Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9f6d0499-6523-42dc-96f7-6d729660d8b6.roa
File:                     9f6d0499-6523-42dc-96f7-6d729660d8b6.roa (raw, json)
Hash identifier:          869zeWSEHYrj7tyErPPapE8wVe8bphGcGqVukB9+cco=
Subject key identifier:   3D:1F:0E:0B:1E:1B:C6:8A:F4:DC:A3:E6:69:4A:6A:C1:E6:81:AD:11
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       49C3850B5156A370E1639A010E9F0DB7D783AE1E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9f6d0499-6523-42dc-96f7-6d729660d8b6.roa
Signing time:             Tue 22 Jul 2025 00:20:16 +0000
ROA not before:           Tue 22 Jul 2025 00:20:16 +0000
ROA not after:            Tue 26 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        23.238.128.0/17 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:c3:85:0b:51:56:a3:70:e1:63:9a:01:0e:9f:0d:b7:d7:83:ae:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 22 00:20:16 2025 GMT
            Not After : Aug 26 23:59:59 2025 GMT
        Subject: serialNumber=dcbf78a587b41a318fc0c6606766275bf20fc3df90d225c93d8e14103f0046f2, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:3a:f8:5d:06:c6:f8:19:06:02:3b:ad:e1:26:
                    4a:c4:66:08:72:2d:ab:82:88:84:78:6d:35:b2:31:
                    b3:99:eb:8b:da:05:9d:e4:27:df:0f:92:d2:42:48:
                    ec:59:52:6f:0d:aa:36:2e:53:9e:20:b2:95:9a:66:
                    a2:b1:39:ef:27:07:cb:51:aa:75:74:de:09:d3:a2:
                    d7:5c:f9:0e:dd:56:c8:eb:e3:ef:3c:db:cf:6a:af:
                    66:44:51:0a:a1:f8:ca:6c:e8:77:8a:f5:3d:0d:45:
                    08:b2:3f:b6:2d:df:0e:fd:c5:e6:c4:5a:9e:0e:42:
                    4a:22:1f:be:9a:01:88:97:8c:c7:26:17:9c:67:27:
                    20:23:48:36:99:d8:2c:b9:1f:30:61:4d:a1:0a:23:
                    65:3e:65:8e:7d:07:d8:19:2f:86:9e:3a:b1:9b:f0:
                    f3:ce:7f:ba:bb:33:74:7e:96:7e:46:f9:2a:ae:e2:
                    50:a7:c6:81:66:95:25:e0:f6:5f:31:c4:13:4b:8a:
                    22:e8:aa:48:e4:97:cb:f5:41:d7:a6:95:d9:ef:19:
                    e9:46:09:b6:c8:dc:a7:86:3f:6c:20:67:bc:be:26:
                    54:28:82:57:c0:c5:ba:15:fd:7f:fb:cc:d1:56:f4:
                    26:9c:03:59:73:fe:02:5a:94:73:4b:f8:3b:dd:3b:
                    9a:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:1F:0E:0B:1E:1B:C6:8A:F4:DC:A3:E6:69:4A:6A:C1:E6:81:AD:11
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9f6d0499-6523-42dc-96f7-6d729660d8b6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.238.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         d2:ef:48:d2:f9:f7:04:61:12:45:d8:d1:68:3e:6e:f3:e4:5a:
         e1:dd:9c:51:83:b7:0f:9d:e2:f2:8c:30:11:4d:93:04:df:38:
         96:b6:aa:67:8a:3e:27:b4:98:8f:c9:8d:6d:56:9b:2c:9d:b3:
         04:23:3f:4b:98:7e:ea:68:1e:48:07:e2:b1:ff:f2:21:74:7a:
         b9:d4:f0:00:b6:6b:ce:9b:c7:26:ea:95:27:87:81:56:aa:89:
         c3:ae:4b:c1:66:f1:08:7e:24:1c:19:2e:f8:a8:ab:10:d6:3d:
         38:10:55:3d:36:56:51:0b:23:b1:b3:ce:52:bc:38:bd:a3:2b:
         d5:b1:68:d0:bd:1c:3d:ce:92:1c:fc:62:b5:96:9b:a0:c6:d9:
         4c:52:f0:0f:52:a3:01:4b:df:a5:e0:7a:f5:09:a3:d9:26:77:
         76:dc:c8:3c:81:33:6a:58:45:ad:1e:05:03:d7:e2:8b:6e:04:
         82:a5:aa:3e:d6:b6:d9:87:07:c2:00:9a:35:c1:73:cb:c7:91:
         5d:b8:0a:50:02:bf:ab:cd:5b:33:23:86:14:d3:72:eb:91:b3:
         a7:83:6a:f0:a8:c5:0e:9b:2e:3e:c4:ed:6d:32:f4:dd:5d:4f:
         6c:d7:0a:da:ad:94:7b:3c:95:ff:38:e4:1d:f0:02:84:cb:69:
         bb:be:2a:5b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUScOFC1FWo3DhY5oBDp8Nt9eDrh4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzIyMDAyMDE2WhcNMjUwODI2MjM1OTU5
WjB6MUkwRwYDVQQFE0BkY2JmNzhhNTg3YjQxYTMxOGZjMGM2NjA2NzY2Mjc1YmYy
MGZjM2RmOTBkMjI1YzkzZDhlMTQxMDNmMDA0NmYyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCxOvhdBsb4GQYCO63hJkrEZghyLauCiIR4bTWyMbOZ64va
BZ3kJ98PktJCSOxZUm8NqjYuU54gspWaZqKxOe8nB8tRqnV03gnTotdc+Q7dVsjr
4+88289qr2ZEUQqh+Mps6HeK9T0NRQiyP7Yt3w79xebEWp4OQkoiH76aAYiXjMcm
F5xnJyAjSDaZ2Cy5HzBhTaEKI2U+ZY59B9gZL4aeOrGb8PPOf7q7M3R+ln5G+Squ
4lCnxoFmlSXg9l8xxBNLiiLoqkjkl8v1QdemldnvGelGCbbI3KeGP2wgZ7y+JlQo
glfAxboV/X/7zNFW9CacA1lz/gJalHNL+DvdO5otAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUPR8OCx4bxor03KPmaUpqweaBrREwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzlmNmQwNDk5LTY1MjMtNDJkYy05NmY3LTZkNzI5NjYwZDhiNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAcX7oAwDQYJKoZIhvcNAQELBQADggEBANLvSNL59wRhEkXY0Wg+bvPkWuHd
nFGDtw+d4vKMMBFNkwTfOJa2qmeKPie0mI/JjW1WmyydswQjP0uYfupoHkgH4rH/
8iF0ernU8AC2a86bxybqlSeHgVaqicOuS8Fm8Qh+JBwZLvioqxDWPTgQVT02VlEL
I7GzzlK8OL2jK9WxaNC9HD3Okhz8YrWWm6DG2UxS8A9SowFL36XgevUJo9kmd3bc
yDyBM2pYRa0eBQPX4otuBIKlqj7WttmHB8IAmjXBc8vHkV24ClACv6vNWzMjhhTT
cuuRs6eDavCoxQ6bLj7E7W0y9N1dT2zXCtqtlHs8lf845B3wAoTLabu+Kls=
-----END CERTIFICATE-----
Generated at Tue Jul 22 04:37:18 2025 by rpki-client