Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5844a683-ead5-4539-93f4-a3ed7fa6a0c3.roa
File:                     5844a683-ead5-4539-93f4-a3ed7fa6a0c3.roa (raw, json)
Hash identifier:          kb6bHjhy7a5qr090cFgK+oEXXTycsaVzQb0Rrd6vTrk=
Subject key identifier:   80:C0:F2:9A:8A:B8:86:53:E0:17:31:86:02:6A:D8:3D:57:10:A8:28
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       75195743A42742A26A216707A98163101E3DDF84
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5844a683-ead5-4539-93f4-a3ed7fa6a0c3.roa
Signing time:             Tue 08 Jul 2025 15:12:21 +0000
ROA not before:           Tue 08 Jul 2025 15:12:21 +0000
ROA not after:            Tue 12 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.50.0.0/15 maxlen: 15
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:19:57:43:a4:27:42:a2:6a:21:67:07:a9:81:63:10:1e:3d:df:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  8 15:12:21 2025 GMT
            Not After : Aug 12 23:59:59 2025 GMT
        Subject: serialNumber=a5e98e29a5bc25f0c425d5afb02a4fc5a32ebed2b5da7a257e36e6db2b81c00e, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:69:0a:bc:40:83:01:21:77:0c:58:f4:32:f1:
                    46:88:17:0f:e9:55:c4:c6:cc:cf:6a:f6:b9:cc:e0:
                    a5:c0:25:ed:e3:94:a1:92:bc:6f:ba:66:2d:d8:b3:
                    92:b1:dd:54:83:cb:7a:1e:53:85:f4:82:1a:64:6b:
                    12:59:c4:30:61:81:e6:86:f6:d9:73:f8:7a:51:a0:
                    3f:ad:0c:46:88:bd:55:56:78:3c:b8:c7:18:12:f6:
                    2b:fe:31:35:71:1b:93:85:40:fe:f5:da:86:02:35:
                    6f:48:47:60:a6:8e:fb:97:27:a5:5a:90:b9:f2:0c:
                    4d:42:c6:4f:51:04:8c:8c:f0:58:8d:5f:7e:0d:61:
                    d9:bc:de:45:f2:dd:cc:de:da:d0:62:57:54:d1:42:
                    63:c8:99:c5:a1:fa:07:45:a9:ea:54:a9:08:b5:86:
                    dc:11:73:00:37:48:05:86:87:a2:79:9f:9a:2a:a2:
                    fe:08:6b:e4:fe:9f:77:d3:11:02:fe:73:a8:3f:f7:
                    3b:d9:d2:0e:d6:05:b7:7e:4e:35:09:8f:66:20:6c:
                    57:64:a5:69:55:e6:15:76:39:80:83:73:59:ab:8e:
                    fa:ac:74:29:5f:b1:6c:65:07:7e:3b:02:25:49:78:
                    91:d9:a6:c3:8a:f0:f5:fa:0a:68:21:95:21:0d:8a:
                    05:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:C0:F2:9A:8A:B8:86:53:E0:17:31:86:02:6A:D8:3D:57:10:A8:28
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5844a683-ead5-4539-93f4-a3ed7fa6a0c3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.50.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         27:2d:72:c7:5b:ec:51:17:a7:cd:ee:55:fd:60:e6:8c:b4:18:
         1a:59:dc:0e:0e:90:34:b1:67:ad:9b:c5:fd:20:17:75:30:9b:
         7e:a1:c9:f1:8d:4e:71:90:00:fb:54:92:78:14:b7:64:49:d3:
         86:86:33:86:38:4a:63:e0:54:4c:d3:a0:0a:22:4b:88:32:bf:
         0d:35:bd:a3:49:27:b8:ad:87:41:49:67:52:62:d7:30:f7:bb:
         f9:19:a3:ee:b0:15:e9:eb:96:1f:2e:4f:6e:60:c8:c6:d7:56:
         ff:3f:58:3f:1a:79:e2:80:02:1f:9a:2f:06:3c:2a:70:9c:c4:
         6f:17:98:8d:26:d2:66:2a:2a:30:b3:fc:49:00:40:6d:10:8c:
         3a:bb:1a:a2:ab:69:c0:f4:8b:75:70:bc:b4:ff:5d:2d:bb:06:
         fa:a2:47:95:3f:8b:fa:71:ed:7c:8c:59:b4:15:0d:63:8c:13:
         3e:6e:ce:c0:24:1f:c8:14:4f:8d:73:ee:b3:8b:2c:a8:65:80:
         9a:2f:2f:76:68:7f:73:a7:ed:39:ae:fe:e2:7b:85:5f:82:14:
         13:31:6d:61:cd:ec:8e:ed:a4:f7:92:90:2d:29:bf:6f:51:86:
         71:11:12:c6:1e:fb:c5:38:31:de:9e:75:13:12:98:e0:ff:e3:
         8c:32:07:53
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUdRlXQ6QnQqJqIWcHqYFjEB4934QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA4MTUxMjIxWhcNMjUwODEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BhNWU5OGUyOWE1YmMyNWYwYzQyNWQ1YWZiMDJhNGZjNWEz
MmViZWQyYjVkYTdhMjU3ZTM2ZTZkYjJiODFjMDBlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDvaQq8QIMBIXcMWPQy8UaIFw/pVcTGzM9q9rnM4KXAJe3j
lKGSvG+6Zi3Ys5Kx3VSDy3oeU4X0ghpkaxJZxDBhgeaG9tlz+HpRoD+tDEaIvVVW
eDy4xxgS9iv+MTVxG5OFQP712oYCNW9IR2CmjvuXJ6VakLnyDE1Cxk9RBIyM8FiN
X34NYdm83kXy3cze2tBiV1TRQmPImcWh+gdFqepUqQi1htwRcwA3SAWGh6J5n5oq
ov4Ia+T+n3fTEQL+c6g/9zvZ0g7WBbd+TjUJj2YgbFdkpWlV5hV2OYCDc1mrjvqs
dClfsWxlB347AiVJeJHZpsOK8PX6CmghlSENigVNAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUgMDymoq4hlPgFzGGAmrYPVcQqCgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzU4NDRhNjgzLWVhZDUtNDUzOS05M2Y0LWEzZWQ3ZmE2YTBjMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEQMjANBgkqhkiG9w0BAQsFAAOCAQEAJy1yx1vsURenze5V/WDmjLQYGlnc
Dg6QNLFnrZvF/SAXdTCbfqHJ8Y1OcZAA+1SSeBS3ZEnThoYzhjhKY+BUTNOgCiJL
iDK/DTW9o0knuK2HQUlnUmLXMPe7+Rmj7rAV6euWHy5PbmDIxtdW/z9YPxp54oAC
H5ovBjwqcJzEbxeYjSbSZioqMLP8SQBAbRCMOrsaoqtpwPSLdXC8tP9dLbsG+qJH
lT+L+nHtfIxZtBUNY4wTPm7OwCQfyBRPjXPus4ssqGWAmi8vdmh/c6ftOa7+4nuF
X4IUEzFtYc3sju2k95KQLSm/b1GGcRESxh77xTgx3p51ExKY4P/jjDIHUw==
-----END CERTIFICATE-----
Generated at Mon Jul 21 18:13:23 2025 by rpki-client