Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9dfe9c23-3390-44e3-853d-2a5c92562a64.roa
File:                     9dfe9c23-3390-44e3-853d-2a5c92562a64.roa (raw, json)
Hash identifier:          SYT5NXdNlt/an0jUNxR+dqFHDywUwpOVPqxm2BNKQZg=
Subject key identifier:   61:30:03:7B:E5:98:D7:F6:47:6B:BA:DB:1A:7F:FF:F5:1C:EB:52:3F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6E1CB5CC46ABCB63B8B720CE092B70FBE1DDA87B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9dfe9c23-3390-44e3-853d-2a5c92562a64.roa
Signing time:             Wed 16 Jul 2025 00:01:37 +0000
ROA not before:           Wed 16 Jul 2025 00:01:37 +0000
ROA not after:            Wed 20 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.118.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:1c:b5:cc:46:ab:cb:63:b8:b7:20:ce:09:2b:70:fb:e1:dd:a8:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 16 00:01:37 2025 GMT
            Not After : Aug 20 23:59:59 2025 GMT
        Subject: serialNumber=209ba26e79b21bc15124f434d2877e149bf6f58001d28261098661c880eb19c0, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:15:80:a4:0b:28:6a:32:e4:f5:09:aa:40:3c:
                    e5:6d:78:df:03:5f:2b:77:1f:01:22:68:58:df:b0:
                    49:e5:fa:8c:1b:22:bb:97:e3:ae:54:57:91:be:ef:
                    69:fa:05:43:e7:db:65:29:76:52:1a:14:6b:65:59:
                    41:51:8f:ea:07:e3:5a:00:17:c6:09:8b:ac:f3:8a:
                    05:92:f9:f1:ae:d8:a7:38:c2:b9:d1:6b:04:fe:7a:
                    a5:35:bc:f1:e9:28:ef:0c:3b:4a:c0:dd:ba:b9:d7:
                    c7:b6:27:fb:4a:66:61:27:fa:82:23:4d:55:4c:23:
                    cb:98:62:a9:9e:fd:90:e2:c7:e9:43:4d:55:73:04:
                    f8:c9:c1:64:a2:46:fe:6b:69:d3:d4:74:8a:fd:ba:
                    a1:5a:d0:3c:2b:07:19:47:70:c7:6e:a4:1a:bf:b8:
                    17:da:c0:de:1f:4b:d6:e3:fc:dd:a9:31:ae:40:81:
                    9d:a0:24:5e:6b:70:94:16:29:1c:87:8e:60:42:ea:
                    cf:0b:46:c0:19:54:22:52:6f:af:3a:80:06:85:e2:
                    f0:98:47:da:63:c9:f3:c0:c5:e6:8d:c0:a4:3e:ca:
                    85:84:b8:85:ed:40:0e:32:16:0e:62:25:f1:fc:e0:
                    0f:98:9a:40:13:d8:fa:26:34:ac:5e:80:7e:29:1c:
                    c9:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:30:03:7B:E5:98:D7:F6:47:6B:BA:DB:1A:7F:FF:F5:1C:EB:52:3F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9dfe9c23-3390-44e3-853d-2a5c92562a64.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.118.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         2f:ee:97:4b:9e:86:de:7a:a0:26:b8:0a:f8:e5:73:71:af:11:
         7f:72:a4:d5:b9:23:33:3c:54:09:eb:4f:b3:21:44:41:5d:5c:
         af:ab:ad:73:39:89:a4:ae:4e:9c:5c:f6:44:48:c6:21:43:a3:
         e5:4e:62:7b:a8:7a:55:18:9c:18:60:01:dd:80:cd:71:a5:4e:
         d5:22:d3:5a:e2:49:27:ee:ef:62:70:db:45:ea:5c:99:d1:37:
         de:22:b4:ef:77:f6:e4:b3:9e:c3:df:13:42:8c:e7:92:29:9b:
         5a:0f:4a:fc:eb:5e:94:8f:34:77:b9:c5:d6:0a:73:38:2c:7a:
         df:d7:58:ab:cd:e7:da:ba:24:78:9f:4d:c7:a1:91:20:64:eb:
         bd:44:63:7f:92:98:98:01:cd:62:3c:f1:b0:a8:63:5d:bc:c0:
         74:9b:6d:68:ef:62:1a:21:d8:0d:4f:9f:c2:d3:89:f7:e7:79:
         8b:12:f5:e0:e5:63:a3:0e:4c:83:3f:61:2f:c4:61:3b:34:fb:
         b6:5b:1b:9e:6a:72:c8:88:75:41:6b:81:e0:7e:ae:72:cb:e0:
         26:8b:5d:47:15:bf:c5:11:38:9f:b2:d6:52:c0:5c:99:12:2f:
         eb:9c:d6:c2:ae:7b:f2:6c:d8:4f:d1:16:26:40:68:ce:f8:6a:
         c7:97:83:6e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUbhy1zEary2O4tyDOCStw++HdqHswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzE2MDAwMTM3WhcNMjUwODIwMjM1OTU5
WjB6MUkwRwYDVQQFE0AyMDliYTI2ZTc5YjIxYmMxNTEyNGY0MzRkMjg3N2UxNDli
ZjZmNTgwMDFkMjgyNjEwOTg2NjFjODgwZWIxOWMwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCOFYCkCyhqMuT1CapAPOVteN8DXyt3HwEiaFjfsEnl+owb
IruX465UV5G+72n6BUPn22UpdlIaFGtlWUFRj+oH41oAF8YJi6zzigWS+fGu2Kc4
wrnRawT+eqU1vPHpKO8MO0rA3bq518e2J/tKZmEn+oIjTVVMI8uYYqme/ZDix+lD
TVVzBPjJwWSiRv5radPUdIr9uqFa0DwrBxlHcMdupBq/uBfawN4fS9bj/N2pMa5A
gZ2gJF5rcJQWKRyHjmBC6s8LRsAZVCJSb686gAaF4vCYR9pjyfPAxeaNwKQ+yoWE
uIXtQA4yFg5iJfH84A+YmkAT2PomNKxegH4pHMnDAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUYTADe+WY1/ZHa7rbGn//9RzrUj8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzlkZmU5YzIzLTMzOTAtNDRlMy04NTNkLTJhNWM5MjU2MmE2NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQdjANBgkqhkiG9w0BAQsFAAOCAQEAL+6XS56G3nqgJrgK+OVzca8Rf3Kk
1bkjMzxUCetPsyFEQV1cr6utczmJpK5OnFz2REjGIUOj5U5ie6h6VRicGGAB3YDN
caVO1SLTWuJJJ+7vYnDbRepcmdE33iK073f25LOew98TQoznkimbWg9K/OtelI80
d7nF1gpzOCx639dYq83n2rokeJ9Nx6GRIGTrvURjf5KYmAHNYjzxsKhjXbzAdJtt
aO9iGiHYDU+fwtOJ9+d5ixL14OVjow5Mgz9hL8RhOzT7tlsbnmpyyIh1QWuB4H6u
csvgJotdRxW/xRE4n7LWUsBcmRIv65zWwq578mzYT9EWJkBozvhqx5eDbg==
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:22:46 2025 by rpki-client