Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bfc06570-1c08-42bc-91fd-3d5ee81024c4.roa
File:                     bfc06570-1c08-42bc-91fd-3d5ee81024c4.roa (raw, json)
Hash identifier:          JV12kf+udf4Q0q90WaZ5Qb1kh4q/XdkNZyQyOaSASwU=
Subject key identifier:   A8:77:BE:CE:D7:43:06:EE:46:39:45:62:E5:AE:B6:DC:3D:7D:5E:0C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7066F5252C3DF4CF423AB31C0A18119D749D7CF8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bfc06570-1c08-42bc-91fd-3d5ee81024c4.roa
Signing time:             Mon 07 Jul 2025 16:01:28 +0000
ROA not before:           Mon 07 Jul 2025 16:01:28 +0000
ROA not after:            Mon 11 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        110.238.4.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:66:f5:25:2c:3d:f4:cf:42:3a:b3:1c:0a:18:11:9d:74:9d:7c:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  7 16:01:28 2025 GMT
            Not After : Aug 11 23:59:59 2025 GMT
        Subject: serialNumber=9365ec2d675d935e84d53a1643bdbb68448e74ec0beaabed2f5f245dd4749671, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:a4:15:a7:ad:15:04:0a:5f:9f:f3:9f:06:fa:
                    d8:cd:c3:57:6c:6c:24:b2:9c:4b:54:b7:ef:b8:87:
                    29:aa:b3:08:df:64:0a:05:10:63:16:a4:54:b0:2c:
                    3a:c4:fd:f3:e4:31:86:55:af:a0:84:f3:29:26:39:
                    1c:95:e9:b7:48:e7:75:c7:c0:c9:59:9b:6d:0b:31:
                    74:6d:ad:46:ad:6d:fa:ca:37:a2:bb:80:3c:e2:f9:
                    18:04:3c:0c:22:37:1a:53:79:55:d6:3b:a8:10:7b:
                    46:0f:13:cc:de:68:8c:a1:c4:f7:ef:47:ff:95:ec:
                    0f:eb:4b:52:a6:17:e2:34:3a:96:c4:b3:9a:f9:53:
                    aa:9a:da:3b:49:33:ad:9b:f2:0e:5d:70:ee:b6:b9:
                    9c:f4:50:15:2a:f2:dd:02:53:93:f9:37:87:63:3f:
                    c6:f0:72:ee:99:78:9e:1f:ec:3a:e6:90:a8:dc:46:
                    5a:6b:0a:bd:3e:85:25:01:07:49:37:d8:a4:fa:72:
                    06:c4:28:fa:82:fa:8a:46:b6:26:b8:dc:3b:d2:dc:
                    b1:db:11:72:8b:38:72:c4:77:00:d8:11:db:2d:22:
                    eb:f9:01:50:d3:38:1a:1b:2c:dd:ad:1a:a2:af:e1:
                    6c:2e:eb:b3:4c:82:53:ef:a0:64:97:35:e2:fa:e4:
                    42:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:77:BE:CE:D7:43:06:EE:46:39:45:62:E5:AE:B6:DC:3D:7D:5E:0C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bfc06570-1c08-42bc-91fd-3d5ee81024c4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  110.238.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a5:c5:14:93:c1:5f:91:d4:6c:a6:fd:4f:c1:ef:12:fc:02:32:
         74:66:5b:4c:7c:58:89:1e:c1:b9:59:e2:85:ff:50:7b:e5:6c:
         38:f0:aa:b6:9b:86:b2:4f:7c:d7:43:14:bb:62:1e:80:14:7b:
         0d:83:a7:f2:14:18:4a:7c:17:bb:f5:ea:2c:0c:21:66:c1:b1:
         c7:0c:36:e0:72:6f:b4:e2:33:6d:93:55:2e:28:0c:ad:2f:76:
         70:de:e5:26:e0:75:16:64:f4:7c:47:cd:e5:1d:cd:13:62:e4:
         0a:de:e7:ac:6d:b4:92:de:b9:b1:32:ee:36:25:8d:03:cd:06:
         fc:5e:34:c3:bb:2c:94:6c:22:02:24:71:9c:3e:51:a6:e6:44:
         6b:ae:6e:a3:12:c9:be:99:ea:57:22:38:f9:40:41:57:09:bd:
         35:5e:18:4f:56:8f:80:19:53:ba:90:bf:17:15:17:7d:78:dc:
         1d:cb:d1:4a:12:57:9e:9e:57:a0:3a:09:55:81:bd:c8:08:32:
         f5:d4:01:81:25:bf:5a:e5:77:e0:38:c8:aa:93:de:3f:54:79:
         65:ed:41:5c:cf:ca:0c:d4:2c:15:58:77:40:ea:6e:fa:55:75:
         c6:2d:1b:b7:aa:e4:b4:c0:51:ee:bc:c5:24:b8:1a:f2:8b:ef:
         b6:bf:34:1d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcGb1JSw99M9COrMcChgRnXSdfPgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA3MTYwMTI4WhcNMjUwODExMjM1OTU5
WjB6MUkwRwYDVQQFE0A5MzY1ZWMyZDY3NWQ5MzVlODRkNTNhMTY0M2JkYmI2ODQ0
OGU3NGVjMGJlYWFiZWQyZjVmMjQ1ZGQ0NzQ5NjcxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDIpBWnrRUECl+f858G+tjNw1dsbCSynEtUt++4hymqswjf
ZAoFEGMWpFSwLDrE/fPkMYZVr6CE8ykmORyV6bdI53XHwMlZm20LMXRtrUatbfrK
N6K7gDzi+RgEPAwiNxpTeVXWO6gQe0YPE8zeaIyhxPfvR/+V7A/rS1KmF+I0OpbE
s5r5U6qa2jtJM62b8g5dcO62uZz0UBUq8t0CU5P5N4djP8bwcu6ZeJ4f7DrmkKjc
RlprCr0+hSUBB0k32KT6cgbEKPqC+opGtia43DvS3LHbEXKLOHLEdwDYEdstIuv5
AVDTOBobLN2tGqKv4Wwu67NMglPvoGSXNeL65EJzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUqHe+ztdDBu5GOUVi5a623D19XgwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JmYzA2NTcwLTFjMDgtNDJiYy05MWZkLTNkNWVlODEwMjRjNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJu7gQwDQYJKoZIhvcNAQELBQADggEBAKXFFJPBX5HUbKb9T8HvEvwCMnRm
W0x8WIkewblZ4oX/UHvlbDjwqrabhrJPfNdDFLtiHoAUew2Dp/IUGEp8F7v16iwM
IWbBsccMNuByb7TiM22TVS4oDK0vdnDe5SbgdRZk9HxHzeUdzRNi5Are56xttJLe
ubEy7jYljQPNBvxeNMO7LJRsIgIkcZw+UabmRGuubqMSyb6Z6lciOPlAQVcJvTVe
GE9Wj4AZU7qQvxcVF3143B3L0UoSV56eV6A6CVWBvcgIMvXUAYElv1rld+A4yKqT
3j9UeWXtQVzPygzULBVYd0DqbvpVdcYtG7eq5LTAUe68xSS4GvKL77a/NB0=
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:55:24 2025 by rpki-client