Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/825bfb63-e691-44c3-91b1-ef9cfe07ece2.roa
File:                     825bfb63-e691-44c3-91b1-ef9cfe07ece2.roa (raw, json)
Hash identifier:          XSpjlUfkhp0IAcZ9u2JWeIrmKwGm1fPxywfs9tWEwQA=
Subject key identifier:   D9:8E:58:AC:CB:64:1D:92:E5:C3:E7:0B:01:22:F3:4E:4C:85:88:31
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       323BFF3DB14253D8BA05F7A33EE20A593C747F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/825bfb63-e691-44c3-91b1-ef9cfe07ece2.roa
Signing time:             Fri 11 Jul 2025 00:30:20 +0000
ROA not before:           Fri 11 Jul 2025 00:30:20 +0000
ROA not after:            Fri 15 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.29.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:3b:ff:3d:b1:42:53:d8:ba:05:f7:a3:3e:e2:0a:59:3c:74:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 11 00:30:20 2025 GMT
            Not After : Aug 15 23:59:59 2025 GMT
        Subject: serialNumber=ed95e7b56a4894236504893f43c403529c190e5c22f8eca13acb8b0ccec4d59c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:62:34:67:91:37:b5:fc:e9:50:06:56:ef:35:
                    6f:1f:e6:96:87:8c:d1:8a:f2:ee:69:3e:2c:2a:de:
                    47:fa:c3:7f:d8:bb:5b:c4:b9:0c:70:1d:59:b2:68:
                    18:21:80:e4:09:4c:ff:12:d3:6f:4f:33:bf:31:a6:
                    fa:1c:ad:46:14:a7:40:df:bf:28:32:ee:97:a2:9f:
                    b7:6f:9b:ac:6b:00:90:8d:48:58:55:0d:c3:d8:c9:
                    79:33:6a:f7:c8:af:33:19:22:83:6d:de:14:6f:d7:
                    40:2b:eb:44:50:ec:5e:21:b8:13:31:b3:df:e3:63:
                    7f:76:d6:23:3a:aa:0d:49:81:70:3a:93:94:f6:7a:
                    eb:76:96:03:07:56:80:4b:67:d6:f1:9d:59:28:4d:
                    dc:3b:59:17:d0:12:6c:c1:44:5b:67:51:4f:58:1b:
                    f5:0d:d4:8b:39:4e:35:72:7b:76:2b:22:df:ca:ef:
                    d2:6b:68:b0:30:18:8f:ad:14:d5:45:c0:a7:63:2e:
                    b7:6e:85:31:81:a5:64:97:3a:2d:25:34:b5:d7:d6:
                    93:72:42:b8:e8:c4:f0:76:98:39:03:e8:dd:db:a3:
                    84:72:d7:ce:f3:cc:8c:09:31:e5:7c:cd:ff:f8:8f:
                    3c:76:e0:f0:37:e8:ca:13:40:1e:e8:e9:fa:f4:a0:
                    fa:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:8E:58:AC:CB:64:1D:92:E5:C3:E7:0B:01:22:F3:4E:4C:85:88:31
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/825bfb63-e691-44c3-91b1-ef9cfe07ece2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.29.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         85:e4:7f:1b:0b:9f:28:eb:c8:09:62:85:d2:65:d6:5e:cc:d8:
         62:d2:a6:29:ab:d5:29:aa:b8:53:fa:99:63:3c:f6:fd:1c:31:
