Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d8f5305d-5841-42e2-ad49-6c34831c42bb.roa
File:                     d8f5305d-5841-42e2-ad49-6c34831c42bb.roa (raw, json)
Hash identifier:          XTshD4ZT0mTf/I5udz/20EaecYRJjzPtHnAHc5cYX4A=
Subject key identifier:   B6:82:AA:B1:0D:80:D4:AA:CB:5B:0B:32:15:45:14:00:2A:92:BD:E0
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6563D441B2C19E8F63A3887394E701AADAF77176
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d8f5305d-5841-42e2-ad49-6c34831c42bb.roa
Signing time:             Tue 08 Jul 2025 00:42:02 +0000
ROA not before:           Tue 08 Jul 2025 00:42:02 +0000
ROA not after:            Tue 12 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        161.193.0.0/19 maxlen: 19
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:63:d4:41:b2:c1:9e:8f:63:a3:88:73:94:e7:01:aa:da:f7:71:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  8 00:42:02 2025 GMT
            Not After : Aug 12 23:59:59 2025 GMT
        Subject: serialNumber=becb241a477ae5987f271c8cf163b3b670e19ba599e673780bbb084aee374922, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:43:65:87:a0:3b:61:b6:90:56:f1:28:09:5c:
                    27:bb:1a:ec:9a:d4:94:06:04:6a:25:2f:8a:60:6d:
                    6b:76:06:be:74:5d:33:d2:61:8f:99:c9:fd:eb:5b:
                    92:75:be:5f:ff:23:2c:e4:60:79:72:0b:13:45:b4:
                    fd:8a:81:74:5e:30:55:9a:a2:0d:2c:e2:cb:07:9e:
                    d9:08:05:84:03:e3:5e:bd:c0:a8:78:bf:af:22:93:
                    b8:e6:fd:8d:8a:4f:47:a2:96:16:31:79:a3:68:8a:
                    a5:8b:16:dd:37:ea:d2:c0:51:6d:f5:56:55:a4:09:
                    10:7e:d9:68:8e:00:9e:c5:a3:7d:f2:fa:63:d6:77:
                    aa:1e:2d:05:7c:ac:5a:e3:ba:aa:4c:38:f7:75:75:
                    41:73:bf:4f:e5:bb:31:1d:3b:cf:72:82:19:39:a1:
                    d1:43:c3:7e:0a:a7:f3:58:4d:79:63:59:92:ed:cc:
                    fa:db:4a:61:1e:7b:0c:71:11:34:bd:d5:4f:57:9b:
                    d4:cc:5e:fc:b6:ae:1c:3f:ee:08:21:dc:65:9e:1a:
                    6b:b3:12:e2:8c:4d:ac:81:d4:ad:73:b0:ec:93:41:
                    1f:78:c3:5f:ae:64:67:34:26:9e:e8:26:77:b6:8f:
                    e3:27:c0:b1:e9:25:57:0c:71:24:57:d0:69:cb:f5:
                    fb:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:82:AA:B1:0D:80:D4:AA:CB:5B:0B:32:15:45:14:00:2A:92:BD:E0
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d8f5305d-5841-42e2-ad49-6c34831c42bb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  161.193.0.0/19

    Signature Algorithm: sha256WithRSAEncryption
         77:c9:9f:ca:78:cf:d4:3b:c3:06:93:9f:f8:91:cc:72:1b:97:
         b6:6b:a6:71:d1:fd:7e:24:4a:22:7d:fb:d5:dc:b8:02:3f:96:
         a4:56:8b:83:da:d6:ae:95:67:b0:ab:b9:15:3e:ac:aa:b0:38:
         bf:f6:0b:22:55:24:04:89:c7:b3:82:8e:c3:74:07:84:ee:63:
         8f:84:df:2a:69:88:51:01:f8:f5:c7:58:e9:0d:f7:5a:78:4f:
         c5:67:df:99:05:a4:77:90:9b:db:26:d2:15:a5:a2:84:62:d3:
         17:fb:15:b0:13:72:57:3a:ac:67:41:26:65:be:c3:0c:02:62:
         da:d9:33:58:c2:ee:52:99:14:6d:23:8f:e3:b4:fc:73:cd:09:
         df:7b:50:20:89:c1:d6:4a:9c:1b:d2:a7:31:7a:c4:29:74:d3:
         64:d8:aa:cf:78:96:3a:d6:6d:61:d5:96:96:df:52:9c:28:51:
         20:8d:5c:cd:c7:56:e1:80:7e:ef:fb:ac:10:40:a2:62:f6:2b:
         67:6f:6c:c3:82:15:f4:f1:0c:39:78:39:ad:fa:d1:ea:f9:1b:
         53:ad:b3:c3:ab:4a:62:7e:cd:61:d8:bd:33:52:c7:f2:2e:82:
         01:b8:da:b8:c5:56:74:cb:a8:e6:85:38:cc:3f:16:f6:15:87:
         27:fb:2f:16
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUZWPUQbLBno9jo4hzlOcBqtr3cXYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA4MDA0MjAyWhcNMjUwODEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BiZWNiMjQxYTQ3N2FlNTk4N2YyNzFjOGNmMTYzYjNiNjcw
ZTE5YmE1OTllNjczNzgwYmJiMDg0YWVlMzc0OTIyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDKQ2WHoDthtpBW8SgJXCe7Guya1JQGBGolL4pgbWt2Br50
XTPSYY+Zyf3rW5J1vl//IyzkYHlyCxNFtP2KgXReMFWaog0s4ssHntkIBYQD4169
wKh4v68ik7jm/Y2KT0eilhYxeaNoiqWLFt036tLAUW31VlWkCRB+2WiOAJ7Fo33y
+mPWd6oeLQV8rFrjuqpMOPd1dUFzv0/luzEdO89yghk5odFDw34Kp/NYTXljWZLt
zPrbSmEeewxxETS91U9Xm9TMXvy2rhw/7ggh3GWeGmuzEuKMTayB1K1zsOyTQR94
w1+uZGc0Jp7oJne2j+MnwLHpJVcMcSRX0GnL9fuZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUtoKqsQ2A1KrLWwsyFUUUACqSveAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Q4ZjUzMDVkLTU4NDEtNDJlMi1hZDQ5LTZjMzQ4MzFjNDJiYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAWhwQAwDQYJKoZIhvcNAQELBQADggEBAHfJn8p4z9Q7wwaTn/iRzHIbl7Zr
pnHR/X4kSiJ9+9XcuAI/lqRWi4Pa1q6VZ7CruRU+rKqwOL/2CyJVJASJx7OCjsN0
B4TuY4+E3yppiFEB+PXHWOkN91p4T8Vn35kFpHeQm9sm0hWlooRi0xf7FbATclc6
rGdBJmW+wwwCYtrZM1jC7lKZFG0jj+O0/HPNCd97UCCJwdZKnBvSpzF6xCl002TY
qs94ljrWbWHVlpbfUpwoUSCNXM3HVuGAfu/7rBBAomL2K2dvbMOCFfTxDDl4Oa36
0er5G1Ots8OrSmJ+zWHYvTNSx/IuggG42rjFVnTLqOaFOMw/FvYVhyf7LxY=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:07:58 2025 by rpki-client