Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9a9db74d-2685-478a-8752-9a852c0bc6fc.roa
File:                     9a9db74d-2685-478a-8752-9a852c0bc6fc.roa (raw, json)
Hash identifier:          QmvsqIUyNXIcdxJkggnYNz8ayXJlPpyU3cGo7Ie0eLE=
Subject key identifier:   6F:67:07:77:1C:DC:5B:72:F8:C5:F8:B7:15:A4:07:90:3B:26:94:F8
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       16D7D7C05714D3F5037333BD84042DAA68003ED9
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9a9db74d-2685-478a-8752-9a852c0bc6fc.roa
Signing time:             Tue 22 Jul 2025 00:40:24 +0000
ROA not before:           Tue 22 Jul 2025 00:40:24 +0000
ROA not after:            Tue 26 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        50.16.160.0/20 maxlen: 20
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:d7:d7:c0:57:14:d3:f5:03:73:33:bd:84:04:2d:aa:68:00:3e:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 22 00:40:24 2025 GMT
            Not After : Aug 26 23:59:59 2025 GMT
        Subject: serialNumber=0fb96984f6a5886a08dfbf8d3027609c1e163463835fe86b561f761bd26013e1, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:08:39:48:56:6f:1c:64:8f:3c:30:64:2f:87:
                    4d:84:cb:a5:23:ce:76:56:ed:d0:18:9a:03:da:22:
                    3a:6c:1c:b6:7d:a7:ba:6f:0c:08:af:c8:e6:8b:49:
                    a6:95:cf:22:70:f1:07:45:12:ba:fc:78:27:ed:41:
                    7a:8f:f1:fe:31:2e:be:e8:55:fd:15:53:68:6a:e5:
                    ca:bc:e6:3f:7a:15:81:d1:97:b6:c5:8e:d1:fe:bb:
                    25:d2:36:72:31:a4:3a:23:ad:e1:4e:24:b0:97:9d:
                    db:35:48:f9:aa:c1:51:57:1e:2d:ee:95:39:ca:32:
                    3f:4f:a9:e2:85:4e:11:fa:bd:25:4c:e4:06:1d:71:
                    7f:2c:d8:f6:c3:56:53:3b:ff:30:07:18:d6:06:52:
                    d5:cc:a2:3c:83:7f:3d:6f:d0:9f:6e:61:86:f1:f9:
                    b7:70:a3:bc:d4:33:ea:0a:18:5d:4c:16:5c:e6:77:
                    49:08:d8:3d:a2:92:10:a0:ee:19:b9:9d:fb:07:19:
                    26:86:a8:3f:f3:9b:dd:98:71:f2:20:e2:c4:23:1d:
                    6a:9b:e5:f1:2b:7c:c1:67:5d:6b:7f:84:90:03:49:
                    a7:d8:70:b1:e0:52:9d:e5:e0:6b:17:ef:3b:9c:09:
                    27:6b:1d:7f:98:4a:fa:f8:2b:1f:e3:99:d3:fd:5e:
                    fb:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:67:07:77:1C:DC:5B:72:F8:C5:F8:B7:15:A4:07:90:3B:26:94:F8
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9a9db74d-2685-478a-8752-9a852c0bc6fc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  50.16.160.0/20

    Signature Algorithm: sha256WithRSAEncryption
         93:f0:89:47:d2:43:0b:7a:e1:09:c4:4a:21:42:ac:f8:e6:4d:
         a0:d0:b2:91:2c:cf:22:85:21:53:ab:a3:4f:87:7c:59:d7:3e:
         6a:0d:65:4b:ca:57:a5:a6:53:e6:16:b3:64:86:e8:10:72:84:
         15:55:f1:23:09:c5:cc:64:4e:8b:72:7c:20:9b:8c:39:96:a5:
         58:5f:c6:13:d7:27:0a:4a:63:b2:73:43:92:9d:e5:11:d1:79:
         04:d3:d3:6d:39:09:f7:77:89:cd:74:70:dc:33:07:26:a1:40:
         54:c9:a8:30:ac:c9:fd:23:e5:e7:c9:59:e9:d7:0f:72:27:7d:
         61:4d:79:8b:52:75:9c:8e:df:a0:7c:f5:8d:ce:d0:31:0e:9f:
         e1:6d:93:b2:21:69:aa:f2:e4:7b:82:98:04:e6:a7:89:a9:56:
         5a:38:db:1c:20:13:02:dc:c6:3c:c9:e6:36:4c:eb:40:f9:b7:
         13:f9:3c:df:c8:97:ce:93:e6:00:b6:28:1c:3b:0c:0c:e6:2b:
         77:61:93:0a:d0:95:4e:fc:c0:d6:a6:91:f6:38:08:f7:d6:af:
         92:35:8a:31:2e:ff:fd:19:01:ed:34:9f:07:b3:81:f7:75:0d:
         db:6f:bc:7e:66:fc:10:e4:4d:a3:66:b5:41:d4:d6:e9:15:8d:
         9c:f3:b5:7c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFtfXwFcU0/UDczO9hAQtqmgAPtkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzIyMDA0MDI0WhcNMjUwODI2MjM1OTU5
WjB6MUkwRwYDVQQFE0AwZmI5Njk4NGY2YTU4ODZhMDhkZmJmOGQzMDI3NjA5YzFl
MTYzNDYzODM1ZmU4NmI1NjFmNzYxYmQyNjAxM2UxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDNCDlIVm8cZI88MGQvh02Ey6UjznZW7dAYmgPaIjpsHLZ9
p7pvDAivyOaLSaaVzyJw8QdFErr8eCftQXqP8f4xLr7oVf0VU2hq5cq85j96FYHR
l7bFjtH+uyXSNnIxpDojreFOJLCXnds1SPmqwVFXHi3ulTnKMj9PqeKFThH6vSVM
5AYdcX8s2PbDVlM7/zAHGNYGUtXMojyDfz1v0J9uYYbx+bdwo7zUM+oKGF1MFlzm
d0kI2D2ikhCg7hm5nfsHGSaGqD/zm92YcfIg4sQjHWqb5fErfMFnXWt/hJADSafY
cLHgUp3l4GsX7zucCSdrHX+YSvr4Kx/jmdP9XvtvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUb2cHdxzcW3L4xfi3FaQHkDsmlPgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzlhOWRiNzRkLTI2ODUtNDc4YS04NzUyLTlhODUyYzBiYzZmYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQyEKAwDQYJKoZIhvcNAQELBQADggEBAJPwiUfSQwt64QnESiFCrPjmTaDQ
spEszyKFIVOro0+HfFnXPmoNZUvKV6WmU+YWs2SG6BByhBVV8SMJxcxkTotyfCCb
jDmWpVhfxhPXJwpKY7JzQ5Kd5RHReQTT0205Cfd3ic10cNwzByahQFTJqDCsyf0j
5efJWenXD3InfWFNeYtSdZyO36B89Y3O0DEOn+Ftk7Ihaary5HuCmATmp4mpVlo4
2xwgEwLcxjzJ5jZM60D5txP5PN/Il86T5gC2KBw7DAzmK3dhkwrQlU78wNamkfY4
CPfWr5I1ijEu//0ZAe00nwezgfd1DdtvvH5m/BDkTaNmtUHU1ukVjZzztXw=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:28:27 2025 by rpki-client