Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98f54404-7ff6-4be7-9d93-ffaf68f6910e.roa
File:                     98f54404-7ff6-4be7-9d93-ffaf68f6910e.roa (raw, json)
Hash identifier:          dote3yC0kEUQs1LR0jzFZPV1tWap3/tyj34u2gmktDk=
Subject key identifier:   2F:C5:C1:26:F8:52:5F:EE:35:9B:FC:A8:A8:E5:8C:8F:4E:47:61:1C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1445833DCDE72F555E729CA791B114ACE552FE1E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98f54404-7ff6-4be7-9d93-ffaf68f6910e.roa
Signing time:             Tue 22 Jul 2025 00:31:16 +0000
ROA not before:           Tue 22 Jul 2025 00:31:16 +0000
ROA not after:            Tue 26 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        44.199.180.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:45:83:3d:cd:e7:2f:55:5e:72:9c:a7:91:b1:14:ac:e5:52:fe:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 22 00:31:16 2025 GMT
            Not After : Aug 26 23:59:59 2025 GMT
        Subject: serialNumber=4523c6b8f9c713864ecd868883c3d5d984ffa93cd8347e0016ee2fd491b981fb, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:1f:a2:fa:cd:7c:0f:02:84:a8:08:de:f9:9e:
                    b4:81:8c:90:3d:23:a6:02:df:d4:a4:0e:16:da:8b:
                    59:7b:98:7b:06:24:46:8f:9f:5e:50:3b:04:bf:11:
                    4a:17:95:ec:18:03:64:95:db:9d:fd:b9:b9:bf:d5:
                    84:cf:0e:bf:59:0c:52:f2:55:8d:36:f4:60:23:d4:
                    75:5d:a3:d8:b3:df:6c:db:cd:17:39:13:87:34:34:
                    99:86:07:de:37:14:80:60:2b:d2:e0:a2:3c:d4:ad:
                    1e:86:6b:bb:f1:27:65:6b:e5:7e:3b:3b:56:3a:40:
                    3b:2d:a0:45:76:7c:1d:87:d0:48:21:28:9e:92:88:
                    5f:d3:79:a2:19:8e:18:02:db:9e:8e:c3:55:4d:44:
                    26:8e:a1:4d:07:0c:0c:45:77:71:8d:51:4d:20:6b:
                    a9:09:e4:61:17:e4:23:4a:e4:a4:da:84:b5:bc:5d:
                    f3:98:1d:df:fa:45:6a:b7:d7:cc:53:ea:af:4f:f9:
                    90:62:77:5f:7f:96:05:78:73:ff:fc:e2:b8:e7:78:
                    0c:bc:f2:83:c2:cf:94:92:14:fe:4f:89:b6:2e:fb:
                    9b:7f:fc:e0:57:a7:b1:00:b7:f7:94:a6:a8:b8:ea:
                    a1:cd:2e:47:99:25:b3:a7:20:c9:2f:6a:45:78:d8:
                    54:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:C5:C1:26:F8:52:5F:EE:35:9B:FC:A8:A8:E5:8C:8F:4E:47:61:1C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98f54404-7ff6-4be7-9d93-ffaf68f6910e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  44.199.180.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1b:64:da:9b:e1:37:f7:7c:4e:01:bb:cd:9e:b4:29:22:d4:4b:
         50:e7:32:5f:73:e9:01:9b:75:ab:42:89:6e:82:52:cd:f0:8a:
         07:c7:41:fe:e4:cd:ab:1f:3d:1c:af:75:cf:8d:8e:ae:0e:35:
         18:62:5a:b3:ff:84:22:6e:41:83:e6:1a:25:09:0e:d0:18:96:
         97:c4:43:2f:be:98:ad:70:9b:26:8f:10:99:08:da:ba:4e:45:
         03:55:d5:74:0c:04:40:42:8c:ee:c4:36:29:c6:70:88:64:d8:
         fe:75:31:57:3c:6b:13:8c:0f:ff:60:b8:9d:7e:24:f8:aa:9c:
         39:79:3f:35:e4:b9:ca:cd:95:ec:ac:b1:8d:a7:d6:50:90:a7:
         53:48:63:62:d7:ca:70:ca:2e:44:2c:20:31:21:62:10:96:4a:
         26:81:ec:b0:ca:e7:1e:21:21:ac:52:3d:e7:f7:7c:91:8f:55:
         7e:2d:33:1f:c7:b8:10:e1:7c:a6:f8:55:36:34:56:b8:21:dd:
         53:bb:46:5b:45:02:b2:04:8c:41:71:1e:3f:02:cd:6b:39:98:
         86:80:13:1a:24:1a:b6:49:79:50:3f:17:6a:89:52:56:c0:78:
         8b:71:03:ce:8a:d3:50:e8:84:99:f8:bb:55:7d:30:fa:1a:1d:
         4a:17:c3:60
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFEWDPc3nL1VecpynkbEUrOVS/h4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzIyMDAzMTE2WhcNMjUwODI2MjM1OTU5
WjB6MUkwRwYDVQQFE0A0NTIzYzZiOGY5YzcxMzg2NGVjZDg2ODg4M2MzZDVkOTg0
ZmZhOTNjZDgzNDdlMDAxNmVlMmZkNDkxYjk4MWZiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCsH6L6zXwPAoSoCN75nrSBjJA9I6YC39SkDhbai1l7mHsG
JEaPn15QOwS/EUoXlewYA2SV2539ubm/1YTPDr9ZDFLyVY029GAj1HVdo9iz32zb
zRc5E4c0NJmGB943FIBgK9LgojzUrR6Ga7vxJ2Vr5X47O1Y6QDstoEV2fB2H0Egh
KJ6SiF/TeaIZjhgC256Ow1VNRCaOoU0HDAxFd3GNUU0ga6kJ5GEX5CNK5KTahLW8
XfOYHd/6RWq318xT6q9P+ZBid19/lgV4c//84rjneAy88oPCz5SSFP5PibYu+5t/
/OBXp7EAt/eUpqi46qHNLkeZJbOnIMkvakV42FQ/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUL8XBJvhSX+41m/yoqOWMj05HYRwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk4ZjU0NDA0LTdmZjYtNGJlNy05ZDkzLWZmYWY2OGY2OTEwZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEsx7QwDQYJKoZIhvcNAQELBQADggEBABtk2pvhN/d8TgG7zZ60KSLUS1Dn
Ml9z6QGbdatCiW6CUs3wigfHQf7kzasfPRyvdc+Njq4ONRhiWrP/hCJuQYPmGiUJ
DtAYlpfEQy++mK1wmyaPEJkI2rpORQNV1XQMBEBCjO7ENinGcIhk2P51MVc8axOM
D/9guJ1+JPiqnDl5PzXkucrNleyssY2n1lCQp1NIY2LXynDKLkQsIDEhYhCWSiaB
7LDK5x4hIaxSPef3fJGPVX4tMx/HuBDhfKb4VTY0Vrgh3VO7RltFArIEjEFxHj8C
zWs5mIaAExokGrZJeVA/F2qJUlbAeItxA86K01DohJn4u1V9MPoaHUoXw2A=
-----END CERTIFICATE-----
Generated at Tue Jul 22 06:22:23 2025 by rpki-client