Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dc7acccf-d352-4baa-891a-aa5bf4515372.roa
File:                     dc7acccf-d352-4baa-891a-aa5bf4515372.roa (raw, json)
Hash identifier:          5oD3T4FQNkXNDWPm1LlxKDvTw3kFSicLzmKCQJPXDw4=
Subject key identifier:   A8:27:56:FE:E1:53:1B:50:E6:7C:2A:DA:D4:88:9C:EB:4E:B2:53:A8
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       62EE3288BE61CD86C3BD63CC2B5FBE0261F2E5DB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dc7acccf-d352-4baa-891a-aa5bf4515372.roa
Signing time:             Tue 08 Jul 2025 15:51:51 +0000
ROA not before:           Tue 08 Jul 2025 15:51:51 +0000
ROA not after:            Tue 12 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        156.66.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:ee:32:88:be:61:cd:86:c3:bd:63:cc:2b:5f:be:02:61:f2:e5:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  8 15:51:51 2025 GMT
            Not After : Aug 12 23:59:59 2025 GMT
        Subject: serialNumber=f41007ecf4999f26e331916c9190163a0ad1756abec6f5a13b57d045d11f4013, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:10:f9:ef:0e:62:c0:ed:d1:a3:61:68:88:04:
                    8c:01:ac:fd:25:2e:19:c7:0c:af:c2:f2:ce:70:87:
                    67:3f:f8:dd:6e:a7:a3:57:7e:2c:3a:4a:82:5c:ee:
                    4f:4b:7f:f9:b1:18:43:0a:e9:da:98:79:79:26:91:
                    6e:38:27:b7:29:cf:76:03:ea:ab:dc:42:70:6b:52:
                    f4:eb:91:6a:e2:61:4d:a0:7b:3a:86:7e:32:34:61:
                    20:0c:eb:d7:c0:f8:82:f2:04:8e:33:e4:21:ca:cc:
                    36:b8:4c:d5:3a:d6:97:60:17:2a:fb:77:33:c5:98:
                    f2:d5:fa:17:82:59:7e:d7:f4:74:03:7c:28:9a:08:
                    71:06:9f:88:5d:ba:c5:25:28:11:8b:98:a4:b6:55:
                    b3:63:a3:7f:73:03:c9:34:e0:1d:c5:5f:a8:5d:3e:
                    61:d8:3f:d3:cd:35:60:34:e9:ca:a5:a4:17:3b:ee:
                    9f:2c:10:7a:c3:bf:b8:42:e2:78:00:2f:89:62:40:
                    74:81:3b:e3:21:a7:d0:72:cb:52:cf:6e:f4:4b:1b:
                    f5:9e:6a:44:b0:0e:4e:60:72:f3:4e:fa:1a:12:23:
                    aa:e4:8e:b8:3a:2a:6a:63:be:2c:31:84:16:e7:b5:
                    77:63:22:28:2c:38:de:4b:03:96:9e:51:86:7d:a4:
                    cc:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:27:56:FE:E1:53:1B:50:E6:7C:2A:DA:D4:88:9C:EB:4E:B2:53:A8
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dc7acccf-d352-4baa-891a-aa5bf4515372.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.66.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         a6:3f:63:52:52:23:8c:9a:09:c0:32:9f:02:6b:22:7d:dd:e0:
         22:eb:b2:18:34:92:17:3c:b4:ba:01:61:a7:22:49:fc:8d:56:
         0e:90:50:e9:15:ca:3f:b5:81:09:6d:c7:4f:f9:f2:69:36:c0:
         e6:b4:9e:e7:91:27:e4:00:a2:74:94:32:af:b3:05:f6:8f:2d:
         18:14:ba:11:c6:54:2d:75:53:9f:f9:ca:e8:53:2e:eb:38:ae:
         fa:2f:00:3a:55:34:1a:f1:2b:0e:89:9d:87:ed:91:c8:90:1a:
         51:a4:1a:ba:a9:04:f2:3d:58:1f:03:ed:eb:82:e4:8a:a8:f7:
         05:ba:0e:eb:a1:59:df:11:67:dd:db:13:52:39:3b:6d:36:5e:
         4f:b7:7a:26:8c:c4:ac:0e:6d:c2:3e:f5:a2:25:15:ce:8e:48:
         46:4a:97:4f:53:f9:cb:91:73:21:6a:a8:98:7d:17:3a:92:54:
         19:01:b5:32:50:c5:74:d4:91:d0:66:2b:96:f7:23:e6:51:b4:
         f1:e0:72:db:b2:65:30:b8:04:26:75:47:3e:ce:c5:6e:84:e6:
         54:bf:cf:59:31:21:e4:f7:b3:57:20:cd:b6:31:37:47:f4:df:
         e4:36:07:1c:0d:d2:aa:82:6d:e4:ca:7e:89:db:0c:fe:94:a4:
         24:71:bb:fa
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUYu4yiL5hzYbDvWPMK1++AmHy5dswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA4MTU1MTUxWhcNMjUwODEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BmNDEwMDdlY2Y0OTk5ZjI2ZTMzMTkxNmM5MTkwMTYzYTBh
ZDE3NTZhYmVjNmY1YTEzYjU3ZDA0NWQxMWY0MDEzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvEPnvDmLA7dGjYWiIBIwBrP0lLhnHDK/C8s5wh2c/+N1u
p6NXfiw6SoJc7k9Lf/mxGEMK6dqYeXkmkW44J7cpz3YD6qvcQnBrUvTrkWriYU2g
ezqGfjI0YSAM69fA+ILyBI4z5CHKzDa4TNU61pdgFyr7dzPFmPLV+heCWX7X9HQD
fCiaCHEGn4hdusUlKBGLmKS2VbNjo39zA8k04B3FX6hdPmHYP9PNNWA06cqlpBc7
7p8sEHrDv7hC4ngAL4liQHSBO+Mhp9Byy1LPbvRLG/WeakSwDk5gcvNO+hoSI6rk
jrg6KmpjviwxhBbntXdjIigsON5LA5aeUYZ9pMyxAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUqCdW/uFTG1DmfCra1Iic606yU6gwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2RjN2FjY2NmLWQzNTItNGJhYS04OTFhLWFhNWJmNDUxNTM3Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCcQjANBgkqhkiG9w0BAQsFAAOCAQEApj9jUlIjjJoJwDKfAmsifd3gIuuy
GDSSFzy0ugFhpyJJ/I1WDpBQ6RXKP7WBCW3HT/nyaTbA5rSe55En5ACidJQyr7MF
9o8tGBS6EcZULXVTn/nK6FMu6ziu+i8AOlU0GvErDomdh+2RyJAaUaQauqkE8j1Y
HwPt64Lkiqj3BboO66FZ3xFn3dsTUjk7bTZeT7d6JozErA5twj71oiUVzo5IRkqX
T1P5y5FzIWqomH0XOpJUGQG1MlDFdNSR0GYrlvcj5lG08eBy27JlMLgEJnVHPs7F
boTmVL/PWTEh5PezVyDNtjE3R/Tf5DYHHA3SqoJt5Mp+idsM/pSkJHG7+g==
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:11:12 2025 by rpki-client