Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/712a2fc7-0d39-4161-9b91-32ead9a8c791.roa
File:                     712a2fc7-0d39-4161-9b91-32ead9a8c791.roa (raw, json)
Hash identifier:          fkpFt7VF9wR9L6YGjCcQe/UrBDv5Iu3ZgCVNqV6ocGw=
Subject key identifier:   E5:DC:BD:DC:E6:DA:04:6D:05:5C:92:71:99:55:30:51:06:73:4C:83
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       207F56B91A3D5A775F5A47ECD07D7FDCBA167B8A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/712a2fc7-0d39-4161-9b91-32ead9a8c791.roa
Signing time:             Fri 25 Jul 2025 00:31:03 +0000
ROA not before:           Fri 25 Jul 2025 00:31:03 +0000
ROA not after:            Fri 29 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.150.0.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 27 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:7f:56:b9:1a:3d:5a:77:5f:5a:47:ec:d0:7d:7f:dc:ba:16:7b:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 25 00:31:03 2025 GMT
            Not After : Aug 29 23:59:59 2025 GMT
        Subject: serialNumber=469244eec077b17cac6530b1ae6d9bfa0f0a7be828de5e06e1f0ff1f8708cd8b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:dc:a2:04:49:12:fa:ca:b5:a7:d5:f7:0d:f9:
                    29:f7:5c:98:4c:80:67:41:e6:d4:86:3a:06:dd:f0:
                    b8:49:44:3f:1e:c6:2a:4f:a2:50:c4:39:9f:75:00:
                    e7:0b:15:1f:7f:b0:3f:cf:e0:4e:71:c7:2b:72:37:
                    df:ad:ea:60:a1:ae:8d:a2:40:29:3c:64:e4:9b:27:
                    32:99:22:36:7f:10:46:82:d0:d2:20:3d:84:ea:ca:
                    3e:e2:63:57:21:1d:fc:1e:51:59:4c:cc:2b:26:7e:
                    18:1a:01:40:a8:4e:13:6f:79:4d:31:4f:aa:4d:46:
                    bc:81:d2:8a:0f:d9:07:52:23:37:32:1e:6c:73:6c:
                    8a:c7:fd:5d:05:f2:16:13:49:ae:26:59:9f:5d:f5:
                    3d:28:c6:94:7a:03:58:da:d7:1d:20:81:5c:be:62:
                    38:2b:8e:c6:5f:1c:d9:ca:26:ac:3f:3d:93:9b:00:
                    27:ed:41:c5:ac:fa:58:7e:c7:46:4c:11:e5:27:fd:
                    76:f9:cb:1d:bb:3e:08:5e:bc:a1:67:6e:01:83:88:
                    9b:46:af:ed:2b:66:88:1d:65:75:ac:d4:11:db:3f:
                    3e:f8:3c:7e:1f:eb:c9:60:ce:ed:3e:f8:e5:ea:94:
                    62:00:af:08:e9:ce:a7:d3:c4:75:cf:16:b2:df:0c:
                    bc:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:DC:BD:DC:E6:DA:04:6D:05:5C:92:71:99:55:30:51:06:73:4C:83
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/712a2fc7-0d39-4161-9b91-32ead9a8c791.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.150.0.0/23

    Signature Algorithm: sha256WithRSAEncryption
         94:65:9d:10:6b:70:98:04:8e:bc:26:ef:53:c2:7c:69:37:1f:
         7f:23:f0:ae:cf:45:ea:4a:f8:30:b7:48:ee:d4:2e:7a:a5:5e:
         59:fe:3a:5e:cc:7f:50:67:23:06:9a:5d:59:22:87:0c:de:06:
         67:58:3c:f2:22:93:56:7b:56:28:b2:d9:68:9a:92:5f:d6:18:
         7f:59:a1:24:3b:d2:11:49:71:9e:72:89:79:a8:9d:c8:14:5c:
         6c:35:37:7b:08:47:d7:96:0e:46:56:9c:6c:11:ef:3d:d1:c4:
         7b:aa:42:a1:da:0c:d0:c7:b5:d0:bc:f7:6b:2a:80:f3:42:7e:
         f0:4d:da:c8:2d:3b:9b:f0:ac:06:24:a4:49:c3:75:a0:cc:b3:
         33:11:79:70:68:58:86:36:7f:ba:62:f0:9f:0b:0b:ae:18:db:
         cd:1c:d7:96:ec:ef:5e:27:a2:3d:da:c4:7d:a9:1f:11:49:4f:
         fc:3b:3a:b4:77:d0:67:ec:ec:47:b3:31:9f:28:8d:da:30:0c:
         84:c2:4a:cf:b1:c5:ed:e4:8b:4b:d8:f3:a8:23:fb:20:e4:d4:
         d9:f2:8b:48:da:61:8d:17:54:96:ce:79:c3:b6:2c:94:f4:ca:
         67:6f:a5:c3:1b:0f:bd:2a:29:1c:a0:5f:26:3f:4c:fd:d5:3a:
         f3:c7:e2:21
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIH9WuRo9WndfWkfs0H1/3LoWe4owDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzI1MDAzMTAzWhcNMjUwODI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A0NjkyNDRlZWMwNzdiMTdjYWM2NTMwYjFhZTZkOWJmYTBm
MGE3YmU4MjhkZTVlMDZlMWYwZmYxZjg3MDhjZDhiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDI3KIESRL6yrWn1fcN+Sn3XJhMgGdB5tSGOgbd8LhJRD8e
xipPolDEOZ91AOcLFR9/sD/P4E5xxytyN9+t6mChro2iQCk8ZOSbJzKZIjZ/EEaC
0NIgPYTqyj7iY1chHfweUVlMzCsmfhgaAUCoThNveU0xT6pNRryB0ooP2QdSIzcy
HmxzbIrH/V0F8hYTSa4mWZ9d9T0oxpR6A1ja1x0ggVy+YjgrjsZfHNnKJqw/PZOb
ACftQcWs+lh+x0ZMEeUn/Xb5yx27PghevKFnbgGDiJtGr+0rZogdZXWs1BHbPz74
PH4f68lgzu0++OXqlGIArwjpzqfTxHXPFrLfDLxhAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU5dy93ObaBG0FXJJxmVUwUQZzTIMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzcxMmEyZmM3LTBkMzktNDE2MS05YjkxLTMyZWFkOWE4Yzc5MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFjlgAwDQYJKoZIhvcNAQELBQADggEBAJRlnRBrcJgEjrwm71PCfGk3H38j
8K7PRepK+DC3SO7ULnqlXln+Ol7Mf1BnIwaaXVkihwzeBmdYPPIik1Z7Viiy2Wia
kl/WGH9ZoSQ70hFJcZ5yiXmoncgUXGw1N3sIR9eWDkZWnGwR7z3RxHuqQqHaDNDH
tdC892sqgPNCfvBN2sgtO5vwrAYkpEnDdaDMszMReXBoWIY2f7pi8J8LC64Y280c
15bs714noj3axH2pHxFJT/w7OrR30Gfs7EezMZ8ojdowDITCSs+xxe3ki0vY86gj
+yDk1Nnyi0jaYY0XVJbOecO2LJT0ymdvpcMbD70qKRygXyY/TP3VOvPH4iE=
-----END CERTIFICATE-----
Generated at Sat Jul 26 01:54:22 2025 by rpki-client