Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ebb8b2c6-e910-45f8-815f-53a36c636115.roa
File:                     ebb8b2c6-e910-45f8-815f-53a36c636115.roa (raw, json)
Hash identifier:          gcYfwp7io7Bc4hk04jFFuf6jSmop6sJDD6veJsZ9GgA=
Subject key identifier:   75:38:32:D9:65:38:15:D5:BD:B7:CB:69:D5:31:64:A6:23:A5:F3:2D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       204D04660DDA7DF2F5FC3DB4AE7A3CBBEDF874DA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ebb8b2c6-e910-45f8-815f-53a36c636115.roa
Signing time:             Fri 18 Jul 2025 00:30:13 +0000
ROA not before:           Fri 18 Jul 2025 00:30:13 +0000
ROA not after:            Fri 22 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        57.88.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:4d:04:66:0d:da:7d:f2:f5:fc:3d:b4:ae:7a:3c:bb:ed:f8:74:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 18 00:30:13 2025 GMT
            Not After : Aug 22 23:59:59 2025 GMT
        Subject: serialNumber=a9e392987b94168bda88c475f048daa452af2ee059b8df881cdb4bb9f2295ae9, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:46:be:ae:6b:b6:0a:52:51:51:51:a1:8c:2e:
                    b4:e8:23:d9:6e:8d:10:85:e7:d0:9f:f7:f5:d3:75:
                    1b:16:a0:f4:c1:a2:f8:22:1b:ee:eb:4b:4a:a5:c2:
                    46:59:10:8c:95:58:2e:bd:17:a1:c6:ca:4d:bc:58:
                    1a:0e:0e:a7:e2:d2:f5:16:d1:b7:a9:e7:13:75:e2:
                    01:0b:74:e4:6c:db:09:f0:77:ad:fc:d4:3a:ac:cf:
                    8d:af:c9:35:55:25:1f:68:d6:3f:97:0a:c8:29:98:
                    61:6d:45:0f:ef:b8:6f:49:7f:22:83:c3:dd:5f:29:
                    7e:da:d7:d6:bb:a6:46:f6:f3:7e:8d:5c:b5:06:45:
                    87:e3:9e:68:be:65:65:55:54:66:a2:9c:fc:df:30:
                    9f:2e:25:ec:e4:7f:47:2c:eb:10:dc:bd:86:76:5c:
                    3b:4b:d6:00:0d:84:e3:7e:6f:a4:75:43:0b:48:b2:
                    9a:47:0c:03:ed:ec:d2:74:fc:a4:e7:32:bc:c7:16:
                    04:de:71:cf:dc:2a:24:70:fc:ec:ef:af:d7:a1:4c:
                    d6:21:60:62:db:1f:f7:47:48:2f:16:70:3f:6a:d1:
                    9e:6a:f0:ef:53:b6:55:35:6c:a0:e2:3e:ce:6e:f4:
                    b4:e6:3e:5f:bf:ac:c6:aa:46:dd:d9:59:ad:5f:c1:
                    40:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:38:32:D9:65:38:15:D5:BD:B7:CB:69:D5:31:64:A6:23:A5:F3:2D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ebb8b2c6-e910-45f8-815f-53a36c636115.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  57.88.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         b8:1a:02:9a:ee:14:b8:55:be:f3:6a:99:ae:da:64:fd:86:3a:
         14:f3:67:be:91:4e:f0:82:12:17:d5:e1:1d:42:84:ec:c9:44:
         53:3b:82:8e:7d:59:45:e6:f8:76:95:da:9f:ce:e3:44:bb:c1:
         48:10:2c:85:6d:40:ea:ca:c4:8e:e9:9d:ee:b9:95:c0:e6:da:
         77:1c:5b:89:04:f5:36:4b:7a:1c:95:52:8e:98:e9:5f:9f:f5:
         67:10:8c:1e:2a:12:6e:ad:03:53:00:da:8f:b2:32:1a:f2:92:
         4b:77:5a:e8:91:c8:82:8a:46:af:11:86:7b:41:2b:4a:71:fc:
         a8:cc:0e:63:0c:8b:8d:57:22:ca:0c:b6:2d:e9:00:f6:ab:34:
         d7:aa:7c:a9:1a:76:07:08:56:e8:1e:eb:42:95:63:46:9f:e7:
         86:c4:b0:16:8f:e5:df:11:18:de:0a:e6:2e:cd:e8:83:cd:b9:
         2e:6a:d0:b9:73:29:9d:7c:62:fe:54:bd:ed:6d:f8:ce:9e:12:
         24:b2:83:74:3e:ca:18:99:99:a4:99:35:44:fa:ea:41:4b:c6:
         44:e1:57:f2:98:0f:e0:c7:cd:84:6a:c7:28:98:59:a7:6a:ca:
         66:c3:9c:b6:b0:49:60:d3:e1:7f:5d:36:23:7f:7a:21:06:26:
         9c:91:c5:52
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUIE0EZg3affL1/D20rno8u+34dNowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzE4MDAzMDEzWhcNMjUwODIyMjM1OTU5
WjB6MUkwRwYDVQQFE0BhOWUzOTI5ODdiOTQxNjhiZGE4OGM0NzVmMDQ4ZGFhNDUy
YWYyZWUwNTliOGRmODgxY2RiNGJiOWYyMjk1YWU5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCWRr6ua7YKUlFRUaGMLrToI9lujRCF59Cf9/XTdRsWoPTB
ovgiG+7rS0qlwkZZEIyVWC69F6HGyk28WBoODqfi0vUW0bep5xN14gELdORs2wnw
d6381Dqsz42vyTVVJR9o1j+XCsgpmGFtRQ/vuG9JfyKDw91fKX7a19a7pkb2836N
XLUGRYfjnmi+ZWVVVGainPzfMJ8uJezkf0cs6xDcvYZ2XDtL1gANhON+b6R1QwtI
sppHDAPt7NJ0/KTnMrzHFgTecc/cKiRw/Ozvr9ehTNYhYGLbH/dHSC8WcD9q0Z5q
8O9TtlU1bKDiPs5u9LTmPl+/rMaqRt3ZWa1fwUAFAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUdTgy2WU4FdW9t8tp1TFkpiOl8y0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ViYjhiMmM2LWU5MTAtNDVmOC04MTVmLTUzYTM2YzYzNjExNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA5WDANBgkqhkiG9w0BAQsFAAOCAQEAuBoCmu4UuFW+82qZrtpk/YY6FPNn
vpFO8IISF9XhHUKE7MlEUzuCjn1ZReb4dpXan87jRLvBSBAshW1A6srEjumd7rmV
wObadxxbiQT1Nkt6HJVSjpjpX5/1ZxCMHioSbq0DUwDaj7IyGvKSS3da6JHIgopG
rxGGe0ErSnH8qMwOYwyLjVciygy2LekA9qs016p8qRp2BwhW6B7rQpVjRp/nhsSw
Fo/l3xEY3grmLs3og825LmrQuXMpnXxi/lS97W34zp4SJLKDdD7KGJmZpJk1RPrq
QUvGROFX8pgP4MfNhGrHKJhZp2rKZsOctrBJYNPhf102I396IQYmnJHFUg==
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:56:38 2025 by rpki-client