Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5d320e18-80dd-458b-8f6d-e32930215df8.roa
File:                     5d320e18-80dd-458b-8f6d-e32930215df8.roa (raw, json)
Hash identifier:          8iFnapBnGEGfmoTZ/TnRVIoJc7ovFm18fOa2YsrLqDk=
Subject key identifier:   DF:22:C4:29:35:DD:AE:F2:23:91:D6:56:01:24:03:94:72:47:E7:AE
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5B593D4E6B17E4811E367F17ACECF00ADAFB47E6
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5d320e18-80dd-458b-8f6d-e32930215df8.roa
Signing time:             Mon 07 Jul 2025 16:11:11 +0000
ROA not before:           Mon 07 Jul 2025 16:11:11 +0000
ROA not after:            Mon 11 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.197.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:59:3d:4e:6b:17:e4:81:1e:36:7f:17:ac:ec:f0:0a:da:fb:47:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  7 16:11:11 2025 GMT
            Not After : Aug 11 23:59:59 2025 GMT
        Subject: serialNumber=c9d919f73fe7f3bee59a5a955c99850bd6328305b14656942cbb37756e91ad36, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:89:5f:47:e1:e0:d2:66:36:13:b5:99:a1:f7:
                    9e:23:f2:da:a1:09:04:52:1c:d9:44:b2:75:1e:f5:
                    8b:40:f3:51:ee:3e:5b:8a:e2:90:ce:fa:3f:56:b5:
                    6f:b0:e9:f1:1c:fd:64:f2:da:9d:a0:a8:1f:d9:63:
                    22:b7:7c:c1:b3:d0:63:fb:ee:e6:94:eb:95:26:2d:
                    2e:24:86:48:de:a5:d4:9c:5f:9c:d9:82:45:75:9e:
                    ce:bc:99:34:e3:c1:45:ce:41:86:be:c5:d9:a8:cc:
                    fb:00:ce:d2:fe:2a:70:72:54:a6:e6:fd:90:a1:37:
                    cc:e6:90:52:c5:c6:32:04:8e:4f:20:6c:25:8c:a8:
                    28:0b:49:98:7a:6c:4e:55:33:ff:78:3d:d6:4d:19:
                    53:d0:b0:03:40:79:b3:d3:bb:0f:8f:70:5c:f7:e9:
                    0c:4e:0d:0c:3d:d1:b2:f0:b1:74:87:06:06:f1:4e:
                    1b:05:3a:8c:1c:13:0f:88:cf:87:93:34:21:e0:e6:
                    d1:c6:bf:5c:f5:2b:10:bd:bd:c0:5c:97:83:3c:bc:
                    54:62:09:dc:b9:88:75:72:16:b0:48:f2:b3:9b:68:
                    47:3f:e6:91:24:24:95:57:cf:25:76:08:f1:4c:37:
                    6e:8e:09:fb:b9:d2:9f:4d:28:4e:78:0c:fd:f9:1b:
                    12:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:22:C4:29:35:DD:AE:F2:23:91:D6:56:01:24:03:94:72:47:E7:AE
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5d320e18-80dd-458b-8f6d-e32930215df8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.197.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         a0:44:40:7a:65:36:cc:23:af:e4:96:77:69:94:73:0d:6f:15:
         e3:25:72:a3:61:d1:b9:ff:c9:07:56:06:91:35:ad:7a:6b:87:
         aa:00:36:09:71:2d:ea:c7:34:6d:c7:4a:88:2d:fd:c1:ab:8f:
         ce:f6:d3:6b:fa:77:9e:f8:dc:53:04:ff:e7:63:70:c1:8c:fc:
         63:ab:6f:e1:a9:dc:79:ea:c2:3b:72:76:49:9c:84:0a:13:b9:
         b3:d1:3e:e8:51:b7:32:38:f1:b9:b8:7e:01:bf:e0:fa:3d:e8:
         f6:19:4b:77:cc:52:d8:73:06:db:25:fc:5a:49:50:f7:24:18:
         c4:76:a5:52:f6:72:4b:65:e7:3d:03:57:1d:06:69:30:ba:43:
         47:53:b9:0f:5f:7a:30:5d:e6:d2:89:0c:3e:93:cf:05:e0:08:
         03:84:de:88:b3:96:9f:74:98:16:d7:3f:4e:88:bb:8c:0b:9f:
         d2:40:0a:db:7a:7d:b7:93:cb:66:0e:a7:b8:16:31:b8:f3:30:
         d5:89:31:eb:d2:c4:b7:ec:eb:7d:ff:ed:e7:0f:67:b5:d5:2d:
         d9:a3:1f:8e:c9:cd:90:5d:be:e5:71:65:46:a9:fb:8d:27:82:
         97:5f:a5:d2:74:e4:86:dd:7a:9c:0b:a1:56:65:b0:e4:04:38:
         5d:63:4e:38
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUW1k9TmsX5IEeNn8XrOzwCtr7R+YwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA3MTYxMTExWhcNMjUwODExMjM1OTU5
WjB6MUkwRwYDVQQFE0BjOWQ5MTlmNzNmZTdmM2JlZTU5YTVhOTU1Yzk5ODUwYmQ2
MzI4MzA1YjE0NjU2OTQyY2JiMzc3NTZlOTFhZDM2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCgiV9H4eDSZjYTtZmh954j8tqhCQRSHNlEsnUe9YtA81Hu
PluK4pDO+j9WtW+w6fEc/WTy2p2gqB/ZYyK3fMGz0GP77uaU65UmLS4khkjepdSc
X5zZgkV1ns68mTTjwUXOQYa+xdmozPsAztL+KnByVKbm/ZChN8zmkFLFxjIEjk8g
bCWMqCgLSZh6bE5VM/94PdZNGVPQsANAebPTuw+PcFz36QxODQw90bLwsXSHBgbx
ThsFOowcEw+Iz4eTNCHg5tHGv1z1KxC9vcBcl4M8vFRiCdy5iHVyFrBI8rObaEc/
5pEkJJVXzyV2CPFMN26OCfu50p9NKE54DP35GxKdAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU3yLEKTXdrvIjkdZWASQDlHJH564wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzVkMzIwZTE4LTgwZGQtNDU4Yi04ZjZkLWUzMjkzMDIxNWRmOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQxTANBgkqhkiG9w0BAQsFAAOCAQEAoERAemU2zCOv5JZ3aZRzDW8V4yVy
o2HRuf/JB1YGkTWtemuHqgA2CXEt6sc0bcdKiC39wauPzvbTa/p3nvjcUwT/52Nw
wYz8Y6tv4anceerCO3J2SZyEChO5s9E+6FG3Mjjxubh+Ab/g+j3o9hlLd8xS2HMG
2yX8WklQ9yQYxHalUvZyS2XnPQNXHQZpMLpDR1O5D196MF3m0okMPpPPBeAIA4Te
iLOWn3SYFtc/Toi7jAuf0kAK23p9t5PLZg6nuBYxuPMw1Ykx69LEt+zrff/t5w9n
tdUt2aMfjsnNkF2+5XFlRqn7jSeCl1+l0nTkht16nAuhVmWw5AQ4XWNOOA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:57:00 2025 by rpki-client