Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d06c4360-59d9-4f8a-9e60-9ad149bb4f4a.roa
File:                     d06c4360-59d9-4f8a-9e60-9ad149bb4f4a.roa (raw, json)
Hash identifier:          9uyGq/xVNlzuWKwA/p4BWWaGigKcDJxGXy7TtaSDhZY=
Subject key identifier:   52:83:F5:9C:DF:57:1E:AB:C7:6F:FB:C4:4A:D3:64:2A:6A:E2:35:7C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0DF8242FAA2EA691617F880EEC509E0AF4748193
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d06c4360-59d9-4f8a-9e60-9ad149bb4f4a.roa
Signing time:             Wed 09 Jul 2025 00:31:11 +0000
ROA not before:           Wed 09 Jul 2025 00:31:11 +0000
ROA not after:            Wed 13 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        23.22.80.0/20 maxlen: 20
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:f8:24:2f:aa:2e:a6:91:61:7f:88:0e:ec:50:9e:0a:f4:74:81:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  9 00:31:11 2025 GMT
            Not After : Aug 13 23:59:59 2025 GMT
        Subject: serialNumber=3228f6e183cf91ba472626014a5cd6e56cda0008d13a6a8b571dd8f9f30ca75a, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:be:53:6b:92:66:3d:eb:fd:44:b8:05:60:ee:
                    e4:30:35:b9:3e:68:66:97:d2:22:8b:27:97:44:fe:
                    a3:c0:ab:ee:b9:43:6c:cc:8f:5f:a3:8a:13:d1:c1:
                    f4:1b:f6:62:70:7c:1c:ed:94:9b:b7:f9:31:fa:79:
                    ca:1f:3e:51:ec:e2:66:8a:ec:13:55:ec:e1:19:e5:
                    33:ec:50:f8:6d:f8:73:92:08:ec:50:cc:cf:fb:b0:
                    37:73:da:e6:71:54:53:34:bf:e0:74:fd:fd:59:b0:
                    20:9e:b8:46:76:f3:73:9e:e3:94:86:7e:c5:a6:0e:
                    96:0d:71:80:9c:b2:66:5f:53:73:fe:e6:b5:cd:99:
                    0e:0f:52:96:05:48:da:f1:5d:a6:ff:56:e9:92:ec:
                    d6:6a:6b:50:3e:79:05:68:b4:82:ed:d6:28:2a:72:
                    48:21:07:af:d6:ba:4a:1a:cb:8d:33:04:f6:d2:5e:
                    4c:7d:2f:02:ea:f4:36:75:b7:b9:ec:6e:f9:ee:14:
                    83:72:9c:bd:e7:7e:8e:b3:81:2e:15:ef:26:b5:6c:
                    18:cf:1d:5b:6e:9e:5d:de:6e:7f:9d:31:1b:02:7e:
                    f2:cb:1f:4a:2d:d5:1c:76:db:5a:11:9e:3b:3a:cf:
                    5d:a8:19:13:3b:00:87:52:26:06:2f:d4:c1:06:63:
                    74:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:83:F5:9C:DF:57:1E:AB:C7:6F:FB:C4:4A:D3:64:2A:6A:E2:35:7C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d06c4360-59d9-4f8a-9e60-9ad149bb4f4a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.22.80.0/20

    Signature Algorithm: sha256WithRSAEncryption
         11:8f:ba:8a:f7:65:1e:bf:4b:4c:cb:92:ec:26:ec:e3:f1:cf:
         73:ff:16:0b:e4:4f:2c:71:91:47:c9:c2:e5:d7:dc:03:26:b5:
         b1:e6:fc:9f:b0:aa:24:a6:9a:18:3b:da:c2:87:f6:8a:f0:2e:
         5d:3d:2b:e6:11:34:c7:a1:d8:57:ec:14:be:0c:36:8b:19:5c:
         bc:09:9d:f1:37:28:98:c7:0c:82:21:fd:7b:47:66:fc:44:70:
         d8:a3:09:cc:69:bc:53:d7:a8:13:4b:4f:8e:da:32:e9:67:56:
         ef:3a:88:f3:77:a1:fa:6e:05:82:70:3f:4e:13:59:02:8d:de:
         69:b3:5a:b5:34:5c:05:86:16:50:02:22:10:bc:a8:f9:fd:70:
         bd:77:5f:3b:e7:78:51:93:10:08:f7:6a:c6:46:08:fd:30:98:
         01:0b:c0:4f:35:7f:4f:29:66:97:15:a5:12:ff:dc:d5:b9:f2:
         93:2b:d2:39:03:62:1e:ba:9c:db:82:6a:9b:d7:1b:14:8a:63:
         0b:0f:0d:6a:73:84:2d:60:58:60:72:77:4d:df:2c:19:ab:28:
         86:12:fa:47:3c:7a:62:fd:e0:5f:66:4d:30:36:da:05:84:cb:
         a9:e8:0e:6f:25:80:81:01:fb:15:50:58:88:10:7a:32:24:79:
         4b:a8:c6:fe
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDfgkL6ouppFhf4gO7FCeCvR0gZMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA5MDAzMTExWhcNMjUwODEzMjM1OTU5
WjB6MUkwRwYDVQQFE0AzMjI4ZjZlMTgzY2Y5MWJhNDcyNjI2MDE0YTVjZDZlNTZj
ZGEwMDA4ZDEzYTZhOGI1NzFkZDhmOWYzMGNhNzVhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDXvlNrkmY96/1EuAVg7uQwNbk+aGaX0iKLJ5dE/qPAq+65
Q2zMj1+jihPRwfQb9mJwfBztlJu3+TH6ecofPlHs4maK7BNV7OEZ5TPsUPht+HOS
COxQzM/7sDdz2uZxVFM0v+B0/f1ZsCCeuEZ283Oe45SGfsWmDpYNcYCcsmZfU3P+
5rXNmQ4PUpYFSNrxXab/VumS7NZqa1A+eQVotILt1igqckghB6/Wukoay40zBPbS
Xkx9LwLq9DZ1t7nsbvnuFINynL3nfo6zgS4V7ya1bBjPHVtunl3ebn+dMRsCfvLL
H0ot1Rx221oRnjs6z12oGRM7AIdSJgYv1MEGY3QxAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUUoP1nN9XHqvHb/vEStNkKmriNXwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2QwNmM0MzYwLTU5ZDktNGY4YS05ZTYwLTlhZDE0OWJiNGY0YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQXFlAwDQYJKoZIhvcNAQELBQADggEBABGPuor3ZR6/S0zLkuwm7OPxz3P/
FgvkTyxxkUfJwuXX3AMmtbHm/J+wqiSmmhg72sKH9orwLl09K+YRNMeh2FfsFL4M
NosZXLwJnfE3KJjHDIIh/XtHZvxEcNijCcxpvFPXqBNLT47aMulnVu86iPN3ofpu
BYJwP04TWQKN3mmzWrU0XAWGFlACIhC8qPn9cL13XzvneFGTEAj3asZGCP0wmAEL
wE81f08pZpcVpRL/3NW58pMr0jkDYh66nNuCapvXGxSKYwsPDWpzhC1gWGByd03f
LBmrKIYS+kc8emL94F9mTTA22gWEy6noDm8lgIEB+xVQWIgQejIkeUuoxv4=
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:56:38 2025 by rpki-client