Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e7b7bc93-87d7-4f06-a0e0-039600e45253.roa
File:                     e7b7bc93-87d7-4f06-a0e0-039600e45253.roa (raw, json)
Hash identifier:          DJOTrXBi5bLbDUzJ4rw65OQCHTVH+rxaH+1KPZ7dlvY=
Subject key identifier:   4A:43:0F:C7:C3:F5:D1:48:CB:CC:50:0A:13:78:20:FF:51:8C:C1:72
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6B79E6AA7EB949C00AF4934375F0BF3D04E7950D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e7b7bc93-87d7-4f06-a0e0-039600e45253.roa
Signing time:             Tue 08 Jul 2025 15:31:50 +0000
ROA not before:           Tue 08 Jul 2025 15:31:50 +0000
ROA not after:            Tue 12 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        121.91.160.0/21 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:79:e6:aa:7e:b9:49:c0:0a:f4:93:43:75:f0:bf:3d:04:e7:95:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  8 15:31:50 2025 GMT
            Not After : Aug 12 23:59:59 2025 GMT
        Subject: serialNumber=2221d3d8f52990ff6d70a1cde4c82ab33c18107282dfad97470dcff8e35fdeba, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:e6:5a:ac:54:7b:0f:b5:fc:87:ad:1a:d3:e4:
                    9a:84:a4:3c:c4:89:c4:21:18:ce:64:51:84:77:4c:
                    c7:80:d6:8e:2a:50:9a:96:5a:a3:30:94:47:72:4b:
                    90:cb:68:29:fd:28:12:8e:f9:9a:6e:c6:e0:55:6f:
                    50:3d:25:28:33:af:de:33:d2:5b:12:03:c6:70:94:
                    3a:f4:d2:31:f1:03:bb:36:33:a7:7a:c2:fa:e5:bc:
                    d0:f4:99:9c:69:c3:5f:55:71:7d:31:ea:b9:87:65:
                    a1:5f:81:9f:b3:21:09:37:7b:ff:1f:b3:6e:a3:db:
                    82:20:f9:8e:2c:d6:eb:7c:6f:21:2c:45:42:d3:b5:
                    30:9f:7c:f2:34:f4:6f:2b:9b:79:0a:b2:01:fe:ab:
                    ac:f9:45:c3:d2:e0:81:0c:f6:0e:58:f7:f2:f2:c9:
                    c1:fb:08:f6:23:60:14:e9:40:73:93:09:f0:7b:55:
                    3b:3b:56:e4:14:b6:ba:be:a2:f1:ff:b2:18:65:a9:
                    48:66:5a:b8:91:8e:ab:9b:62:87:e4:b8:17:57:96:
                    a9:e6:8a:d6:11:40:d3:59:fb:76:9e:1d:8b:ec:ac:
                    c0:94:8f:b5:65:ea:64:39:b3:0d:f7:9e:b0:b4:d0:
                    e2:51:d1:1a:1f:78:e3:6b:9a:58:37:1e:38:bc:e1:
                    12:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:43:0F:C7:C3:F5:D1:48:CB:CC:50:0A:13:78:20:FF:51:8C:C1:72
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e7b7bc93-87d7-4f06-a0e0-039600e45253.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  121.91.160.0/21

    Signature Algorithm: sha256WithRSAEncryption
         34:72:bc:0f:40:e5:c8:d3:b4:f0:28:d1:a5:c4:fa:9b:ed:24:
         2d:51:d1:d4:9c:1d:97:9e:62:c2:38:ac:68:e5:73:c3:11:99:
         61:12:c5:de:79:a8:a5:9a:aa:5e:18:4d:4a:06:76:94:6c:43:
         1a:f3:b1:ea:2e:1f:2c:49:2e:26:b2:d7:68:80:e4:86:be:6a:
         c9:8b:03:62:c7:db:55:f6:0a:37:67:48:24:43:a0:b2:1e:1a:
         3d:ef:39:c4:47:46:75:e7:5d:82:08:84:26:65:39:07:9f:d4:
         5f:50:4c:8e:71:8c:7a:64:0a:11:18:61:2a:9a:37:fd:24:7b:
         7b:7c:5f:f5:7a:5b:be:8c:45:e4:95:cc:bb:30:53:b9:4e:39:
         68:61:49:48:11:2d:ac:1d:aa:ab:0c:86:68:b4:aa:77:a7:f1:
         d6:7d:7e:6d:61:74:d6:32:87:93:63:60:75:b4:7f:6c:db:cf:
         62:84:e1:cd:db:6b:97:fd:7e:67:6e:57:aa:83:10:b7:f3:73:
         24:b5:43:15:fd:db:fc:ef:d3:bc:84:3b:0d:18:9e:87:89:09:
         f0:fc:de:c3:96:13:7a:32:e5:ec:e0:71:8e:60:18:09:2f:5a:
         5d:e9:f2:91:1b:f1:a9:9c:8c:fa:c6:58:12:d4:9a:28:f0:59:
         25:82:6b:bf
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUa3nmqn65ScAK9JNDdfC/PQTnlQ0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA4MTUzMTUwWhcNMjUwODEyMjM1OTU5
WjB6MUkwRwYDVQQFE0AyMjIxZDNkOGY1Mjk5MGZmNmQ3MGExY2RlNGM4MmFiMzNj
MTgxMDcyODJkZmFkOTc0NzBkY2ZmOGUzNWZkZWJhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCq5lqsVHsPtfyHrRrT5JqEpDzEicQhGM5kUYR3TMeA1o4q
UJqWWqMwlEdyS5DLaCn9KBKO+ZpuxuBVb1A9JSgzr94z0lsSA8ZwlDr00jHxA7s2
M6d6wvrlvND0mZxpw19VcX0x6rmHZaFfgZ+zIQk3e/8fs26j24Ig+Y4s1ut8byEs
RULTtTCffPI09G8rm3kKsgH+q6z5RcPS4IEM9g5Y9/LyycH7CPYjYBTpQHOTCfB7
VTs7VuQUtrq+ovH/shhlqUhmWriRjqubYofkuBdXlqnmitYRQNNZ+3aeHYvsrMCU
j7Vl6mQ5sw33nrC00OJR0RofeONrmlg3Hji84RL1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUSkMPx8P10UjLzFAKE3gg/1GMwXIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U3YjdiYzkzLTg3ZDctNGYwNi1hMGUwLTAzOTYwMGU0NTI1My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAN5W6AwDQYJKoZIhvcNAQELBQADggEBADRyvA9A5cjTtPAo0aXE+pvtJC1R
0dScHZeeYsI4rGjlc8MRmWESxd55qKWaql4YTUoGdpRsQxrzseouHyxJLiay12iA
5Ia+asmLA2LH21X2CjdnSCRDoLIeGj3vOcRHRnXnXYIIhCZlOQef1F9QTI5xjHpk
ChEYYSqaN/0ke3t8X/V6W76MReSVzLswU7lOOWhhSUgRLawdqqsMhmi0qnen8dZ9
fm1hdNYyh5NjYHW0f2zbz2KE4c3ba5f9fmduV6qDELfzcyS1QxX92/zv07yEOw0Y
noeJCfD83sOWE3oy5ezgcY5gGAkvWl3p8pEb8amcjPrGWBLUmijwWSWCa78=
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:55:01 2025 by rpki-client