Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7e23500a-7ffd-453d-be04-82eab76a246d.roa
File:                     7e23500a-7ffd-453d-be04-82eab76a246d.roa (raw, json)
Hash identifier:          td1qi9aOqoY4GnOi30UMgOyozWz17bFgg1Y5DMVKsO8=
Subject key identifier:   EB:D5:6D:A4:9C:09:CB:48:ED:44:5B:2E:05:12:3E:A1:38:36:C5:26
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6D8243F4AB7A0B9DF06744E20C09DF3CD128CC56
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7e23500a-7ffd-453d-be04-82eab76a246d.roa
Signing time:             Fri 25 Jul 2025 00:21:12 +0000
ROA not before:           Fri 25 Jul 2025 00:21:12 +0000
ROA not after:            Fri 29 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.150.6.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 26 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:82:43:f4:ab:7a:0b:9d:f0:67:44:e2:0c:09:df:3c:d1:28:cc:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 25 00:21:12 2025 GMT
            Not After : Aug 29 23:59:59 2025 GMT
        Subject: serialNumber=c62c3e0f93499876b048bdd4134f43ac87737036b3e5c6094a700da5eb834e26, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:a7:2c:9b:93:69:6c:33:6a:c2:80:c7:6e:b2:
                    55:77:c5:36:af:99:5c:d0:49:1b:bb:b0:6c:01:92:
                    d2:75:7f:9c:22:2e:b8:5d:67:f7:a4:5a:73:3f:4f:
                    79:38:42:9c:0d:4f:ce:2d:28:c1:49:9f:0f:17:f9:
                    8b:8e:b8:8b:f8:39:ed:51:72:96:c4:fc:83:83:ea:
                    b8:4c:32:6d:fe:2c:d7:4e:fa:91:88:bf:2a:c7:29:
                    ae:85:b9:d9:45:3e:9b:01:a0:1f:65:7c:96:ce:0e:
                    a1:eb:de:54:48:10:29:e2:11:94:98:29:d0:cf:78:
                    8c:d0:87:30:27:3a:15:23:7a:37:40:fa:56:8c:f7:
                    84:dd:62:d1:d3:4b:5f:af:82:22:b2:6e:9a:11:b6:
                    44:94:a1:9e:85:7c:c3:c2:af:37:2c:32:27:5d:6d:
                    b9:a4:28:0d:a1:8a:6f:1b:b8:c5:9f:e5:42:b0:79:
                    07:4c:0f:7a:50:cd:89:ce:1a:9e:bc:3d:9e:c9:05:
                    9e:14:b6:99:14:eb:36:e8:52:a2:3d:4a:7d:57:3a:
                    1e:d6:3b:b5:7c:3d:c7:31:4d:c8:ef:31:37:d7:22:
                    26:6a:b6:93:dc:90:43:7c:d6:c1:a6:54:80:1c:0b:
                    cc:76:0d:1e:5f:ce:85:98:77:38:18:53:51:18:31:
                    b7:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:D5:6D:A4:9C:09:CB:48:ED:44:5B:2E:05:12:3E:A1:38:36:C5:26
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7e23500a-7ffd-453d-be04-82eab76a246d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.150.6.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:23:9f:9d:1b:7f:cb:bb:06:d7:a1:a3:69:5a:ae:f3:83:f7:
         45:b8:3a:c9:6e:8f:d4:f8:dc:15:69:80:96:50:b4:b9:01:33:
         8f:c0:24:5f:38:5d:3d:27:aa:f3:74:2a:a5:a3:49:2f:ad:c0:
         42:9a:ca:53:29:42:b4:7c:e4:09:79:df:50:ba:38:c1:c4:7c:
         fe:2a:8c:c3:f3:1f:8a:44:62:90:24:0d:82:95:fd:48:d7:62:
         d8:f7:04:8a:47:52:ef:24:1c:f8:79:04:19:40:74:7d:88:b6:
         2f:74:7b:bc:7f:56:f2:cf:a0:c7:53:7c:6c:9b:6d:ac:43:f1:
         d4:7c:c9:c1:e0:b1:b3:eb:f5:7d:aa:7e:95:9a:50:ed:e7:bb:
         e3:9c:5a:cb:86:5a:1a:78:94:ce:54:5a:82:5e:cb:66:7c:64:
         96:b3:70:e1:cc:9a:8a:50:d9:66:8e:8a:de:2c:26:a5:07:cc:
         e4:88:81:9f:2c:31:8c:6b:66:38:4e:b1:04:75:c4:b0:b9:56:
         61:b4:da:0e:ef:38:79:1d:e7:66:bf:65:f8:16:34:e2:20:79:
         4f:52:34:7a:4e:50:12:e6:27:89:1b:7a:ff:9f:00:31:7d:73:
         da:91:46:d5:95:67:74:e7:33:ae:97:65:f8:44:f2:f4:0b:5a:
         23:00:d1:77
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbYJD9Kt6C53wZ0TiDAnfPNEozFYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzI1MDAyMTEyWhcNMjUwODI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BjNjJjM2UwZjkzNDk5ODc2YjA0OGJkZDQxMzRmNDNhYzg3
NzM3MDM2YjNlNWM2MDk0YTcwMGRhNWViODM0ZTI2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQChpyybk2lsM2rCgMduslV3xTavmVzQSRu7sGwBktJ1f5wi
LrhdZ/ekWnM/T3k4QpwNT84tKMFJnw8X+YuOuIv4Oe1RcpbE/IOD6rhMMm3+LNdO
+pGIvyrHKa6FudlFPpsBoB9lfJbODqHr3lRIECniEZSYKdDPeIzQhzAnOhUjejdA
+laM94TdYtHTS1+vgiKybpoRtkSUoZ6FfMPCrzcsMiddbbmkKA2him8buMWf5UKw
eQdMD3pQzYnOGp68PZ7JBZ4UtpkU6zboUqI9Sn1XOh7WO7V8PccxTcjvMTfXIiZq
tpPckEN81sGmVIAcC8x2DR5fzoWYdzgYU1EYMbcTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU69VtpJwJy0jtRFsuBRI+oTg2xSYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdlMjM1MDBhLTdmZmQtNDUzZC1iZTA0LTgyZWFiNzZhMjQ2ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjlgYwDQYJKoZIhvcNAQELBQADggEBAEsjn50bf8u7Bteho2larvOD90W4
Osluj9T43BVpgJZQtLkBM4/AJF84XT0nqvN0KqWjSS+twEKaylMpQrR85Al531C6
OMHEfP4qjMPzH4pEYpAkDYKV/UjXYtj3BIpHUu8kHPh5BBlAdH2Iti90e7x/VvLP
oMdTfGybbaxD8dR8ycHgsbPr9X2qfpWaUO3nu+OcWsuGWhp4lM5UWoJey2Z8ZJaz
cOHMmopQ2WaOit4sJqUHzOSIgZ8sMYxrZjhOsQR1xLC5VmG02g7vOHkd52a/ZfgW
NOIgeU9SNHpOUBLmJ4kbev+fADF9c9qRRtWVZ3TnM66XZfhE8vQLWiMA0Xc=
-----END CERTIFICATE-----
Generated at Fri Jul 25 04:43:33 2025 by rpki-client