         5f:95:98:0b:32:ea:b0:12:17:6e:6f:2e:1f:31:5f:b6:7a:d5:
         80:64:4d:e6:ba:eb:c5:fd:4e:13:a1:15:24:8a:f8:04:cd:43:
         6f:70:c8:09:3d:40:68:0f:02:aa:36:c9:81:e0:3a:e5:64:15:
         ad:e4:cd:9d:3a:b8:56:9d:f0:c6:34:4a:bb:d7:6f:4d:8b:cb:
         11:1f:71:14:69:5e:7e:68:c3:aa:7e:f7:37:00:0a:5d:ba:0f:
         93:d6:86:c5:5e:85:a9:f3:c9:10:19:3b:52:c0:20:1c:3f:9b:
         5b:26:aa:91:a8:60:85:15:c8:30:33:b8:fb:d1:f1:77:c1:64:
         94:4f:fc:03:a6:de:0f:22:18:c3:5b:d4:33:b3:b4:ae:9a:29:
         1d:23:e2:1a:fa:42:9b:ac:4f:ad:2d:08:cd:7c:0d:4d:9e:c9:
         35:d0:8b:ca:56:88:17:70:43:37:34:94:f9:2a:e0:fc:b1:00:
         9e:49:01:38:ff:e3:b4:2f:aa:8e:47:76:80:35:64:bb:19:06:
         a3:09:34:a6:0d:a3:5d:fc:c1:38:25:24:20:6b:e4:b0:f9:6a:
         16:e4:b4:e4
-----BEGIN CERTIFICATE-----
MIIF9jCCBN6gAwIBAgITMjv/PbFCU9i6BfejPuIKWTx0fzANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzI2ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAxOGQ0MmJlMzU4ZWIz
NzEwN2RiZThjYjcxZDBhNzAeFw0yNTA3MTEwMDMwMjBaFw0yNTA4MTUyMzU5NTla
MHoxSTBHBgNVBAUTQGVkOTVlN2I1NmE0ODk0MjM2NTA0ODkzZjQzYzQwMzUyOWMx
OTBlNWMyMmY4ZWNhMTNhY2I4YjBjY2VjNGQ1OWMxLTArBgNVBAMTJGIyNWM5NzBm
LWQ4MTMtNDQ1Yy1iZmUyLTYyNjY4NTE4Yzg3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI1iNGeRN7X86VAGVu81bx/mloeM0Yry7mk+LCreR/rDf9i7
W8S5DHAdWbJoGCGA5AlM/xLTb08zvzGm+hytRhSnQN+/KDLul6Kft2+brGsAkI1I
WFUNw9jJeTNq98ivMxkig23eFG/XQCvrRFDsXiG4EzGz3+Njf3bWIzqqDUmBcDqT
lPZ663aWAwdWgEtn1vGdWShN3DtZF9ASbMFEW2dRT1gb9Q3UizlONXJ7disi38rv
0mtosDAYj60U1UXAp2Mut26FMYGlZJc6LSU0tdfWk3JCuOjE8HaYOQPo3dujhHLX
zvPMjAkx5XzN//iPPHbg8DfoyhNAHujp+vSg+mkCAwEAAaOCArAwggKsMB0GA1Ud
DgQWBBTZjlisy2QdkuXD5wsBIvNOTIWIMTAfBgNVHSMEGDAWgBQQXdeNVXhAq0Nd
vRUhII8p+kk/rjAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzFiYTMwMmI4LThk
YWItNDkxZC1iOWVkLWQ3YzkyZDAzMGQ4Mi82ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAx
OGQ0MmJlMzU4ZWIzNzEwN2RiZThjYjcxZDBhNy5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8yMGFhMzI5Yi1mYzUyLTRjNjEtYmY1My0wOTcy
NWMwNDI5NDIvODI1YmZiNjMtZTY5MS00NGMzLTkxYjEtZWY5Y2ZlMDdlY2UyLnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMt
MDk3MjVjMDQyOTQyL19xeDNSSjhCalVLLU5ZNnpjUWZiNk10eDBLYy5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEw
BQMDADgdMA0GCSqGSIb3DQEBCwUAA4IBAQCF5H8bC58o68gJYoXSZdZezNhi0qYp
q9UpqrhT+pljPPb9HDFflZgLMuqwEhduby4fMV+2etWAZE3muuvF/U4ToRUkivgE
zUNvcMgJPUBoDwKqNsmB4DrlZBWt5M2dOrhWnfDGNEq7129Ni8sRH3EUaV5+aMOq
fvc3AApdug+T1obFXoWp88kQGTtSwCAcP5tbJqqRqGCFFcgwM7j70fF3wWSUT/wD
pt4PIhjDW9Qzs7SumikdI+Ia+kKbrE+tLQjNfA1Nnsk10IvKVogXcEM3NJT5KuD8
sQCeSQE4/+O0L6qOR3aANWS7GQajCTSmDaNd/ME4JSQga+Sw+WoW5LTk
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:12:44 2025 by rpki-client