Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d3fc5871-a159-4c3b-84ff-ef51ff0080f9.roa
File:                     d3fc5871-a159-4c3b-84ff-ef51ff0080f9.roa (raw, json)
Hash identifier:          qmboee+tlDwlygN1k7FLh4vUWfFobws/PbIpyK/mZqo=
Subject key identifier:   27:AF:B5:42:51:83:FE:D2:C3:2F:0C:7D:B1:E1:BC:5B:70:0D:8D:F0
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4C835F3432AD4930DBF74F8C3970FB6D92F86BC5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d3fc5871-a159-4c3b-84ff-ef51ff0080f9.roa
Signing time:             Sat 19 Jul 2025 00:00:58 +0000
ROA not before:           Sat 19 Jul 2025 00:00:58 +0000
ROA not after:            Sat 23 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        163.158.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:83:5f:34:32:ad:49:30:db:f7:4f:8c:39:70:fb:6d:92:f8:6b:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 19 00:00:58 2025 GMT
            Not After : Aug 23 23:59:59 2025 GMT
        Subject: serialNumber=0db464c0920f3b1280062d64c4d364a2a606ac71b80cef2b9057491f300c75e8, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:9a:d1:ab:05:39:0c:77:f9:a7:55:14:5b:1a:
                    cf:d6:b3:c7:02:cb:ff:b3:cd:d1:ba:dd:7f:6a:bd:
                    cf:c1:a3:39:2a:9e:ad:9a:43:93:e5:91:e5:ba:e2:
                    73:53:ea:04:98:b0:db:52:4d:67:72:6d:93:f0:ce:
                    04:bd:d0:0f:12:88:d3:8d:bd:b0:ad:bd:f6:b2:b0:
                    16:a8:45:b1:1e:d5:8b:fc:d3:dc:5e:04:c6:f1:31:
                    ab:f4:bd:ab:2e:a2:e8:cb:f9:3f:5c:10:93:c7:2f:
                    05:3b:92:f8:ce:0b:7e:a9:09:f3:e1:df:b1:27:7b:
                    fc:7f:ee:de:c0:a0:cb:64:1d:a6:03:fb:c5:ac:7d:
                    2c:e7:cb:83:8f:a2:7e:67:c5:4d:75:cb:24:22:4f:
                    55:dd:ec:4f:5d:7f:62:ec:c0:35:7a:a1:37:9a:56:
                    fd:46:ff:d8:2a:6c:4e:cb:6a:81:ba:74:a8:46:0a:
                    cc:92:d8:a4:d2:ea:1d:e9:2e:78:43:31:73:ba:f8:
                    fe:90:0b:c3:8f:2c:eb:76:16:51:10:67:80:e3:a6:
                    9c:58:28:ad:12:26:39:fa:f3:aa:f4:0c:bb:7a:a5:
                    e7:5a:0a:1c:cb:4f:ae:5f:4b:2d:69:10:cd:c9:f4:
                    23:9d:d2:eb:d3:3c:58:73:bf:83:96:e2:68:11:86:
                    8c:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:AF:B5:42:51:83:FE:D2:C3:2F:0C:7D:B1:E1:BC:5B:70:0D:8D:F0
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d3fc5871-a159-4c3b-84ff-ef51ff0080f9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.158.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         81:14:d0:fa:0a:41:78:1d:b9:fe:3d:cf:ab:a9:9b:2a:53:ad:
         5f:44:65:1e:82:8d:a0:54:a3:ba:ad:a8:35:ce:79:2f:20:7d:
         1e:1d:3f:93:5a:a8:ed:da:2e:7e:14:a5:ed:71:50:26:15:82:
         ea:d8:1e:4c:f6:ac:79:fd:51:2f:31:58:5d:d3:ca:54:72:57:
         a4:0a:70:1c:cb:e0:67:4c:66:4e:7c:f9:ad:70:8d:b9:7c:de:
         5e:17:c9:13:f5:a1:6c:63:4e:15:5c:61:56:5f:4c:ff:ac:b6:
         fc:ec:38:91:b2:fd:56:d4:3c:c4:3c:b6:b2:cd:9a:c3:79:bc:
         c3:ce:39:e5:13:6e:71:40:d6:09:ed:a8:f2:5e:1a:56:65:33:
         1d:74:80:8f:d1:02:31:88:33:be:2a:c0:b8:4a:fb:7a:09:e4:
         68:28:b0:50:47:fa:e7:4e:6a:e2:42:cb:a8:08:2e:1d:55:6c:
         a1:28:c6:67:b5:2f:80:83:7d:72:b5:59:6d:42:13:85:9a:ac:
         d1:14:8d:00:c5:04:c2:b8:e7:89:e5:96:5e:8d:50:12:8d:ba:
         13:5c:b5:96:71:3e:c0:59:d0:c4:7a:1f:30:28:eb:e1:9a:50:
         0a:9a:ff:d0:20:c1:2a:81:eb:14:0f:c5:7a:fd:b7:17:55:50:
         49:6e:08:32
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUTINfNDKtSTDb90+MOXD7bZL4a8UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzE5MDAwMDU4WhcNMjUwODIzMjM1OTU5
WjB6MUkwRwYDVQQFE0AwZGI0NjRjMDkyMGYzYjEyODAwNjJkNjRjNGQzNjRhMmE2
MDZhYzcxYjgwY2VmMmI5MDU3NDkxZjMwMGM3NWU4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFmtGrBTkMd/mnVRRbGs/Ws8cCy/+zzdG63X9qvc/Bozkq
nq2aQ5PlkeW64nNT6gSYsNtSTWdybZPwzgS90A8SiNONvbCtvfaysBaoRbEe1Yv8
09xeBMbxMav0vasuoujL+T9cEJPHLwU7kvjOC36pCfPh37Ene/x/7t7AoMtkHaYD
+8WsfSzny4OPon5nxU11yyQiT1Xd7E9df2LswDV6oTeaVv1G/9gqbE7LaoG6dKhG
CsyS2KTS6h3pLnhDMXO6+P6QC8OPLOt2FlEQZ4DjppxYKK0SJjn686r0DLt6peda
ChzLT65fSy1pEM3J9COd0uvTPFhzv4OW4mgRhowFAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUJ6+1QlGD/tLDLwx9seG8W3ANjfAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2QzZmM1ODcxLWExNTktNGMzYi04NGZmLWVmNTFmZjAwODBmOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCjnjANBgkqhkiG9w0BAQsFAAOCAQEAgRTQ+gpBeB25/j3Pq6mbKlOtX0Rl
HoKNoFSjuq2oNc55LyB9Hh0/k1qo7doufhSl7XFQJhWC6tgeTPasef1RLzFYXdPK
VHJXpApwHMvgZ0xmTnz5rXCNuXzeXhfJE/WhbGNOFVxhVl9M/6y2/Ow4kbL9VtQ8
xDy2ss2aw3m8w8455RNucUDWCe2o8l4aVmUzHXSAj9ECMYgzvirAuEr7egnkaCiw
UEf6505q4kLLqAguHVVsoSjGZ7UvgIN9crVZbUIThZqs0RSNAMUEwrjnieWWXo1Q
Eo26E1y1lnE+wFnQxHofMCjr4ZpQCpr/0CDBKoHrFA/Fev23F1VQSW4IMg==
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:12:50 2025 by rpki-client