Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/41a012c8-f13b-4d84-8fb0-ec582723cddf.roa
File:                     41a012c8-f13b-4d84-8fb0-ec582723cddf.roa (raw, json)
Hash identifier:          n5a3ujvqij47W81zjdHQNfYDy+goPj9viB4LCz/x5Ow=
Subject key identifier:   D3:38:AC:0F:3E:EA:2C:25:8B:94:B6:54:E8:23:64:94:76:0B:D3:C8
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3858D36CF2D813D7C58D24C8CDCD164378721096
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/41a012c8-f13b-4d84-8fb0-ec582723cddf.roa
Signing time:             Sat 19 Jul 2025 00:41:48 +0000
ROA not before:           Sat 19 Jul 2025 00:41:48 +0000
ROA not after:            Sat 23 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        99.77.254.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:58:d3:6c:f2:d8:13:d7:c5:8d:24:c8:cd:cd:16:43:78:72:10:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 19 00:41:48 2025 GMT
            Not After : Aug 23 23:59:59 2025 GMT
        Subject: serialNumber=8f792021feda1a9d814a94e737525494f0a8675394132066d2fd6c3432f54319, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:7f:c8:66:6e:c3:f5:cb:46:14:7d:1d:47:f2:
                    14:33:d1:02:82:35:4b:de:d7:fd:4b:b3:5b:4b:49:
                    01:93:f7:f5:dc:9d:26:83:9c:5f:bb:b3:65:43:31:
                    2b:95:a1:db:77:8c:b0:2a:7f:db:68:a1:35:0f:87:
                    c5:09:10:18:fb:66:ed:cb:30:7c:cc:37:4b:d3:ea:
                    cb:e4:da:53:44:07:da:4a:cb:d9:78:51:42:60:a7:
                    f8:b7:49:2e:af:29:ff:d8:f0:f8:7a:eb:05:be:08:
                    6e:50:b5:3d:60:d5:98:e4:e7:d8:e8:2f:8a:1c:61:
                    06:a5:ea:99:fd:66:4b:18:4d:8c:18:9a:47:cd:45:
                    b9:53:4e:bd:0e:33:bb:9b:2e:cd:e3:ed:fa:15:1c:
                    4c:6a:7f:f6:cd:46:0f:83:7b:cf:75:58:11:31:11:
                    9f:f4:30:ac:77:c1:83:5f:37:fc:2d:e5:59:d9:a1:
                    7e:c8:4e:ee:fe:0f:69:0b:a3:eb:e5:76:d9:7c:0f:
                    d6:76:10:47:62:5c:19:57:82:e1:75:23:80:b5:81:
                    71:fa:fa:2d:68:29:89:da:f6:13:6d:6e:e2:61:c0:
                    a6:e5:ef:41:eb:e1:c8:0c:a0:03:ba:7c:7c:90:4e:
                    ff:dd:f7:ab:eb:66:5f:53:5b:10:b0:45:0c:3f:f0:
                    01:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:38:AC:0F:3E:EA:2C:25:8B:94:B6:54:E8:23:64:94:76:0B:D3:C8
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/41a012c8-f13b-4d84-8fb0-ec582723cddf.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.254.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c9:70:c1:7c:17:b2:cb:46:f0:ea:17:8a:09:93:16:e0:a2:73:
         17:ac:c2:fc:b5:04:af:a5:49:25:16:9c:6e:ff:a4:a7:44:3a:
         ac:93:ba:f7:87:71:cd:94:f5:00:d5:39:85:1b:38:7b:8a:d4:
         d3:42:7b:a3:67:6c:98:3f:21:07:9e:59:ff:07:b1:99:42:9c:
         26:59:ee:29:d0:9f:32:f8:94:fc:02:8b:c1:87:aa:d9:3d:a9:
         40:c9:81:2c:ac:3e:30:1a:4d:2e:9c:d0:e9:32:3f:36:85:80:
         c6:2e:7a:3b:b6:47:73:bd:7f:84:36:b0:6e:9c:b9:62:7a:cd:
         5a:44:13:f4:4f:0a:73:9b:a1:5e:2a:be:9c:61:f5:a8:53:e1:
         80:7f:2a:2b:fa:df:06:bd:3a:6c:be:b2:9a:5e:f9:6d:55:3d:
         98:17:16:4d:9a:10:6b:bb:b3:61:31:bf:95:70:d7:b9:4d:53:
         f2:e3:9f:58:b0:18:bc:27:be:3e:33:39:94:1d:7e:ac:8d:bb:
         e3:47:07:40:8b:e7:91:a4:c1:67:01:e6:20:ca:9b:6b:22:4f:
         d2:19:5e:24:4d:d2:06:1c:30:7d:cc:07:7a:a2:04:70:d8:34:
         f6:73:22:30:e2:35:73:2a:5c:fa:66:e4:5c:84:ec:e9:77:76:
         e1:e8:25:a7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUOFjTbPLYE9fFjSTIzc0WQ3hyEJYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzE5MDA0MTQ4WhcNMjUwODIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A4Zjc5MjAyMWZlZGExYTlkODE0YTk0ZTczNzUyNTQ5NGYw
YTg2NzUzOTQxMzIwNjZkMmZkNmMzNDMyZjU0MzE5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7f8hmbsP1y0YUfR1H8hQz0QKCNUve1/1Ls1tLSQGT9/Xc
nSaDnF+7s2VDMSuVodt3jLAqf9tooTUPh8UJEBj7Zu3LMHzMN0vT6svk2lNEB9pK
y9l4UUJgp/i3SS6vKf/Y8Ph66wW+CG5QtT1g1Zjk59joL4ocYQal6pn9ZksYTYwY
mkfNRblTTr0OM7ubLs3j7foVHExqf/bNRg+De891WBExEZ/0MKx3wYNfN/wt5VnZ
oX7ITu7+D2kLo+vldtl8D9Z2EEdiXBlXguF1I4C1gXH6+i1oKYna9hNtbuJhwKbl
70Hr4cgMoAO6fHyQTv/d96vrZl9TWxCwRQw/8AHFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU0zisDz7qLCWLlLZU6CNklHYL08gwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQxYTAxMmM4LWYxM2ItNGQ4NC04ZmIwLWVjNTgyNzIzY2RkZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTf4wDQYJKoZIhvcNAQELBQADggEBAMlwwXwXsstG8OoXigmTFuCicxes
wvy1BK+lSSUWnG7/pKdEOqyTuveHcc2U9QDVOYUbOHuK1NNCe6NnbJg/IQeeWf8H
sZlCnCZZ7inQnzL4lPwCi8GHqtk9qUDJgSysPjAaTS6c0OkyPzaFgMYueju2R3O9
f4Q2sG6cuWJ6zVpEE/RPCnOboV4qvpxh9ahT4YB/Kiv63wa9Omy+sppe+W1VPZgX
Fk2aEGu7s2Exv5Vw17lNU/Ljn1iwGLwnvj4zOZQdfqyNu+NHB0CL55GkwWcB5iDK
m2siT9IZXiRN0gYcMH3MB3qiBHDYNPZzIjDiNXMqXPpm5FyE7Ol3duHoJac=
-----END CERTIFICATE-----
Generated at Mon Jul 21 18:13:16 2025 by rpki-client