Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/793b1d13-c592-4627-ae73-33658faf9052.roa
File:                     793b1d13-c592-4627-ae73-33658faf9052.roa (raw, json)
Hash identifier:          kNjBvycav6IL+xkENAlS0gVmxCFbIkJK0IOwv1x8+P0=
Subject key identifier:   D2:CE:21:EB:B6:2F:86:CF:14:C1:A8:BB:88:CD:1E:6F:D5:FC:C0:1E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       39FE1C5701ED2469AEEF64FB6CEBE250AAD56736
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/793b1d13-c592-4627-ae73-33658faf9052.roa
Signing time:             Fri 11 Jul 2025 00:31:04 +0000
ROA not before:           Fri 11 Jul 2025 00:31:04 +0000
ROA not after:            Fri 15 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.183.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:fe:1c:57:01:ed:24:69:ae:ef:64:fb:6c:eb:e2:50:aa:d5:67:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 11 00:31:04 2025 GMT
            Not After : Aug 15 23:59:59 2025 GMT
        Subject: serialNumber=0ba4c0638a8ae1aadf7c07451cd9a9cb41d9139fb0379f6c923daf37fc498c2b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:a1:cf:0f:06:21:6b:cf:b1:25:fb:8d:d7:e4:
                    c6:91:5f:88:03:d4:45:34:a3:9d:03:42:ce:d5:41:
                    45:ef:15:80:29:5f:08:50:b6:2d:b0:36:72:d8:f3:
                    ec:52:77:30:3f:6e:41:98:a5:72:d2:16:f7:06:b6:
                    c3:8d:ce:b1:0d:50:ad:60:b4:fa:07:c5:02:56:1a:
                    9e:50:9f:56:62:5f:56:92:fb:b1:fc:93:93:e1:c9:
                    88:47:25:dd:ec:ce:a7:d5:ea:c5:11:57:81:4f:b8:
                    f0:64:51:d7:7a:fd:43:44:9b:6c:c7:55:74:81:6a:
                    ec:b0:e2:5a:fa:dd:16:fd:eb:6b:26:19:14:a7:ef:
                    64:b2:5a:59:29:e7:6d:da:9e:95:e3:5b:09:0a:71:
                    f8:50:ca:fb:c6:48:ee:90:84:a6:e1:7d:c4:f4:f9:
                    9d:34:35:b8:b2:8a:3e:9b:09:b9:80:00:9e:9a:eb:
                    c3:5a:53:54:ed:b3:81:a3:d9:d4:b7:bf:68:64:52:
                    63:6c:58:84:9c:ce:e8:c4:ff:ba:db:d8:27:74:38:
                    f8:f4:74:1a:5d:51:94:0c:6d:8c:f0:b4:41:e7:a3:
                    d3:35:bb:c2:c4:d8:a6:4c:a2:87:b6:02:b9:26:dd:
                    ca:fe:a8:f8:fb:e5:fb:5b:dc:88:61:f4:e2:e7:5c:
                    3b:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:CE:21:EB:B6:2F:86:CF:14:C1:A8:BB:88:CD:1E:6F:D5:FC:C0:1E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/793b1d13-c592-4627-ae73-33658faf9052.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.183.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         79:15:a3:fd:44:53:d8:bb:84:96:b7:16:95:01:de:55:0c:47:
         11:2c:35:a0:a8:ee:5b:49:15:8a:24:d5:15:01:cb:78:02:f5:
         d0:6b:93:73:36:de:07:a8:e0:cc:92:8d:92:10:8d:74:99:6d:
         c1:be:7c:1b:6c:3a:65:2b:59:f2:11:f7:8b:02:de:5a:fa:f5:
         04:76:7d:36:11:33:37:59:e8:e3:98:20:e9:a2:46:59:36:a7:
         f6:47:80:b7:21:c8:10:27:5e:c2:17:bf:72:24:d5:5f:2d:ff:
         21:80:b2:0a:bd:6b:80:95:bc:24:1a:9c:61:b9:58:b9:d5:4f:
         c0:7b:a2:90:bd:90:df:d6:23:c1:13:af:8c:5b:8e:52:23:c8:
         73:50:c0:64:12:75:d7:76:a4:3d:d9:57:ce:24:22:b6:cf:00:
         15:e1:30:47:53:53:1b:38:0e:8e:23:02:df:9d:2e:8f:bb:44:
         78:d7:88:55:41:c3:2d:7d:b0:42:79:60:84:eb:0a:06:93:07:
         a1:a7:08:2b:3d:9e:ee:4e:cc:71:d0:21:c7:35:4a:35:c5:7e:
         ae:e6:25:91:00:c4:c6:31:68:95:dc:66:64:57:e5:8c:8f:18:
         11:a6:8f:a1:89:c1:d4:1b:05:b5:2a:9f:4a:4b:a2:df:72:37:
         c5:bd:90:d9
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUOf4cVwHtJGmu72T7bOviUKrVZzYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzExMDAzMTA0WhcNMjUwODE1MjM1OTU5
WjB6MUkwRwYDVQQFE0AwYmE0YzA2MzhhOGFlMWFhZGY3YzA3NDUxY2Q5YTljYjQx
ZDkxMzlmYjAzNzlmNmM5MjNkYWYzN2ZjNDk4YzJiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDBoc8PBiFrz7El+43X5MaRX4gD1EU0o50DQs7VQUXvFYAp
XwhQti2wNnLY8+xSdzA/bkGYpXLSFvcGtsONzrENUK1gtPoHxQJWGp5Qn1ZiX1aS
+7H8k5PhyYhHJd3szqfV6sURV4FPuPBkUdd6/UNEm2zHVXSBauyw4lr63Rb962sm
GRSn72SyWlkp523anpXjWwkKcfhQyvvGSO6QhKbhfcT0+Z00Nbiyij6bCbmAAJ6a
68NaU1Tts4Gj2dS3v2hkUmNsWISczujE/7rb2Cd0OPj0dBpdUZQMbYzwtEHno9M1
u8LE2KZMooe2Arkm3cr+qPj75ftb3Ihh9OLnXDsXAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU0s4h67Yvhs8Uwai7iM0eb9X8wB4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc5M2IxZDEzLWM1OTItNDYyNy1hZTczLTMzNjU4ZmFmOTA1Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4tzANBgkqhkiG9w0BAQsFAAOCAQEAeRWj/URT2LuElrcWlQHeVQxHESw1
oKjuW0kViiTVFQHLeAL10GuTczbeB6jgzJKNkhCNdJltwb58G2w6ZStZ8hH3iwLe
Wvr1BHZ9NhEzN1no45gg6aJGWTan9keAtyHIECdewhe/ciTVXy3/IYCyCr1rgJW8
JBqcYblYudVPwHuikL2Q39YjwROvjFuOUiPIc1DAZBJ113akPdlXziQits8AFeEw
R1NTGzgOjiMC350uj7tEeNeIVUHDLX2wQnlghOsKBpMHoacIKz2e7k7McdAhxzVK
NcV+ruYlkQDExjFoldxmZFfljI8YEaaPoYnB1BsFtSqfSkui33I3xb2Q2Q==
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:31:00 2025 by rpki-client