Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a63343bf-20b0-46ed-8758-a3e8f35745cc.roa
File:                     a63343bf-20b0-46ed-8758-a3e8f35745cc.roa (raw, json)
Hash identifier:          E3E784qpIN9BgJL9RHztemCOPk7aWBUHZZJczj6X7o0=
Subject key identifier:   34:68:3D:61:26:4E:8E:08:89:4C:80:C2:33:0C:92:36:CF:79:BB:06
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       09065A95326A7BB6D6EAACC59EB2C052BEFAA36B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a63343bf-20b0-46ed-8758-a3e8f35745cc.roa
Signing time:             Wed 23 Jul 2025 00:20:27 +0000
ROA not before:           Wed 23 Jul 2025 00:20:27 +0000
ROA not after:            Wed 27 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        184.73.160.0/19 maxlen: 19
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:06:5a:95:32:6a:7b:b6:d6:ea:ac:c5:9e:b2:c0:52:be:fa:a3:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 23 00:20:27 2025 GMT
            Not After : Aug 27 23:59:59 2025 GMT
        Subject: serialNumber=a93749f55ff2d3f7f92aa94ae108e4505f446db9b64fab1145ffd9587a490f8f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:cd:a8:1c:cd:62:05:f6:3c:64:3c:37:85:a3:
                    85:07:07:69:73:ee:89:8f:d3:6c:e3:b8:ab:28:9a:
                    b5:14:d3:cc:00:ee:45:17:f0:47:5e:27:b5:36:06:
                    44:f9:3d:05:46:8a:d9:fd:35:55:c3:11:74:f3:01:
                    bd:82:32:d6:b7:3f:34:71:4e:09:f0:58:52:fd:09:
                    34:89:da:f4:55:07:8f:2f:9f:33:91:d3:89:e7:a2:
                    52:ed:9d:2d:ff:a1:b2:18:a9:45:00:ea:64:38:96:
                    87:5a:d7:e2:f8:62:f3:04:fe:5e:db:5b:85:89:70:
                    36:a8:be:7b:49:1e:50:79:e2:99:4d:82:10:0d:e9:
                    a0:5e:c8:61:2c:42:e2:72:81:57:8a:a3:e4:0b:38:
                    d5:42:81:30:68:aa:5e:35:0f:32:a3:7f:61:89:a2:
                    a5:a8:fe:c4:a4:45:16:2f:06:54:59:e0:43:63:33:
                    88:04:b4:c5:6a:65:b5:12:ff:50:ad:8e:0d:ed:9c:
                    92:8a:71:43:16:d5:5f:b1:30:63:15:6f:82:7d:36:
                    a1:c9:10:e2:db:fc:a9:a4:81:65:ab:16:63:7f:09:
                    c8:d1:d1:33:4a:2b:79:c0:f0:4c:5d:b9:49:47:9b:
                    5a:da:af:c4:ca:9c:6f:3b:36:e5:fc:b3:13:93:aa:
                    8b:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:68:3D:61:26:4E:8E:08:89:4C:80:C2:33:0C:92:36:CF:79:BB:06
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a63343bf-20b0-46ed-8758-a3e8f35745cc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  184.73.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         61:5e:0a:4d:29:38:da:9b:99:6d:59:cc:24:27:d5:69:ec:2f:
         f9:34:2f:8a:59:df:8a:42:a5:73:9f:4a:41:fd:0b:20:f0:22:
         90:bf:ea:2b:64:0c:2d:93:54:45:d4:21:a1:39:80:69:1a:22:
         ff:75:a3:a2:1d:46:af:e4:dd:27:39:ce:d9:94:8b:5e:11:64:
         0e:61:e6:54:17:08:3d:58:5c:6b:13:10:9b:0f:2e:c7:23:7d:
         9c:4f:3a:eb:0d:f4:dd:87:dc:35:68:70:e2:f1:7c:a8:d3:71:
         76:11:33:da:c0:e3:8e:4d:a3:d8:93:6a:5c:da:80:14:70:85:
         0b:ed:ab:a4:fb:60:93:c9:5f:c1:54:31:31:b0:f0:d2:b1:d6:
         12:62:e4:64:6d:dd:ab:ef:ca:3a:b2:ee:ae:48:29:fd:8b:a7:
         4b:58:58:08:08:00:dc:51:4c:d1:3b:97:1b:39:1b:df:49:c1:
         ff:fa:6a:ef:bc:5c:46:2f:80:b2:de:b2:e0:37:c8:0b:9c:61:
         90:d8:06:ca:25:f1:e6:1d:70:0e:b0:63:f8:38:ab:d8:51:28:
         f0:c5:9f:dd:26:7c:76:9f:75:96:1d:b3:63:8f:bc:81:11:7f:
         b2:da:14:45:2a:18:80:35:b7:55:01:4b:27:81:ab:1c:a3:3f:
         15:ad:83:32
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCQZalTJqe7bW6qzFnrLAUr76o2swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzIzMDAyMDI3WhcNMjUwODI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BhOTM3NDlmNTVmZjJkM2Y3ZjkyYWE5NGFlMTA4ZTQ1MDVm
NDQ2ZGI5YjY0ZmFiMTE0NWZmZDk1ODdhNDkwZjhmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDjzagczWIF9jxkPDeFo4UHB2lz7omP02zjuKsomrUU08wA
7kUX8EdeJ7U2BkT5PQVGitn9NVXDEXTzAb2CMta3PzRxTgnwWFL9CTSJ2vRVB48v
nzOR04nnolLtnS3/obIYqUUA6mQ4loda1+L4YvME/l7bW4WJcDaovntJHlB54plN
ghAN6aBeyGEsQuJygVeKo+QLONVCgTBoql41DzKjf2GJoqWo/sSkRRYvBlRZ4ENj
M4gEtMVqZbUS/1Ctjg3tnJKKcUMW1V+xMGMVb4J9NqHJEOLb/KmkgWWrFmN/CcjR
0TNKK3nA8ExduUlHm1rar8TKnG87NuX8sxOTqourAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUNGg9YSZOjgiJTIDCMwySNs95uwYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E2MzM0M2JmLTIwYjAtNDZlZC04NzU4LWEzZThmMzU3NDVjYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAW4SaAwDQYJKoZIhvcNAQELBQADggEBAGFeCk0pONqbmW1ZzCQn1WnsL/k0
L4pZ34pCpXOfSkH9CyDwIpC/6itkDC2TVEXUIaE5gGkaIv91o6IdRq/k3Sc5ztmU
i14RZA5h5lQXCD1YXGsTEJsPLscjfZxPOusN9N2H3DVocOLxfKjTcXYRM9rA445N
o9iTalzagBRwhQvtq6T7YJPJX8FUMTGw8NKx1hJi5GRt3avvyjqy7q5IKf2Lp0tY
WAgIANxRTNE7lxs5G99Jwf/6au+8XEYvgLLesuA3yAucYZDYBsol8eYdcA6wY/g4
q9hRKPDFn90mfHafdZYds2OPvIERf7LaFEUqGIA1t1UBSyeBqxyjPxWtgzI=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:11:10 2025 by rpki-client