Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9b9e07de-e076-42d6-a7cb-8400f81babe2.roa
File:                     9b9e07de-e076-42d6-a7cb-8400f81babe2.roa (raw, json)
Hash identifier:          NU0MaHRKdx6VCSl+ZSoLZoobS0QLxhYRbHgGqaExPvA=
Subject key identifier:   EE:EA:DF:31:75:5B:C1:16:0F:38:62:34:24:67:D8:9E:BD:BD:D0:95
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6A10B770EE46D8DAA10D3A16CA4A83C7126D5D5D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9b9e07de-e076-42d6-a7cb-8400f81babe2.roa
Signing time:             Fri 18 Jul 2025 00:30:14 +0000
ROA not before:           Fri 18 Jul 2025 00:30:14 +0000
ROA not after:            Fri 22 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        57.91.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:10:b7:70:ee:46:d8:da:a1:0d:3a:16:ca:4a:83:c7:12:6d:5d:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 18 00:30:14 2025 GMT
            Not After : Aug 22 23:59:59 2025 GMT
        Subject: serialNumber=c980df14ea9105541d77255a02afb6695a75f7003290a620f0753e66c7c03046, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:18:54:50:5f:fa:38:59:9e:5c:fc:35:fd:c3:
                    42:3b:ae:ab:07:19:e0:5e:8b:8a:eb:6b:32:84:fd:
                    f6:b8:5a:85:e3:bb:57:1e:80:8d:9a:fe:3b:27:f8:
                    52:d6:74:04:d1:42:98:47:a3:a5:75:64:81:3b:08:
                    50:9c:28:1a:81:4b:cf:71:ce:af:d8:0c:01:9d:a9:
                    43:b0:fb:51:6e:21:c6:10:9b:a0:3a:7e:ea:98:f7:
                    ab:08:78:38:03:e2:98:7c:46:2b:8a:ec:14:e1:19:
                    35:91:46:59:d9:e0:5a:75:44:3f:4d:6e:4c:fe:6a:
                    48:dc:b8:ce:6c:1c:76:e1:3c:31:43:e2:89:5f:38:
                    98:00:9d:c3:58:80:99:fd:cd:04:42:68:46:ff:85:
                    bc:c0:59:1f:dc:a2:0d:67:7a:09:64:80:60:1b:5d:
                    c0:90:a1:c4:d1:c4:a3:42:c8:b0:b1:e0:25:19:43:
                    de:30:d1:82:db:4b:5c:b6:ed:e3:3f:98:9c:5d:bf:
                    19:dc:7c:24:b4:67:aa:be:3b:37:17:9a:bb:b9:93:
                    28:16:eb:39:5f:cc:53:ce:42:34:de:07:93:f9:25:
                    08:fb:44:2a:f6:f2:8a:4f:80:1f:ac:29:a1:04:0a:
                    b7:b5:9b:ef:41:d4:5c:90:db:28:c7:8b:c9:05:2d:
                    5d:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:EA:DF:31:75:5B:C1:16:0F:38:62:34:24:67:D8:9E:BD:BD:D0:95
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9b9e07de-e076-42d6-a7cb-8400f81babe2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  57.91.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         bd:6b:ca:8e:e2:4d:a7:19:ad:e4:eb:7f:3c:6e:98:38:c9:f2:
         54:3b:bf:a2:5c:65:9b:bf:fb:b1:7d:4d:a0:d1:a3:e7:f2:4b:
         5a:18:b9:85:71:01:ec:10:12:12:a9:de:ee:59:f7:09:ee:55:
         4a:86:74:48:a5:27:e8:72:13:94:49:e4:aa:2c:af:2a:87:41:
         26:73:c4:b2:08:1d:de:24:2d:e4:95:e6:e8:36:f5:69:bf:31:
         90:84:f8:d7:46:aa:13:27:7e:f8:2e:76:15:d9:b1:6c:7d:b2:
         35:ec:86:17:5c:d8:49:01:c2:6c:fa:af:9e:fe:18:c2:62:4e:
         46:78:63:14:71:40:ce:48:6f:b4:8a:08:07:6e:66:c2:84:14:
         bd:1b:15:86:04:2d:a2:cc:9b:dc:98:c2:ee:40:0d:1b:b5:e8:
         3b:5e:66:9e:79:af:56:00:e1:fb:91:d4:a1:c5:09:49:73:1c:
         29:0c:02:04:b4:d4:e7:75:3f:71:8f:df:66:c8:17:3a:c2:f1:
         98:e6:f2:f3:98:30:f8:03:6c:8a:53:78:af:5a:67:94:25:1e:
         21:58:fe:40:0c:15:c6:f2:78:26:6b:9a:f0:41:6f:e9:f1:29:
         87:51:11:b7:4a:dd:0e:81:b7:22:23:ea:58:05:7d:38:eb:6c:
         ba:0d:a9:27
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUahC3cO5G2NqhDToWykqDxxJtXV0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzE4MDAzMDE0WhcNMjUwODIyMjM1OTU5
WjB6MUkwRwYDVQQFE0BjOTgwZGYxNGVhOTEwNTU0MWQ3NzI1NWEwMmFmYjY2OTVh
NzVmNzAwMzI5MGE2MjBmMDc1M2U2NmM3YzAzMDQ2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCmGFRQX/o4WZ5c/DX9w0I7rqsHGeBei4rrazKE/fa4WoXj
u1cegI2a/jsn+FLWdATRQphHo6V1ZIE7CFCcKBqBS89xzq/YDAGdqUOw+1FuIcYQ
m6A6fuqY96sIeDgD4ph8RiuK7BThGTWRRlnZ4Fp1RD9Nbkz+akjcuM5sHHbhPDFD
4olfOJgAncNYgJn9zQRCaEb/hbzAWR/cog1neglkgGAbXcCQocTRxKNCyLCx4CUZ
Q94w0YLbS1y27eM/mJxdvxncfCS0Z6q+OzcXmru5kygW6zlfzFPOQjTeB5P5JQj7
RCr28opPgB+sKaEECre1m+9B1FyQ2yjHi8kFLV0PAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU7urfMXVbwRYPOGI0JGfYnr290JUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzliOWUwN2RlLWUwNzYtNDJkNi1hN2NiLTg0MDBmODFiYWJlMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA5WzANBgkqhkiG9w0BAQsFAAOCAQEAvWvKjuJNpxmt5Ot/PG6YOMnyVDu/
olxlm7/7sX1NoNGj5/JLWhi5hXEB7BASEqne7ln3Ce5VSoZ0SKUn6HITlEnkqiyv
KodBJnPEsggd3iQt5JXm6Db1ab8xkIT410aqEyd++C52FdmxbH2yNeyGF1zYSQHC
bPqvnv4YwmJORnhjFHFAzkhvtIoIB25mwoQUvRsVhgQtosyb3JjC7kANG7XoO15m
nnmvVgDh+5HUocUJSXMcKQwCBLTU53U/cY/fZsgXOsLxmOby85gw+ANsilN4r1pn
lCUeIVj+QAwVxvJ4Jmua8EFv6fEph1ERt0rdDoG3IiPqWAV9OOtsug2pJw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:56:36 2025 by rpki-client