Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7ba02025-0c4b-49eb-a560-246362b48585.roa
File:                     7ba02025-0c4b-49eb-a560-246362b48585.roa (raw, json)
Hash identifier:          WNWRfurlk1PpCrfgg99Wpm8dGQSPrWZBq5xbnlzLUFw=
Subject key identifier:   4E:D6:3C:6D:FE:44:85:82:85:63:F8:28:58:4B:ED:2C:79:54:D1:93
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       72A3008BFA46B65F3A51F5C3129C5229206562EE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7ba02025-0c4b-49eb-a560-246362b48585.roa
Signing time:             Tue 22 Jul 2025 00:20:19 +0000
ROA not before:           Tue 22 Jul 2025 00:20:19 +0000
ROA not after:            Tue 26 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        24.110.11.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:a3:00:8b:fa:46:b6:5f:3a:51:f5:c3:12:9c:52:29:20:65:62:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 22 00:20:19 2025 GMT
            Not After : Aug 26 23:59:59 2025 GMT
        Subject: serialNumber=18a9f8200ea13d05cca50d0336e318a0748c9ec535f515b426ed0a2fe1dbc55b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:97:34:9a:55:f3:41:54:fd:d8:cc:8e:4b:56:
                    00:53:b0:71:97:e8:7b:63:81:07:23:d4:f2:a9:57:
                    5d:14:67:d0:1e:de:cb:42:5d:a5:02:2d:a0:ea:a6:
                    1a:02:8c:0b:d2:64:61:50:35:dd:7d:f1:be:ec:94:
                    5a:b6:62:7c:26:cb:68:b5:cc:05:f3:18:2a:e7:c7:
                    75:ab:8a:3f:68:32:1c:7c:cf:22:34:50:1d:f8:94:
                    ef:89:3f:59:ae:9a:30:2d:63:72:0d:ed:28:9f:35:
                    f8:55:3c:3c:54:00:76:eb:75:37:72:f8:b1:f0:88:
                    cb:76:e1:39:c0:ee:0f:1f:ed:6b:81:f6:0f:84:2b:
                    7e:b8:bf:92:04:cc:bc:88:c3:a4:99:53:3f:65:0b:
                    79:4a:aa:be:54:e9:ca:1e:20:e1:3a:e7:e6:44:67:
                    96:d1:6c:5e:77:db:8d:8a:63:5d:d0:99:72:10:13:
                    9c:f9:56:a4:be:62:1b:60:aa:99:ab:d6:de:63:e3:
                    a5:e2:01:5e:0d:d3:ce:24:4b:21:dc:b9:07:ac:72:
                    b1:ad:b2:ae:63:64:7f:cc:0e:26:0d:03:d2:04:15:
                    54:67:88:95:1a:7f:58:b6:f6:5b:68:b6:b4:6a:14:
                    08:50:01:27:5a:87:d7:16:35:ae:0b:41:d2:a6:fb:
                    1e:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:D6:3C:6D:FE:44:85:82:85:63:F8:28:58:4B:ED:2C:79:54:D1:93
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7ba02025-0c4b-49eb-a560-246362b48585.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  24.110.11.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bd:7e:fb:4e:a4:50:e7:d5:17:b8:57:83:26:87:42:43:e7:4a:
         98:ac:28:13:30:54:81:25:9a:a3:76:98:9d:73:92:8d:80:5b:
         f2:ca:f3:47:af:88:aa:10:dc:76:36:6e:61:8a:02:1e:69:8f:
         7c:5c:66:e4:40:5e:0a:45:66:f9:1a:aa:a2:bb:1e:29:43:fd:
         20:b5:f0:27:ca:38:ae:6a:87:78:2a:f8:c9:d5:70:10:15:f7:
         c7:3c:df:49:95:fe:52:0c:79:2d:d3:d8:40:d8:8b:c4:d0:1a:
         89:83:ae:3b:08:43:85:ac:a5:c0:13:cf:4c:d7:29:cd:1c:4e:
         8f:03:07:62:e4:34:24:7d:ae:08:ca:10:a9:a4:78:0c:25:ac:
         40:39:e0:20:b8:08:22:1c:90:56:ce:37:5d:99:43:c9:d4:bc:
         96:54:44:76:b5:1f:db:ac:00:76:42:53:40:76:5e:90:c4:72:
         a0:19:59:1b:19:03:e7:6d:0e:21:5d:0c:1c:c7:50:f1:4f:e0:
         69:e0:e3:16:89:84:1f:d0:d1:4c:31:b8:98:fb:e9:27:d8:a8:
         cd:90:bb:2c:c5:59:6d:50:ba:9f:7c:dd:fa:5e:bf:57:97:a0:
         42:25:df:2a:79:9e:e0:c4:5d:d9:4e:c6:72:52:dc:f3:54:62:
         1b:e6:8e:0f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcqMAi/pGtl86UfXDEpxSKSBlYu4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzIyMDAyMDE5WhcNMjUwODI2MjM1OTU5
WjB6MUkwRwYDVQQFE0AxOGE5ZjgyMDBlYTEzZDA1Y2NhNTBkMDMzNmUzMThhMDc0
OGM5ZWM1MzVmNTE1YjQyNmVkMGEyZmUxZGJjNTViMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDZlzSaVfNBVP3YzI5LVgBTsHGX6HtjgQcj1PKpV10UZ9Ae
3stCXaUCLaDqphoCjAvSZGFQNd198b7slFq2Ynwmy2i1zAXzGCrnx3Wrij9oMhx8
zyI0UB34lO+JP1mumjAtY3IN7SifNfhVPDxUAHbrdTdy+LHwiMt24TnA7g8f7WuB
9g+EK364v5IEzLyIw6SZUz9lC3lKqr5U6coeIOE65+ZEZ5bRbF53242KY13QmXIQ
E5z5VqS+Yhtgqpmr1t5j46XiAV4N084kSyHcuQescrGtsq5jZH/MDiYNA9IEFVRn
iJUaf1i29ltotrRqFAhQASdah9cWNa4LQdKm+x6zAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUTtY8bf5EhYKFY/goWEvtLHlU0ZMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdiYTAyMDI1LTBjNGItNDllYi1hNTYwLTI0NjM2MmI0ODU4NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAYbgswDQYJKoZIhvcNAQELBQADggEBAL1++06kUOfVF7hXgyaHQkPnSpis
KBMwVIElmqN2mJ1zko2AW/LK80eviKoQ3HY2bmGKAh5pj3xcZuRAXgpFZvkaqqK7
HilD/SC18CfKOK5qh3gq+MnVcBAV98c830mV/lIMeS3T2EDYi8TQGomDrjsIQ4Ws
pcATz0zXKc0cTo8DB2LkNCR9rgjKEKmkeAwlrEA54CC4CCIckFbON12ZQ8nUvJZU
RHa1H9usAHZCU0B2XpDEcqAZWRsZA+dtDiFdDBzHUPFP4Gng4xaJhB/Q0UwxuJj7
6SfYqM2QuyzFWW1Qup983fpev1eXoEIl3yp5nuDEXdlOxnJS3PNUYhvmjg8=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:21:03 2025 by rpki-client