Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3defa9e3-2d3f-47d8-99cd-631d15fa9397.roa
File:                     3defa9e3-2d3f-47d8-99cd-631d15fa9397.roa (raw, json)
Hash identifier:          4UPeeiRu8PvKZ9NG4zI+FTymHYkvMD/yKl+v6wTSeQ0=
Subject key identifier:   25:79:35:7B:63:6F:28:1D:0B:63:00:8E:A8:58:BA:A9:22:70:A6:38
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       138ED66D642FE00F68FB0BE022B09B16627BA21D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3defa9e3-2d3f-47d8-99cd-631d15fa9397.roa
Signing time:             Wed 09 Jul 2025 00:40:14 +0000
ROA not before:           Wed 09 Jul 2025 00:40:14 +0000
ROA not after:            Wed 13 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        23.254.0.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 22 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:8e:d6:6d:64:2f:e0:0f:68:fb:0b:e0:22:b0:9b:16:62:7b:a2:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  9 00:40:14 2025 GMT
            Not After : Aug 13 23:59:59 2025 GMT
        Subject: serialNumber=7d1789e7945351245c7fe54c442171fc83457b9d74b2cd509c0a661b260f2ef8, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:64:b7:9b:f5:55:0b:76:c1:40:2c:2c:a3:90:
                    13:f8:55:b6:c2:33:12:4e:43:1b:e1:88:c9:3f:c4:
                    ac:ad:9a:da:5c:a9:6e:fe:b3:90:26:6d:18:34:32:
                    0b:07:1a:a8:22:7f:d9:75:73:e8:76:19:6d:09:f2:
                    2f:30:b1:bc:a6:25:70:04:0b:c9:a6:02:8d:5c:68:
                    38:85:1b:d6:59:6c:bd:b1:ac:cd:27:30:72:f6:34:
                    30:28:7c:cd:8d:37:d1:cb:b4:67:22:f3:a5:b9:f9:
                    94:1a:5f:f5:4b:e6:21:61:15:6d:e2:f2:43:32:51:
                    17:73:c4:b4:6a:23:b7:cf:8b:fb:97:83:63:ba:ab:
                    5b:fd:f7:12:f7:24:1a:14:21:3e:ee:6b:e8:87:c4:
                    99:4c:96:49:54:b4:68:32:63:46:97:01:01:61:a6:
                    82:1f:56:28:0e:62:b2:69:58:c0:23:db:bd:b3:e2:
                    c5:9e:8b:44:45:a3:8a:4e:3a:21:68:bc:96:16:eb:
                    e8:af:95:36:7f:1b:f8:e5:b8:49:0a:64:05:74:ec:
                    b1:3d:0b:f3:46:66:a0:ce:05:89:4c:b6:ff:f7:53:
                    1f:c5:53:51:88:95:82:2d:3f:a4:00:11:2f:25:5a:
                    24:bb:57:f6:af:49:da:df:9d:2d:87:b7:c0:f6:6c:
                    58:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:79:35:7B:63:6F:28:1D:0B:63:00:8E:A8:58:BA:A9:22:70:A6:38
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3defa9e3-2d3f-47d8-99cd-631d15fa9397.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.254.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         57:f4:bf:14:a1:64:c6:06:40:35:ce:6a:1f:de:4b:58:fa:ca:
         74:c5:c0:6b:b0:05:c9:96:1b:94:71:16:d5:ee:50:1e:07:f3:
         70:73:c5:32:62:3f:5f:67:c3:47:be:59:ba:3f:c0:fc:80:60:
         37:f7:3c:6d:6c:c7:6e:38:7c:19:30:68:41:88:5b:0c:27:04:
         69:05:de:94:60:0f:6b:13:86:4b:b3:0a:43:7e:64:78:77:e7:
         8d:15:52:59:ae:9a:80:ad:a6:9f:b0:2a:97:81:43:80:08:7a:
         cf:2f:20:ed:08:6f:6e:e0:0a:e8:2b:de:ed:ab:0d:c6:e9:1c:
         d7:2f:0f:8c:cd:d5:39:66:0b:25:bf:89:98:9c:19:12:fb:c6:
         58:fe:df:aa:e1:6d:d2:5c:6a:da:4b:bb:cb:48:35:b7:fe:a5:
         44:0f:95:4f:67:b1:69:43:1d:cf:60:07:55:ac:4b:03:2a:0f:
         98:d0:eb:e6:a9:b2:f9:11:99:c1:24:84:c3:e0:31:00:cf:80:
         9e:11:b1:2e:fb:04:a0:e2:a8:1d:d1:b2:24:63:53:a2:95:49:
         13:e1:40:3d:48:d7:d4:15:b2:98:03:26:87:0f:af:a9:10:7a:
         4d:78:9d:07:3f:89:7f:cd:a8:69:c5:da:d6:26:da:55:20:23:
         2f:c4:64:5c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUE47WbWQv4A9o+wvgIrCbFmJ7oh0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA5MDA0MDE0WhcNMjUwODEzMjM1OTU5
WjB6MUkwRwYDVQQFE0A3ZDE3ODllNzk0NTM1MTI0NWM3ZmU1NGM0NDIxNzFmYzgz
NDU3YjlkNzRiMmNkNTA5YzBhNjYxYjI2MGYyZWY4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCqZLeb9VULdsFALCyjkBP4VbbCMxJOQxvhiMk/xKytmtpc
qW7+s5AmbRg0MgsHGqgif9l1c+h2GW0J8i8wsbymJXAEC8mmAo1caDiFG9ZZbL2x
rM0nMHL2NDAofM2NN9HLtGci86W5+ZQaX/VL5iFhFW3i8kMyURdzxLRqI7fPi/uX
g2O6q1v99xL3JBoUIT7ua+iHxJlMlklUtGgyY0aXAQFhpoIfVigOYrJpWMAj272z
4sWei0RFo4pOOiFovJYW6+ivlTZ/G/jluEkKZAV07LE9C/NGZqDOBYlMtv/3Ux/F
U1GIlYItP6QAES8lWiS7V/avSdrfnS2Ht8D2bFhzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUJXk1e2NvKB0LYwCOqFi6qSJwpjgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNkZWZhOWUzLTJkM2YtNDdkOC05OWNkLTYzMWQxNWZhOTM5Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIX/gAwDQYJKoZIhvcNAQELBQADggEBAFf0vxShZMYGQDXOah/eS1j6ynTF
wGuwBcmWG5RxFtXuUB4H83BzxTJiP19nw0e+Wbo/wPyAYDf3PG1sx244fBkwaEGI
WwwnBGkF3pRgD2sThkuzCkN+ZHh3540VUlmumoCtpp+wKpeBQ4AIes8vIO0Ib27g
Cugr3u2rDcbpHNcvD4zN1TlmCyW/iZicGRL7xlj+36rhbdJcatpLu8tINbf+pUQP
lU9nsWlDHc9gB1WsSwMqD5jQ6+apsvkRmcEkhMPgMQDPgJ4RsS77BKDiqB3RsiRj
U6KVSRPhQD1I19QVspgDJocPr6kQek14nQc/iX/NqGnF2tYm2lUgIy/EZFw=
-----END CERTIFICATE-----
Generated at Mon Jul 21 18:13:12 2025 by rpki-client