Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3aa2483a-0310-4f8b-813f-9aa1272e40a8.roa
File:                     3aa2483a-0310-4f8b-813f-9aa1272e40a8.roa (raw, json)
Hash identifier:          iXTkEzGQEHZzVGwMyr9CEvbRjniRMRSzvaCrwUJHkIM=
Subject key identifier:   01:A2:A7:BB:BA:A2:DF:8C:72:DD:02:E2:8F:E3:9B:2E:05:7D:2C:71
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7DF66DDB928F892204BCE61669A73039C22D8550
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3aa2483a-0310-4f8b-813f-9aa1272e40a8.roa
Signing time:             Tue 08 Jul 2025 00:40:29 +0000
ROA not before:           Tue 08 Jul 2025 00:40:29 +0000
ROA not after:            Tue 12 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        16.56.0.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:f6:6d:db:92:8f:89:22:04:bc:e6:16:69:a7:30:39:c2:2d:85:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  8 00:40:29 2025 GMT
            Not After : Aug 12 23:59:59 2025 GMT
        Subject: serialNumber=8c5c3276c36fc3feae0f7c626f1f154af07d307252288813a5231e8eb0236863, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:2b:f4:82:5b:5c:9b:8b:02:0c:45:d9:07:d3:
                    76:20:50:e3:96:24:7a:35:bd:18:e2:fb:2c:52:b4:
                    33:c8:8f:30:d6:88:02:76:8e:71:cf:a0:1f:e2:1a:
                    de:4d:1d:b2:df:cd:e9:7c:2b:98:a2:dc:e9:4a:0c:
                    bd:80:9a:2a:e1:03:80:16:b2:ed:1c:4b:88:20:39:
                    3f:2c:5a:a6:76:3f:2d:fd:84:85:18:1e:02:63:db:
                    f7:4f:38:3e:10:05:03:93:da:70:43:f1:be:00:e2:
                    e2:8f:49:9e:de:75:fa:d5:ab:06:2e:5b:a6:c8:21:
                    c8:9c:88:66:7b:63:dd:00:98:16:88:01:01:8e:d5:
                    d9:05:b5:c3:8d:a6:dc:f8:ac:70:9e:b8:fa:6f:b6:
                    3f:93:33:46:58:4f:11:df:b0:52:dc:6c:e8:9d:85:
                    ec:d4:82:17:c8:bc:2a:03:b9:fc:da:9b:bf:14:25:
                    f0:43:aa:5c:b7:ea:ad:cf:13:7c:c2:fa:5a:72:68:
                    a4:5f:7e:7d:4d:cb:e8:f2:19:97:9a:00:4c:96:b3:
                    07:27:2c:85:8d:cf:55:21:4f:55:d5:c5:77:a0:f5:
                    dc:e1:03:55:c8:f6:37:ea:14:a7:8e:25:0e:82:31:
                    0f:ca:07:85:b0:85:d6:3c:59:e1:59:05:bb:ce:a6:
                    08:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:A2:A7:BB:BA:A2:DF:8C:72:DD:02:E2:8F:E3:9B:2E:05:7D:2C:71
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3aa2483a-0310-4f8b-813f-9aa1272e40a8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.56.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         6c:b7:d5:29:11:70:50:f4:06:51:82:be:65:45:03:9d:de:8c:
         07:19:b3:f1:84:7c:db:3f:3e:60:ee:79:b3:b5:d4:95:88:60:
         55:5b:80:26:55:32:99:02:58:16:8a:f9:54:00:bf:db:6f:df:
         dd:83:0d:e8:5d:dd:4a:cc:2d:07:08:61:d9:64:97:96:4b:17:
         94:49:29:68:7f:a9:57:ae:b3:07:88:2b:fa:78:91:2b:69:8c:
         7a:33:63:bc:93:99:6e:5b:cb:5f:f4:28:1a:d8:fe:e3:8e:dc:
         14:5c:b6:6c:f6:0f:42:0a:1f:c2:f0:12:a9:c3:36:45:19:f9:
         fa:68:e3:e3:dd:4e:e9:f4:2f:df:9a:97:7b:8e:48:03:1e:a8:
         90:77:e1:d8:99:a6:60:70:ad:61:9b:d0:2c:57:27:7f:28:75:
         b0:74:5a:df:da:95:95:bb:87:d4:ed:1a:b6:8d:71:f0:03:7c:
         94:a8:43:63:27:8e:11:da:e8:58:3b:81:a5:b5:47:dd:ac:48:
         fb:25:e2:88:f9:50:b9:ce:8d:56:a0:ff:4d:70:e9:a9:55:4c:
         96:6c:d9:13:9c:4e:0c:d4:16:6c:9b:f7:07:c8:87:2b:06:6d:
         5e:25:ec:31:40:09:5e:d5:08:25:42:0e:3b:f1:cf:bf:1c:20:
         d8:ef:32:5d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUffZt25KPiSIEvOYWaacwOcIthVAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA4MDA0MDI5WhcNMjUwODEyMjM1OTU5
WjB6MUkwRwYDVQQFE0A4YzVjMzI3NmMzNmZjM2ZlYWUwZjdjNjI2ZjFmMTU0YWYw
N2QzMDcyNTIyODg4MTNhNTIzMWU4ZWIwMjM2ODYzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDOK/SCW1ybiwIMRdkH03YgUOOWJHo1vRji+yxStDPIjzDW
iAJ2jnHPoB/iGt5NHbLfzel8K5ii3OlKDL2AmirhA4AWsu0cS4ggOT8sWqZ2Py39
hIUYHgJj2/dPOD4QBQOT2nBD8b4A4uKPSZ7edfrVqwYuW6bIIciciGZ7Y90AmBaI
AQGO1dkFtcONptz4rHCeuPpvtj+TM0ZYTxHfsFLcbOidhezUghfIvCoDufzam78U
JfBDqly36q3PE3zC+lpyaKRffn1Ny+jyGZeaAEyWswcnLIWNz1UhT1XVxXeg9dzh
A1XI9jfqFKeOJQ6CMQ/KB4WwhdY8WeFZBbvOpgiNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUAaKnu7qi34xy3QLij+ObLgV9LHEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNhYTI0ODNhLTAzMTAtNGY4Yi04MTNmLTlhYTEyNzJlNDBhOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAYQOAAwDQYJKoZIhvcNAQELBQADggEBAGy31SkRcFD0BlGCvmVFA53ejAcZ
s/GEfNs/PmDuebO11JWIYFVbgCZVMpkCWBaK+VQAv9tv392DDehd3UrMLQcIYdlk
l5ZLF5RJKWh/qVeusweIK/p4kStpjHozY7yTmW5by1/0KBrY/uOO3BRctmz2D0IK
H8LwEqnDNkUZ+fpo4+PdTun0L9+al3uOSAMeqJB34diZpmBwrWGb0CxXJ38odbB0
Wt/alZW7h9TtGraNcfADfJSoQ2MnjhHa6Fg7gaW1R92sSPsl4oj5ULnOjVag/01w
6alVTJZs2ROcTgzUFmyb9wfIhysGbV4l7DFACV7VCCVCDjvxz78cINjvMl0=
-----END CERTIFICATE-----
Generated at Mon Jul 21 18:13:27 2025 by rpki-client