Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6e4df06b-3548-461b-a74c-4446484dc350.roa
File:                     6e4df06b-3548-461b-a74c-4446484dc350.roa (raw, json)
Hash identifier:          pJzP9vwnZD6ab0Z7dKT3ai9uZXBRp5bjXO7okdyx3tc=
Subject key identifier:   84:7D:B4:FE:F0:65:60:77:7F:1F:15:CB:65:3A:3C:93:4C:4D:55:94
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       745D70397688F474B67BD44F121984DEB9546426
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6e4df06b-3548-461b-a74c-4446484dc350.roa
Signing time:             Sat 19 Jul 2025 00:00:33 +0000
ROA not before:           Sat 19 Jul 2025 00:00:33 +0000
ROA not after:            Sat 23 Aug 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        16.65.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 22 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:5d:70:39:76:88:f4:74:b6:7b:d4:4f:12:19:84:de:b9:54:64:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 19 00:00:33 2025 GMT
            Not After : Aug 23 23:59:59 2025 GMT
        Subject: serialNumber=59b582e2f00f75e693856f4fa0740f74475ba5d18f565c5abcbadcbaf10993bc, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:02:41:97:5c:53:62:b4:89:65:22:3f:da:48:
                    fc:12:38:f0:c6:4d:4e:81:3c:d3:66:67:ed:3e:89:
                    a3:5a:85:a1:05:b8:6e:09:3a:a5:ff:11:08:ad:55:
                    d5:2e:fc:00:c7:24:10:03:ea:b2:0b:d1:2b:10:a5:
                    c6:13:41:12:f5:a5:e2:84:a1:c7:9e:42:cf:27:0a:
                    cb:8c:e0:1b:45:ff:cf:be:34:a9:be:d3:e8:9b:d0:
                    48:a3:3e:9d:7a:5c:a6:8e:86:ac:f5:8e:18:e3:1a:
                    f8:b7:be:e7:90:5c:38:c1:80:18:a3:c5:4d:6b:15:
                    28:0a:19:ce:1b:19:65:ff:0e:10:ae:0b:9e:b3:f1:
                    f8:35:7a:ba:c1:48:09:9e:a3:36:ad:e3:9f:9b:06:
                    b0:a3:d6:2f:1c:50:83:9e:75:33:20:cf:2a:da:90:
                    4b:2d:21:14:db:b4:44:40:a3:3b:e9:88:62:c2:6e:
                    a6:97:40:20:a4:82:4d:e2:e0:7f:07:ee:98:dd:a7:
                    43:22:d3:19:2b:e2:62:3e:08:4d:7f:82:c9:c1:e0:
                    cf:29:f2:6d:14:db:aa:cf:75:21:43:b7:0f:a6:f3:
                    73:25:c4:67:39:9b:f2:b6:4d:fb:71:54:e6:9f:ac:
                    fe:f2:ba:fe:a2:55:be:dd:17:4c:8f:00:1d:bb:46:
                    e4:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:7D:B4:FE:F0:65:60:77:7F:1F:15:CB:65:3A:3C:93:4C:4D:55:94
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6e4df06b-3548-461b-a74c-4446484dc350.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.65.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         6c:8b:30:c3:c4:a8:2f:b8:e3:1e:84:ef:db:04:90:5f:27:45:
         50:47:67:29:23:13:cb:b2:c5:ab:a3:38:17:60:6e:99:52:5a:
         cf:ee:12:3b:55:35:b1:20:c5:3d:e3:73:f1:66:f1:83:36:f3:
         ec:f8:93:f0:af:fd:ae:af:fd:89:ba:a6:7d:83:15:83:43:c4:
         cf:68:ab:c6:76:a0:eb:98:9a:4a:fa:c1:e1:53:7d:e9:46:a0:
         6a:bf:13:7f:1a:ec:65:33:f4:50:9e:35:b9:32:fc:d5:d7:9d:
         b2:9f:18:09:f3:a3:4d:2c:16:ff:97:30:58:0a:88:4b:1d:b6:
         93:75:79:29:f8:e2:e3:08:92:19:24:69:7d:ad:64:b2:a7:fa:
         af:ff:f5:e1:93:4b:0e:b7:0e:ad:a0:2a:19:e3:5d:e5:fd:34:
         b7:f4:62:b1:52:79:f9:86:78:1e:b6:07:f6:f1:43:50:6a:98:
         bc:dd:7c:9f:7a:14:47:a2:cc:df:1c:f2:8c:2f:b1:35:2a:ee:
         b7:94:33:b5:35:bd:95:03:5a:95:8b:6a:e7:ad:89:aa:a4:3f:
         67:bf:98:69:9f:35:c1:92:d2:ab:ae:e6:20:6d:3e:2a:dc:c7:
         df:9e:7a:71:bf:c5:39:04:2c:85:64:d9:5b:dc:bb:32:7d:ae:
         2f:86:1b:34
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUdF1wOXaI9HS2e9RPEhmE3rlUZCYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzE5MDAwMDMzWhcNMjUwODIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A1OWI1ODJlMmYwMGY3NWU2OTM4NTZmNGZhMDc0MGY3NDQ3
NWJhNWQxOGY1NjVjNWFiY2JhZGNiYWYxMDk5M2JjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDSAkGXXFNitIllIj/aSPwSOPDGTU6BPNNmZ+0+iaNahaEF
uG4JOqX/EQitVdUu/ADHJBAD6rIL0SsQpcYTQRL1peKEoceeQs8nCsuM4BtF/8++
NKm+0+ib0EijPp16XKaOhqz1jhjjGvi3vueQXDjBgBijxU1rFSgKGc4bGWX/DhCu
C56z8fg1errBSAmeozat45+bBrCj1i8cUIOedTMgzyrakEstIRTbtERAozvpiGLC
bqaXQCCkgk3i4H8H7pjdp0Mi0xkr4mI+CE1/gsnB4M8p8m0U26rPdSFDtw+m83Ml
xGc5m/K2TftxVOafrP7yuv6iVb7dF0yPAB27RuQHAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUhH20/vBlYHd/HxXLZTo8k0xNVZQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZlNGRmMDZiLTM1NDgtNDYxYi1hNzRjLTQ0NDY0ODRkYzM1MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQQTANBgkqhkiG9w0BAQsFAAOCAQEAbIsww8SoL7jjHoTv2wSQXydFUEdn
KSMTy7LFq6M4F2BumVJaz+4SO1U1sSDFPeNz8Wbxgzbz7PiT8K/9rq/9ibqmfYMV
g0PEz2irxnag65iaSvrB4VN96Uagar8TfxrsZTP0UJ41uTL81dedsp8YCfOjTSwW
/5cwWAqISx22k3V5Kfji4wiSGSRpfa1ksqf6r//14ZNLDrcOraAqGeNd5f00t/Ri
sVJ5+YZ4HrYH9vFDUGqYvN18n3oUR6LM3xzyjC+xNSrut5QztTW9lQNalYtq562J
qqQ/Z7+YaZ81wZLSq67mIG0+KtzH3556cb/FOQQshWTZW9y7Mn2uL4YbNA==
-----END CERTIFICATE-----
Generated at Mon Jul 21 18:13:24 2025 by rpki-client