Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c2cf0f28-ba6b-45fd-a861-271ae6d7e982.roa
File:                     c2cf0f28-ba6b-45fd-a861-271ae6d7e982.roa (raw, json)
Hash identifier:          J/IYYLsFh0fxwQmUHJEhyCpxF1ZupXm54B/kDbxRIeg=
Subject key identifier:   8C:47:D5:BA:B2:0B:36:44:B6:4A:E2:EB:D9:5B:7C:00:0A:2B:F7:81
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       351D0BAE2A642A876B63BDE780F3B2B11A9E6022
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c2cf0f28-ba6b-45fd-a861-271ae6d7e982.roa
Signing time:             Fri 18 Jul 2025 00:41:45 +0000
ROA not before:           Fri 18 Jul 2025 00:41:45 +0000
ROA not after:            Fri 22 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        70.236.0.0/18 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 22 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:1d:0b:ae:2a:64:2a:87:6b:63:bd:e7:80:f3:b2:b1:1a:9e:60:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 18 00:41:45 2025 GMT
            Not After : Aug 22 23:59:59 2025 GMT
        Subject: serialNumber=ef796a87406d0de41052da9aec7199d4f1af96234232633f37f654684c8121c4, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:5c:78:a1:8a:91:4e:d9:c4:59:4c:90:db:ef:
                    95:aa:82:eb:b0:f8:3a:0e:2c:15:aa:a0:60:c7:07:
                    48:95:27:65:77:6f:77:fe:fa:df:5d:c2:c7:58:ca:
                    f3:35:84:ac:0a:b0:d4:0f:74:ca:40:ef:47:be:f9:
                    ea:f4:44:d5:71:75:89:b5:d8:69:71:23:29:4e:ef:
                    4d:b3:8c:51:00:2d:26:10:4c:2a:c1:2d:ef:16:97:
                    f0:cd:74:e4:7d:96:8a:2e:ce:32:9f:f3:33:b4:5e:
                    02:2d:ad:e8:db:ff:f2:9e:e6:b8:db:bb:f7:af:59:
                    0d:d2:c6:51:a1:a3:85:73:cd:2a:03:0b:53:75:4e:
                    b6:02:0a:17:5d:ad:95:c7:02:94:cd:c1:66:59:54:
                    3d:e2:78:b8:c6:93:9d:f3:21:a2:fd:d7:19:c9:46:
                    6b:19:db:0f:0e:e0:52:de:7f:72:d5:3d:c9:cc:90:
                    54:88:7e:14:60:d9:d9:45:24:70:d0:74:99:95:01:
                    45:80:d0:a3:aa:29:a6:22:38:ac:f8:cf:15:a5:1b:
                    87:d3:8f:a8:31:f7:31:62:7c:0c:31:f8:2a:12:32:
                    6f:85:d2:1d:c4:3e:05:21:e1:8f:30:58:57:f1:af:
                    de:d7:3a:f6:c1:be:2b:e0:03:8a:cc:c9:92:48:d7:
                    6e:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:47:D5:BA:B2:0B:36:44:B6:4A:E2:EB:D9:5B:7C:00:0A:2B:F7:81
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c2cf0f28-ba6b-45fd-a861-271ae6d7e982.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  70.236.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         83:d8:a3:d1:1b:0f:b7:15:c9:f3:0d:d5:30:8a:93:1a:06:e0:
         29:32:ed:3b:be:19:3a:df:28:e6:44:0d:02:12:ae:f6:a2:9a:
         df:2b:2f:82:65:80:56:df:0f:46:6f:9b:4d:ae:45:85:b7:19:
         3b:2a:f7:e7:02:3c:cc:6c:9a:5c:1a:73:5c:3b:05:93:aa:e2:
         b7:ab:46:99:28:d6:3e:e1:e5:20:7e:17:1c:e6:c7:fd:da:cc:
         62:56:35:a8:27:50:71:5f:d4:4f:b6:6c:e5:2b:4d:8d:c6:f3:
         09:ca:cc:99:24:b7:e9:50:f1:f8:07:37:18:4d:e2:90:db:b5:
         45:c4:ee:70:38:d7:08:20:cb:c8:80:10:68:d2:86:b3:b0:b2:
         4b:b4:2a:8c:3e:08:2a:c6:aa:63:5f:08:94:29:d6:33:4a:04:
         ff:73:75:4e:08:75:44:64:80:30:db:2f:a1:a2:30:e0:71:e2:
         3d:ef:4d:01:17:37:94:ef:47:30:08:10:29:7d:8b:af:6e:cc:
         8d:65:03:8b:f7:3d:5b:b4:82:34:f1:1d:59:da:ce:86:0c:d9:
         80:1f:10:c0:d5:76:ef:62:a4:8b:cd:4c:d8:da:29:c6:02:65:
         4a:3f:6f:61:1d:54:8f:22:07:4a:57:65:bc:6d:4d:7f:6b:eb:
         17:22:ab:4b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUNR0LripkKodrY73ngPOysRqeYCIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzE4MDA0MTQ1WhcNMjUwODIyMjM1OTU5
WjB6MUkwRwYDVQQFE0BlZjc5NmE4NzQwNmQwZGU0MTA1MmRhOWFlYzcxOTlkNGYx
YWY5NjIzNDIzMjYzM2YzN2Y2NTQ2ODRjODEyMWM0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDCXHihipFO2cRZTJDb75Wqguuw+DoOLBWqoGDHB0iVJ2V3
b3f++t9dwsdYyvM1hKwKsNQPdMpA70e++er0RNVxdYm12GlxIylO702zjFEALSYQ
TCrBLe8Wl/DNdOR9loouzjKf8zO0XgItrejb//Ke5rjbu/evWQ3SxlGho4VzzSoD
C1N1TrYCChddrZXHApTNwWZZVD3ieLjGk53zIaL91xnJRmsZ2w8O4FLef3LVPcnM
kFSIfhRg2dlFJHDQdJmVAUWA0KOqKaYiOKz4zxWlG4fTj6gx9zFifAwx+CoSMm+F
0h3EPgUh4Y8wWFfxr97XOvbBvivgA4rMyZJI124rAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUjEfVurILNkS2SuLr2Vt8AAor94EwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2MyY2YwZjI4LWJhNmItNDVmZC1hODYxLTI3MWFlNmQ3ZTk4Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZG7AAwDQYJKoZIhvcNAQELBQADggEBAIPYo9EbD7cVyfMN1TCKkxoG4Cky
7Tu+GTrfKOZEDQISrvaimt8rL4JlgFbfD0Zvm02uRYW3GTsq9+cCPMxsmlwac1w7
BZOq4rerRpko1j7h5SB+Fxzmx/3azGJWNagnUHFf1E+2bOUrTY3G8wnKzJkkt+lQ
8fgHNxhN4pDbtUXE7nA41wggy8iAEGjShrOwsku0Kow+CCrGqmNfCJQp1jNKBP9z
dU4IdURkgDDbL6GiMOBx4j3vTQEXN5TvRzAIECl9i69uzI1lA4v3PVu0gjTxHVna
zoYM2YAfEMDVdu9ipIvNTNjaKcYCZUo/b2EdVI8iB0pXZbxtTX9r6xciq0s=
-----END CERTIFICATE-----
Generated at Mon Jul 21 18:13:29 2025 by rpki-client