Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c9115376-5d57-4d99-92c6-f9f75ee735fa.roa
File:                     c9115376-5d57-4d99-92c6-f9f75ee735fa.roa (raw, json)
Hash identifier:          QO3HmWT/a3SqS9YE/nEsxW4QW+n/Hc4arDEmO9th1Q0=
Subject key identifier:   AA:A3:6D:18:97:92:72:87:36:21:52:16:35:7D:96:F2:46:C4:4E:93
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2CE6BC8E4D8DD262D94D798A978C2716409241CD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c9115376-5d57-4d99-92c6-f9f75ee735fa.roa
Signing time:             Sat 19 Jul 2025 00:40:12 +0000
ROA not before:           Sat 19 Jul 2025 00:40:12 +0000
ROA not after:            Sat 23 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        93.79.128.0/17 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:e6:bc:8e:4d:8d:d2:62:d9:4d:79:8a:97:8c:27:16:40:92:41:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 19 00:40:12 2025 GMT
            Not After : Aug 23 23:59:59 2025 GMT
        Subject: serialNumber=cbabcccb90fc6d8ecf412c3f7286b29bfd95ed89fac9356d2f741a1fafd6240f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:4e:e7:60:92:ce:3d:50:0c:aa:67:3f:50:df:
                    9a:78:2e:f2:e8:ac:62:27:74:2b:8f:49:5a:89:9e:
                    72:22:86:63:84:6d:b8:eb:e3:6a:56:81:5d:bd:a0:
                    c0:71:5c:ac:d0:07:17:82:30:cc:e7:19:cf:4a:53:
                    ff:bd:45:0a:c8:29:d1:fa:36:c6:6a:f8:39:01:73:
                    97:7b:e5:c0:5e:13:cf:91:76:b3:89:5e:9e:61:eb:
                    77:7e:e6:bc:23:1e:4a:70:52:c6:dc:f6:d6:37:99:
                    ce:10:18:ad:2f:7a:0c:38:8a:53:82:1b:ca:ad:29:
                    47:95:b3:b6:5c:1a:8f:89:de:c9:30:76:97:63:68:
                    96:65:b9:d4:22:d7:2e:b8:15:5f:8c:45:5e:a4:7f:
                    92:d3:b5:69:f3:7a:ce:4c:cd:db:8c:0d:77:c6:71:
                    14:12:ff:1d:38:78:e0:10:ed:e6:27:a2:31:4a:2a:
                    e9:48:f7:6a:41:69:be:da:51:b1:a8:4d:55:da:f7:
                    dc:f7:68:df:4c:4f:0d:a6:0c:10:f9:13:30:07:b6:
                    68:78:c3:49:03:e6:1f:47:f1:df:8f:bb:13:7d:05:
                    b5:77:17:ae:30:bd:ed:e1:c3:f8:d6:3e:17:42:9d:
                    d2:ae:1d:f5:ac:ab:72:4d:66:b8:65:22:3a:8a:a8:
                    ed:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:A3:6D:18:97:92:72:87:36:21:52:16:35:7D:96:F2:46:C4:4E:93
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c9115376-5d57-4d99-92c6-f9f75ee735fa.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.79.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         12:06:09:2b:a1:07:4e:b1:37:31:e1:ab:c3:94:c4:b1:5e:89:
         18:81:4c:d1:43:68:b3:32:f3:8a:57:eb:86:9d:88:77:e6:95:
         c3:0e:44:60:2b:e6:96:90:12:85:b7:5d:a2:e1:25:df:4e:8b:
         c8:01:ff:0a:69:cb:08:33:23:e5:eb:f4:43:15:39:04:75:06:
         0b:7f:4c:c1:b7:be:65:71:98:0c:e5:0e:a6:1a:23:49:a8:66:
         6c:ed:83:81:62:b8:ec:b1:94:00:fe:05:5b:2c:48:77:be:44:
         a6:79:20:5d:30:3b:5c:5c:f9:33:99:ea:cb:b4:dd:83:50:1b:
         52:f9:47:d3:a9:b3:58:88:c0:80:77:76:f5:b9:c8:93:0e:c6:
         42:7d:68:2a:aa:10:f3:80:10:95:7d:75:f4:7f:52:e8:f1:90:
         60:cd:f8:6c:6a:4a:85:ae:3b:d5:77:d6:4a:7c:a0:2d:93:a4:
         04:d5:1c:bb:dd:80:04:f6:09:32:0f:05:3f:a0:a5:ae:62:76:
         5e:98:3c:e0:3d:ec:e3:00:bd:63:e5:f4:9f:13:dc:43:d3:16:
         9e:1c:a3:6b:76:9a:1b:1c:e4:47:e3:e0:b5:99:63:cf:59:b4:
         60:79:3d:e0:cf:04:cb:05:9b:6f:c4:ab:d4:24:dc:e7:e9:05:
         83:92:5b:50
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULOa8jk2N0mLZTXmKl4wnFkCSQc0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzE5MDA0MDEyWhcNMjUwODIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BjYmFiY2NjYjkwZmM2ZDhlY2Y0MTJjM2Y3Mjg2YjI5YmZk
OTVlZDg5ZmFjOTM1NmQyZjc0MWExZmFmZDYyNDBmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3Tudgks49UAyqZz9Q35p4LvLorGIndCuPSVqJnnIihmOE
bbjr42pWgV29oMBxXKzQBxeCMMznGc9KU/+9RQrIKdH6NsZq+DkBc5d75cBeE8+R
drOJXp5h63d+5rwjHkpwUsbc9tY3mc4QGK0vegw4ilOCG8qtKUeVs7ZcGo+J3skw
dpdjaJZludQi1y64FV+MRV6kf5LTtWnzes5MzduMDXfGcRQS/x04eOAQ7eYnojFK
KulI92pBab7aUbGoTVXa99z3aN9MTw2mDBD5EzAHtmh4w0kD5h9H8d+PuxN9BbV3
F64wve3hw/jWPhdCndKuHfWsq3JNZrhlIjqKqO2vAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUqqNtGJeScoc2IVIWNX2W8kbETpMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M5MTE1Mzc2LTVkNTctNGQ5OS05MmM2LWY5Zjc1ZWU3MzVmYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAddT4AwDQYJKoZIhvcNAQELBQADggEBABIGCSuhB06xNzHhq8OUxLFeiRiB
TNFDaLMy84pX64adiHfmlcMORGAr5paQEoW3XaLhJd9Oi8gB/wppywgzI+Xr9EMV
OQR1Bgt/TMG3vmVxmAzlDqYaI0moZmztg4FiuOyxlAD+BVssSHe+RKZ5IF0wO1xc
+TOZ6su03YNQG1L5R9Ops1iIwIB3dvW5yJMOxkJ9aCqqEPOAEJV9dfR/UujxkGDN
+GxqSoWuO9V31kp8oC2TpATVHLvdgAT2CTIPBT+gpa5idl6YPOA97OMAvWPl9J8T
3EPTFp4co2t2mhsc5Efj4LWZY89ZtGB5PeDPBMsFm2/Eq9Qk3OfpBYOSW1A=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:09:21 2025 by rpki-client