Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/616180ed-29ae-499b-8a01-013d569d9163.roa
File:                     616180ed-29ae-499b-8a01-013d569d9163.roa (raw, json)
Hash identifier:          iFQ1cdQJfx5ux8okv6qc4VVcGItJ9+nlC7YzswBjr6Y=
Subject key identifier:   7E:7F:EC:17:48:C7:23:35:9E:F6:9D:F1:B2:DB:4B:AE:AD:EE:19:CD
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4B30BD2C1EA8C4DC153CCA804EA118812C43AC0F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/616180ed-29ae-499b-8a01-013d569d9163.roa
Signing time:             Fri 11 Jul 2025 15:00:19 +0000
ROA not before:           Fri 11 Jul 2025 15:00:19 +0000
ROA not after:            Fri 15 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        98.80.238.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:30:bd:2c:1e:a8:c4:dc:15:3c:ca:80:4e:a1:18:81:2c:43:ac:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 11 15:00:19 2025 GMT
            Not After : Aug 15 23:59:59 2025 GMT
        Subject: serialNumber=a60dc0eeaa0c8593d24d563e2d45e5cc5f7a3940861e5209a23e43630659ad35, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:66:b4:8b:ce:2c:22:e8:d4:cc:5e:b7:97:f7:
                    73:18:ca:fc:d3:17:9f:92:38:8f:9a:01:3d:50:f8:
                    2d:9a:32:61:c5:83:93:86:a5:d8:87:d7:1e:66:a4:
                    49:18:7d:16:1a:a2:92:b6:c2:6b:91:83:ce:83:63:
                    d0:31:ea:f9:85:8d:57:6b:ac:f5:32:cd:93:aa:93:
                    47:c2:0b:09:cc:8b:fc:48:49:f7:95:07:82:a2:bf:
                    86:78:e7:ec:b7:ad:c8:ea:cd:60:e7:48:07:2e:a9:
                    a6:55:5e:e5:f5:99:c1:fd:43:12:50:eb:ec:3d:54:
                    8e:f6:63:db:ee:f4:60:3b:a3:fe:eb:b1:91:ee:8c:
                    26:fa:3d:ee:c3:87:53:b4:ef:15:d7:02:28:dd:79:
                    64:1c:ec:77:38:c2:20:49:7c:6e:df:4c:07:61:82:
                    15:f5:99:f6:52:4d:40:6b:06:28:b6:73:65:33:f7:
                    6a:4e:d4:06:7d:86:c3:00:c7:f2:68:49:db:b9:47:
                    26:31:14:16:13:31:d2:11:8c:5d:ed:09:46:fb:2b:
                    7c:cf:67:3a:a3:5f:0e:e6:10:ef:54:01:6e:a3:4d:
                    ac:fa:89:80:ad:57:0d:a4:f0:30:dd:3d:49:a9:e9:
                    7b:26:15:7b:79:cc:2e:86:d0:e7:3f:b3:11:d0:b0:
                    97:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:7F:EC:17:48:C7:23:35:9E:F6:9D:F1:B2:DB:4B:AE:AD:EE:19:CD
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/616180ed-29ae-499b-8a01-013d569d9163.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  98.80.238.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9a:43:e2:54:d9:86:28:f7:c5:5a:db:1f:95:ef:60:81:6e:11:
         1d:60:0c:53:f3:83:1d:a8:9d:a5:43:52:69:88:91:50:38:55:
         97:88:c0:79:c7:9e:a3:04:34:a3:e6:8d:ec:29:88:a2:a0:35:
         d7:6d:90:bb:02:a9:ad:5d:30:e5:3d:d7:36:29:f8:33:0c:9b:
         ee:18:67:f5:6c:7e:ce:82:81:0a:74:de:1e:14:f3:fe:e9:5a:
         ec:ef:24:e4:17:5a:7e:58:5a:c8:a7:0b:0d:de:6e:c3:54:3c:
         2f:a3:31:3f:b3:00:a4:4b:61:86:dc:5c:8a:85:c8:04:79:74:
         bf:ed:35:d0:9f:4b:cd:19:61:7e:8d:12:24:b6:2f:6f:e2:d6:
         51:ad:ad:d3:81:35:52:76:65:23:97:6e:f9:c2:1d:bc:4e:a4:
         57:0a:0c:24:dd:ed:0f:a3:0b:ba:2a:0d:99:0a:11:5b:37:e8:
         1f:51:af:83:08:6f:98:c1:56:bb:68:d0:56:65:d7:75:c0:29:
         54:e3:e1:30:62:c6:86:8c:f4:33:2c:11:8f:f7:d2:82:fc:e0:
         0e:bc:b9:b6:4a:01:35:90:8c:0c:f5:55:2e:6f:ff:0d:4e:b8:
         e8:3c:a0:df:e0:9d:fd:b5:f4:6d:98:29:f8:9e:bb:ca:2e:0a:
         87:1b:46:18
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSzC9LB6oxNwVPMqATqEYgSxDrA8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzExMTUwMDE5WhcNMjUwODE1MjM1OTU5
WjB6MUkwRwYDVQQFE0BhNjBkYzBlZWFhMGM4NTkzZDI0ZDU2M2UyZDQ1ZTVjYzVm
N2EzOTQwODYxZTUyMDlhMjNlNDM2MzA2NTlhZDM1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDwZrSLziwi6NTMXreX93MYyvzTF5+SOI+aAT1Q+C2aMmHF
g5OGpdiH1x5mpEkYfRYaopK2wmuRg86DY9Ax6vmFjVdrrPUyzZOqk0fCCwnMi/xI
SfeVB4Kiv4Z45+y3rcjqzWDnSAcuqaZVXuX1mcH9QxJQ6+w9VI72Y9vu9GA7o/7r
sZHujCb6Pe7Dh1O07xXXAijdeWQc7Hc4wiBJfG7fTAdhghX1mfZSTUBrBii2c2Uz
92pO1AZ9hsMAx/JoSdu5RyYxFBYTMdIRjF3tCUb7K3zPZzqjXw7mEO9UAW6jTaz6
iYCtVw2k8DDdPUmp6XsmFXt5zC6G0Oc/sxHQsJcTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUfn/sF0jHIzWe9p3xsttLrq3uGc0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzYxNjE4MGVkLTI5YWUtNDk5Yi04YTAxLTAxM2Q1NjlkOTE2My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFiUO4wDQYJKoZIhvcNAQELBQADggEBAJpD4lTZhij3xVrbH5XvYIFuER1g
DFPzgx2onaVDUmmIkVA4VZeIwHnHnqMENKPmjewpiKKgNddtkLsCqa1dMOU91zYp
+DMMm+4YZ/Vsfs6CgQp03h4U8/7pWuzvJOQXWn5YWsinCw3ebsNUPC+jMT+zAKRL
YYbcXIqFyAR5dL/tNdCfS80ZYX6NEiS2L2/i1lGtrdOBNVJ2ZSOXbvnCHbxOpFcK
DCTd7Q+jC7oqDZkKEVs36B9Rr4MIb5jBVrto0FZl13XAKVTj4TBixoaM9DMsEY/3
0oL84A68ubZKATWQjAz1VS5v/w1OuOg8oN/gnf219G2YKfieu8ouCocbRhg=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:17:37 2025 by rpki-client