    a3:94:a0:41:b5:82:df:67:93:9c:f5:a5:fc:73:30:
                    3a:6a:13:78:98:ce:a1:0d:cd:44:a1:27:d3:39:d0:
                    d4:e2:c4:cf:ac:f4:bc:c4:44:08:6b:54:92:55:02:
                    4c:ca:04:6f:4c:a8:fb:39:f2:dd:6e:a7:40:48:df:
                    42:0c:23:8a:06:c2:f5:55:61:6d:21:f7:6d:35:f4:
                    b3:08:12:a5:a0:d9:b7:8a:51:e1:1c:26:1e:e9:c3:
                    26:8c:ed:4a:6c:10:6e:43:fa:db:94:fb:25:a0:f4:
                    17:f1:21:98:d1:3b:dc:51:a8:4b:c5:93:26:76:74:
                    56:81:7a:59:dd:5b:cf:41:0c:dd:79:e5:f6:c3:14:
                    a0:94:fa:09:2c:91:6f:9f:31:b6:a7:6c:c8:fc:d1:
                    53:00:d6:39:61:b5:c1:e1:5c:01:4f:94:93:b1:bb:
                    07:6d:2f:5f:78:c9:2c:b2:db:98:2b:a6:74:65:a7:
                    5b:81:84:17:ad:37:f7:2f:c6:67:cd:c5:51:9c:d5:
                    f3:21:86:07:c3:df:63:fa:44:2a:4c:e9:79:ac:2f:
                    75:6b:a9:d7:85:b5:1c:5f:5c:d9:98:8b:65:f1:97:
                    4a:73:ed:c9:fa:25:1c:9e:6c:a1:d8:2b:f1:87:78:
                    89:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:29:60:AB:F0:75:E8:FC:12:45:CA:9A:CB:1D:1E:4C:41:5C:88:E4
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/347b6e0d-52c1-412b-a446-15e7a3c40780.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.178.8.0/22

    Signature Algorithm: sha256WithRSAEncryption
         77:cb:24:0d:66:1e:c5:f0:55:17:dd:e1:29:f5:bf:9d:a4:e4:
         6c:b7:d0:bf:04:bb:4e:32:34:31:60:5e:a9:a8:56:a1:a8:62:
         39:30:63:2c:9a:09:a4:14:c1:78:57:d9:f6:2e:06:74:a5:21:
         e4:8d:16:33:be:4f:0b:9e:c0:ae:8a:15:8f:3a:47:d2:c0:f2:
         b6:de:56:fa:a0:d1:7f:ca:23:32:a1:0f:b3:5c:7a:cd:1e:56:
         34:b1:57:8e:61:1d:4d:81:d9:68:8e:d1:f5:39:83:d4:77:26:
         04:d7:04:70:fd:20:0c:1f:4c:3a:5a:6d:98:d9:43:8e:8b:a8:
         98:86:2c:8c:e1:2d:c9:cd:7b:ac:c8:c7:3e:89:12:cb:9b:04:
         18:fa:ed:99:a2:07:04:84:d8:3d:a3:bc:87:fc:b2:eb:f9:36:
         1a:84:1c:9f:b3:e7:5d:d2:47:ca:b7:2c:60:6a:6f:2c:1b:a5:
         1c:43:5d:83:02:bb:62:a9:61:e5:43:66:29:8f:9a:58:e8:d9:
         ed:13:d4:dd:da:d7:69:bc:56:48:04:cd:09:57:49:3f:a8:6d:
         28:1b:09:6f:a3:77:b1:ef:d4:e2:91:05:93:fc:06:a8:0c:fe:
         34:c0:93:33:a5:33:57:59:b1:88:20:36:de:7c:1b:d6:a2:8f:
         ac:1b:6c:13
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSYPjbBa29MMj2ZnUsAp8GZlX4PMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA4MTU1MTUwWhcNMjUwODEyMjM1OTU5
WjB6MUkwRwYDVQQFE0A3ZmEwOGVmZDlhMWU5MjVjZmM0OTk3NDc5N2JlNmIzYTEz
M2Y0NDI0M2U4NjRhMWVlNzkzYTMxNDY0Y2MyYzQyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCcaKhfCAZ9KmH0MdOG9aOUoEG1gt9nk5z1pfxzMDpqE3iY
zqENzUShJ9M50NTixM+s9LzERAhrVJJVAkzKBG9MqPs58t1up0BI30IMI4oGwvVV
YW0h92019LMIEqWg2beKUeEcJh7pwyaM7UpsEG5D+tuU+yWg9BfxIZjRO9xRqEvF
kyZ2dFaBelndW89BDN155fbDFKCU+gkskW+fMbanbMj80VMA1jlhtcHhXAFPlJOx
uwdtL194ySyy25grpnRlp1uBhBetN/cvxmfNxVGc1fMhhgfD32P6RCpM6XmsL3Vr
qdeFtRxfXNmYi2Xxl0pz7cn6JRyebKHYK/GHeIkvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUDilgq/B16PwSRcqayx0eTEFciOQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM0N2I2ZTBkLTUyYzEtNDEyYi1hNDQ2LTE1ZTdhM2M0MDc4MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIBsggwDQYJKoZIhvcNAQELBQADggEBAHfLJA1mHsXwVRfd4Sn1v52k5Gy3
0L8Eu04yNDFgXqmoVqGoYjkwYyyaCaQUwXhX2fYuBnSlIeSNFjO+TwuewK6KFY86
R9LA8rbeVvqg0X/KIzKhD7Nces0eVjSxV45hHU2B2WiO0fU5g9R3JgTXBHD9IAwf
TDpabZjZQ46LqJiGLIzhLcnNe6zIxz6JEsubBBj67ZmiBwSE2D2jvIf8suv5NhqE
HJ+z513SR8q3LGBqbywbpRxDXYMCu2KpYeVDZimPmljo2e0T1N3a12m8VkgEzQlX
ST+obSgbCW+jd7Hv1OKRBZP8BqgM/jTAkzOlM1dZsYggNt58G9aij6wbbBM=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:10:05 2025 by rpki-client