Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/34ca87d7-ed62-4445-a114-bd33a654a75d.roa
File:                     34ca87d7-ed62-4445-a114-bd33a654a75d.roa (raw, json)
Hash identifier:          W/MNtGuQdlqHzWJubJ4XTv85LxdYk8H9ijjgKvud9WM=
Subject key identifier:   D4:07:EF:2A:8F:38:D9:08:FF:FC:68:51:79:7B:B7:EE:9D:7A:C6:6B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2C66B808CAF93E704127DE0CA9E3FD4F5BFA1FB9
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/34ca87d7-ed62-4445-a114-bd33a654a75d.roa
Signing time:             Fri 18 Jul 2025 00:32:08 +0000
ROA not before:           Fri 18 Jul 2025 00:32:08 +0000
ROA not after:            Fri 22 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.229.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:66:b8:08:ca:f9:3e:70:41:27:de:0c:a9:e3:fd:4f:5b:fa:1f:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 18 00:32:08 2025 GMT
            Not After : Aug 22 23:59:59 2025 GMT
        Subject: serialNumber=026a41c8b154018c3e2a67db6d9dc24c8415d12f6878837d75d741bf9ca51aa7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:7e:a9:3a:e2:5e:ac:e2:85:d1:8d:cc:8e:bf:
                    ad:fd:80:71:85:a2:4b:be:9f:ff:4b:96:92:54:c8:
                    4a:2f:43:a5:62:9a:13:6e:ac:f2:c5:98:b9:5f:6b:
                    6b:03:50:13:a0:42:22:a4:8e:18:ed:28:0b:a4:d8:
                    91:f3:7c:4c:be:7c:77:89:2f:f6:7d:44:a1:60:e6:
                    7d:fa:e8:de:cc:15:9b:dd:76:4b:5a:f2:66:de:ff:
                    70:1f:c3:64:62:60:35:0b:1b:ef:57:ef:37:78:e0:
                    e6:72:00:2d:fa:57:fc:dd:da:2c:4a:85:f4:5c:de:
                    1b:3d:c9:e8:24:d3:e6:84:7e:ed:3c:57:b5:8f:49:
                    f4:f7:82:34:14:3a:87:e9:aa:d3:8e:97:84:aa:f9:
                    d8:63:1e:f6:4f:22:ea:cd:46:be:b7:c3:54:98:99:
                    f3:23:57:f1:c8:de:b0:e3:84:46:56:93:33:1d:e2:
                    6a:c5:d6:18:67:03:dd:72:7a:2f:a9:10:7d:f8:41:
                    ad:11:83:a4:94:70:d5:b0:6d:6d:aa:c1:29:24:8b:
                    b1:a3:65:0b:27:79:bc:12:bb:db:83:c3:ec:1a:a0:
                    bf:70:f7:e1:5d:03:20:07:2e:a4:a8:83:93:8d:ae:
                    ed:18:66:7b:e7:49:12:48:ab:c6:2d:4b:0a:e9:56:
                    9a:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:07:EF:2A:8F:38:D9:08:FF:FC:68:51:79:7B:B7:EE:9D:7A:C6:6B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/34ca87d7-ed62-4445-a114-bd33a654a75d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.229.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         bd:4e:81:68:b7:93:ae:46:93:70:55:78:50:58:2e:7f:ab:f8:
         50:94:f8:d9:4a:0f:15:7f:f5:5e:51:a7:b9:62:81:53:fb:a4:
         07:8e:3b:da:14:df:7c:4a:07:f6:08:4e:15:f1:98:9b:95:e9:
         8a:97:df:f4:cd:c6:5c:00:04:8a:cf:5d:02:19:62:61:19:19:
         39:6e:d6:4b:f3:12:30:97:55:34:f6:00:81:e6:63:81:c7:c6:
         a2:5a:d3:ae:39:9f:b5:92:2b:66:9c:00:7f:34:5b:89:0c:60:
         71:5b:8e:fe:85:bb:40:ec:23:1d:2e:ec:cd:64:e9:ce:2f:04:
         fc:83:b4:aa:a5:3e:99:0e:34:7a:c4:72:22:24:9a:ba:67:78:
         cf:2d:e2:24:86:c1:96:e6:84:fc:a9:ff:f6:c9:f8:7e:a2:92:
         57:f2:48:e2:8b:40:6f:61:28:c5:21:50:ab:e0:b1:ce:25:92:
         af:e2:f4:c7:37:1c:51:33:a5:1c:4a:b1:8a:7b:b8:d7:99:79:
         69:b4:d5:76:45:96:2a:44:7b:2c:60:4f:1f:69:b6:b1:97:67:
         19:34:dc:a4:61:e7:00:fc:48:45:e8:06:0d:6c:2b:2e:49:f9:
         8d:c9:3d:d9:71:67:35:0a:e2:4f:80:a5:3c:44:07:d4:dd:de:
         cb:52:a4:3d
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIULGa4CMr5PnBBJ94MqeP9T1v6H7kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzE4MDAzMjA4WhcNMjUwODIyMjM1OTU5
WjB6MUkwRwYDVQQFE0AwMjZhNDFjOGIxNTQwMThjM2UyYTY3ZGI2ZDlkYzI0Yzg0
MTVkMTJmNjg3ODgzN2Q3NWQ3NDFiZjljYTUxYWE3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDYfqk64l6s4oXRjcyOv639gHGFoku+n/9LlpJUyEovQ6Vi
mhNurPLFmLlfa2sDUBOgQiKkjhjtKAuk2JHzfEy+fHeJL/Z9RKFg5n366N7MFZvd
dkta8mbe/3Afw2RiYDULG+9X7zd44OZyAC36V/zd2ixKhfRc3hs9yegk0+aEfu08
V7WPSfT3gjQUOofpqtOOl4Sq+dhjHvZPIurNRr63w1SYmfMjV/HI3rDjhEZWkzMd
4mrF1hhnA91yei+pEH34Qa0Rg6SUcNWwbW2qwSkki7GjZQsnebwSu9uDw+waoL9w
9+FdAyAHLqSog5ONru0YZnvnSRJIq8YtSwrpVpo7AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU1AfvKo842Qj//GhReXu37p16xmswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM0Y2E4N2Q3LWVkNjItNDQ0NS1hMTE0LWJkMzNhNjU0YTc1ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA45TANBgkqhkiG9w0BAQsFAAOCAQEAvU6BaLeTrkaTcFV4UFguf6v4UJT4
2UoPFX/1XlGnuWKBU/ukB4472hTffEoH9ghOFfGYm5Xpipff9M3GXAAEis9dAhli
YRkZOW7WS/MSMJdVNPYAgeZjgcfGolrTrjmftZIrZpwAfzRbiQxgcVuO/oW7QOwj
HS7szWTpzi8E/IO0qqU+mQ40esRyIiSaumd4zy3iJIbBluaE/Kn/9sn4fqKSV/JI
4otAb2EoxSFQq+CxziWSr+L0xzccUTOlHEqxinu415l5abTVdkWWKkR7LGBPH2m2
sZdnGTTcpGHnAPxIRegGDWwrLkn5jck92XFnNQriT4ClPEQH1N3ey1KkPQ==
-----END CERTIFICATE-----
Generated at Mon Jul 21 18:13:12 2025 by rpki-client