Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f4ec4711-a29c-4222-b040-ab79022ab487.roa
File:                     f4ec4711-a29c-4222-b040-ab79022ab487.roa (raw, json)
Hash identifier:          YQwbZ8/8CaIYDszFlXml0lrRVfSEGPB28XUnS2ZxQJw=
Subject key identifier:   54:C1:38:C6:01:0E:C7:87:B3:D9:74:63:BC:86:F2:CA:68:A6:58:D5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0C57AE4C9D999A4CF06AA17340F410C6C4864034
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f4ec4711-a29c-4222-b040-ab79022ab487.roa
Signing time:             Tue 22 Jul 2025 15:00:21 +0000
ROA not before:           Tue 22 Jul 2025 15:00:21 +0000
ROA not after:            Tue 26 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.99.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 25 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:57:ae:4c:9d:99:9a:4c:f0:6a:a1:73:40:f4:10:c6:c4:86:40:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 22 15:00:21 2025 GMT
            Not After : Aug 26 23:59:59 2025 GMT
        Subject: serialNumber=403ec74f5c6e193c69577ecd0b1f6acd3bcc7ff8b221d48b29f220444b4e3b3a, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:87:bc:ae:a6:e2:aa:6f:11:ee:45:66:bb:88:
                    13:9d:08:58:00:73:f6:d8:b7:5d:c5:4c:00:f6:14:
                    e8:b0:e6:1d:f7:17:68:54:68:d4:12:ee:aa:82:5f:
                    11:b0:f7:a6:fe:df:b2:f2:b6:df:15:18:68:d3:36:
                    5c:b2:5d:3b:f9:b8:e7:e4:d7:d3:13:10:8c:26:58:
                    dd:f5:9b:f0:bf:b9:b8:65:59:bc:40:f1:31:3c:a3:
                    6c:3a:08:84:8e:5b:06:a9:3b:8b:94:25:cf:d8:63:
                    8c:48:bd:6b:d6:10:08:8d:93:ca:9d:bd:da:5f:5b:
                    c0:be:95:2c:24:35:47:5e:20:fa:55:5a:c8:28:01:
                    43:f9:00:58:47:b3:f4:a3:0f:4f:88:de:54:39:ee:
                    1c:b1:f4:17:be:89:8a:0d:b9:f5:8f:3f:6a:58:9f:
                    31:2b:2b:96:fb:10:c1:58:0c:ff:7a:f6:c2:33:14:
                    85:b0:b2:85:e0:a5:d2:63:c0:84:3d:f1:77:d4:b6:
                    25:50:13:51:b2:1b:6e:b1:af:f6:07:cd:dd:f2:13:
                    b7:51:47:72:f5:aa:21:94:7e:66:b8:c9:95:15:a6:
                    9a:cb:40:d4:d0:cd:cd:2d:a2:ae:bf:d9:bd:1c:d7:
                    f0:2a:c1:9b:62:a7:66:0a:d8:b3:83:43:91:5a:ff:
                    6b:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:C1:38:C6:01:0E:C7:87:B3:D9:74:63:BC:86:F2:CA:68:A6:58:D5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f4ec4711-a29c-4222-b040-ab79022ab487.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.99.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         0b:e6:15:81:58:f8:8c:0b:8c:9e:4d:0d:09:4c:59:e5:b6:e9:
         32:b3:e3:11:41:2b:40:bf:21:f4:34:ac:77:1b:f9:0d:f6:49:
         9b:28:46:08:20:99:55:e6:c5:ec:dc:c3:8f:c0:92:fa:5a:fe:
         1d:b3:03:42:2c:30:b8:22:dc:bf:98:31:de:ca:b6:25:d2:01:
         12:4e:65:81:00:2f:a6:38:12:0c:e8:3a:be:4f:d1:6a:16:dd:
         f9:f3:b6:d5:e3:cb:47:be:37:2d:f7:32:52:38:1e:e0:48:ed:
         43:59:db:33:2d:e0:04:5a:8c:53:42:9b:f4:4e:da:ac:70:9b:
         d5:8f:fd:b0:d0:21:57:74:36:8e:dd:ad:b5:bf:f4:5a:26:55:
         49:44:6b:3e:6c:c7:97:4a:fa:45:81:18:55:46:9f:9c:9b:fb:
         09:20:0f:72:3c:33:f5:20:6a:a1:52:93:80:2d:81:a6:da:17:
         6f:02:cd:98:45:05:2f:ab:62:7f:25:3b:f0:80:a7:06:eb:0f:
         56:6f:6f:1e:5d:42:29:b5:9e:73:73:74:2f:bc:65:0a:95:9f:
         72:64:51:33:5e:2b:05:66:0c:17:3d:9b:da:d5:b5:98:3b:10:
         b8:b9:54:76:9d:2a:a6:a3:a1:63:64:fe:4e:4a:2a:45:8c:1c:
         3f:b4:65:a6
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUDFeuTJ2ZmkzwaqFzQPQQxsSGQDQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzIyMTUwMDIxWhcNMjUwODI2MjM1OTU5
WjB6MUkwRwYDVQQFE0A0MDNlYzc0ZjVjNmUxOTNjNjk1NzdlY2QwYjFmNmFjZDNi
Y2M3ZmY4YjIyMWQ0OGIyOWYyMjA0NDRiNGUzYjNhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCnh7yupuKqbxHuRWa7iBOdCFgAc/bYt13FTAD2FOiw5h33
F2hUaNQS7qqCXxGw96b+37Lytt8VGGjTNlyyXTv5uOfk19MTEIwmWN31m/C/ubhl
WbxA8TE8o2w6CISOWwapO4uUJc/YY4xIvWvWEAiNk8qdvdpfW8C+lSwkNUdeIPpV
WsgoAUP5AFhHs/SjD0+I3lQ57hyx9Be+iYoNufWPP2pYnzErK5b7EMFYDP969sIz
FIWwsoXgpdJjwIQ98XfUtiVQE1GyG26xr/YHzd3yE7dRR3L1qiGUfma4yZUVpprL
QNTQzc0toq6/2b0c1/AqwZtip2YK2LODQ5Fa/2sNAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUVME4xgEOx4ez2XRjvIbyymimWNUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Y0ZWM0NzExLWEyOWMtNDIyMi1iMDQwLWFiNzkwMjJhYjQ4Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4YzANBgkqhkiG9w0BAQsFAAOCAQEAC+YVgVj4jAuMnk0NCUxZ5bbpMrPj
EUErQL8h9DSsdxv5DfZJmyhGCCCZVebF7NzDj8CS+lr+HbMDQiwwuCLcv5gx3sq2
JdIBEk5lgQAvpjgSDOg6vk/Rahbd+fO21ePLR743LfcyUjge4EjtQ1nbMy3gBFqM
U0Kb9E7arHCb1Y/9sNAhV3Q2jt2ttb/0WiZVSURrPmzHl0r6RYEYVUafnJv7CSAP
cjwz9SBqoVKTgC2BptoXbwLNmEUFL6tifyU78ICnBusPVm9vHl1CKbWec3N0L7xl
CpWfcmRRM14rBWYMFz2b2tW1mDsQuLlUdp0qpqOhY2T+TkoqRYwcP7Rlpg==
-----END CERTIFICATE-----
Generated at Thu Jul 24 04:56:04 2025 by rpki-client