Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9d4ea817-9a30-46eb-adae-ea1411984c84.roa
File:                     9d4ea817-9a30-46eb-adae-ea1411984c84.roa (raw, json)
Hash identifier:          k0TrhettasEiAPg2t7UKow4VjUGhtExjtEchVInuR1Y=
Subject key identifier:   82:FC:A3:13:F6:EB:D5:68:EB:F9:5F:3B:F4:0D:92:16:E3:EB:03:B1
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4DFF8F9A573BDFEC7944E7AE18D5DE290720E60B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9d4ea817-9a30-46eb-adae-ea1411984c84.roa
Signing time:             Mon 21 Jul 2025 16:00:21 +0000
ROA not before:           Mon 21 Jul 2025 16:00:21 +0000
ROA not after:            Mon 25 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        40.45.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:ff:8f:9a:57:3b:df:ec:79:44:e7:ae:18:d5:de:29:07:20:e6:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 21 16:00:21 2025 GMT
            Not After : Aug 25 23:59:59 2025 GMT
        Subject: serialNumber=125c0602d3e353efad259026037df7e7118a9e5d5405a581c9568adf8d1fcb38, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:cf:31:c9:23:38:a5:0f:e5:68:7b:aa:91:80:
                    e1:d7:5d:38:c8:80:92:63:46:55:63:39:f9:4c:03:
                    d9:de:09:9f:ba:65:05:f9:5f:28:48:12:b6:38:c6:
                    1d:96:e0:e7:46:2e:b5:23:88:94:1f:e0:c6:79:94:
                    2e:1d:cc:ab:26:a3:f8:53:8f:21:29:95:32:62:2e:
                    32:38:f6:82:ac:4b:02:ac:ee:b7:74:62:f1:84:bf:
                    29:32:9e:fd:8c:70:8c:7e:0e:0b:f4:84:8b:89:e3:
                    91:e2:2c:c4:03:2e:3a:43:da:2e:43:be:c9:a7:7f:
                    00:5f:9a:4c:7d:d1:84:18:3d:06:ea:a6:c9:04:96:
                    79:23:64:12:18:b0:e3:b8:b3:b1:f1:96:16:91:dc:
                    54:40:fc:af:4a:1e:d1:32:50:29:51:bf:fe:e8:a9:
                    ee:4b:88:dc:77:30:92:a5:6b:90:47:b0:b9:ed:db:
                    cb:e1:16:96:fd:40:45:6d:70:f1:d6:6f:b5:5d:a8:
                    eb:d1:70:8e:b8:bf:91:0f:43:b6:f0:5c:b2:f8:29:
                    f6:11:19:ee:15:c2:f5:07:1d:4e:9f:2d:0f:36:9f:
                    b0:d2:2a:44:c1:4d:bb:18:b4:6e:db:36:e1:66:62:
                    ed:ca:5b:a2:05:5d:bd:ff:06:88:9d:7f:bc:68:ce:
                    a1:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:FC:A3:13:F6:EB:D5:68:EB:F9:5F:3B:F4:0D:92:16:E3:EB:03:B1
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9d4ea817-9a30-46eb-adae-ea1411984c84.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  40.45.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         98:01:8d:3d:5e:fa:f3:d7:c8:6a:96:84:64:52:44:bc:09:4b:
         15:91:23:60:f3:eb:37:9b:ba:7b:22:b1:4e:32:d6:4c:dd:d7:
         94:67:35:56:13:40:bb:8f:ea:46:00:71:89:0f:55:e6:c3:53:
         2f:86:43:9c:28:4a:06:ba:9c:d3:0b:8f:97:69:e1:f2:8d:6c:
         bd:ff:f4:11:69:af:78:eb:8e:3f:81:2b:d7:fb:1e:26:50:46:
         ac:ad:ac:93:31:cd:fd:d8:37:62:45:f1:22:7c:39:b5:89:15:
         2c:53:f4:f3:da:db:07:76:69:8b:1d:37:81:28:39:4b:02:b0:
         08:88:a5:b0:1a:6c:8b:52:5b:49:2e:c7:5f:5a:21:49:35:31:
         ca:f6:2d:fb:f7:41:7f:63:07:eb:32:17:38:24:95:2a:9f:1c:
         31:05:78:1b:82:d1:16:c1:8e:66:16:3c:b6:d3:1a:34:66:6f:
         31:1b:f2:73:12:4c:67:4a:23:ce:3f:8f:40:6b:af:c9:e9:d4:
         64:10:59:f0:1d:7e:9b:62:00:85:0b:28:d5:32:11:d3:b6:2c:
         16:80:97:8a:7b:36:07:d8:66:83:fa:70:e5:2e:e3:7e:66:3a:
         ba:9f:0a:3d:8f:f6:ef:b3:9d:15:85:02:18:6f:52:93:7c:3e:
         4e:be:e3:78
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUTf+Pmlc73+x5ROeuGNXeKQcg5gswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzIxMTYwMDIxWhcNMjUwODI1MjM1OTU5
WjB6MUkwRwYDVQQFE0AxMjVjMDYwMmQzZTM1M2VmYWQyNTkwMjYwMzdkZjdlNzEx
OGE5ZTVkNTQwNWE1ODFjOTU2OGFkZjhkMWZjYjM4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDOzzHJIzilD+Voe6qRgOHXXTjIgJJjRlVjOflMA9neCZ+6
ZQX5XyhIErY4xh2W4OdGLrUjiJQf4MZ5lC4dzKsmo/hTjyEplTJiLjI49oKsSwKs
7rd0YvGEvykynv2McIx+Dgv0hIuJ45HiLMQDLjpD2i5DvsmnfwBfmkx90YQYPQbq
pskElnkjZBIYsOO4s7HxlhaR3FRA/K9KHtEyUClRv/7oqe5LiNx3MJKla5BHsLnt
28vhFpb9QEVtcPHWb7VdqOvRcI64v5EPQ7bwXLL4KfYRGe4VwvUHHU6fLQ82n7DS
KkTBTbsYtG7bNuFmYu3KW6IFXb3/Boidf7xozqFnAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUgvyjE/br1Wjr+V879A2SFuPrA7EwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzlkNGVhODE3LTlhMzAtNDZlYi1hZGFlLWVhMTQxMTk4NGM4NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAoLTANBgkqhkiG9w0BAQsFAAOCAQEAmAGNPV7689fIapaEZFJEvAlLFZEj
YPPrN5u6eyKxTjLWTN3XlGc1VhNAu4/qRgBxiQ9V5sNTL4ZDnChKBrqc0wuPl2nh
8o1svf/0EWmveOuOP4Er1/seJlBGrK2skzHN/dg3YkXxInw5tYkVLFP089rbB3Zp
ix03gSg5SwKwCIilsBpsi1JbSS7HX1ohSTUxyvYt+/dBf2MH6zIXOCSVKp8cMQV4
G4LRFsGOZhY8ttMaNGZvMRvycxJMZ0ojzj+PQGuvyenUZBBZ8B1+m2IAhQso1TIR
07YsFoCXins2B9hmg/pw5S7jfmY6up8KPY/277OdFYUCGG9Sk3w+Tr7jeA==
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:08:49 2025 by rpki-client