Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fc706d20-6a97-46a0-ad78-2cde42ad80c6.roa
File:                     fc706d20-6a97-46a0-ad78-2cde42ad80c6.roa (raw, json)
Hash identifier:          PrcY+U7cj85uErhqcve9aKIsmBlPAiJ+7hqQDHKF57Y=
Subject key identifier:   F6:7B:C9:03:F5:17:0F:7C:3B:53:D3:D5:F3:19:B5:48:6F:18:65:66
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       40853D8C6E68FF2639B7C8958BF894A6A13E94
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fc706d20-6a97-46a0-ad78-2cde42ad80c6.roa
Signing time:             Wed 16 Jul 2025 00:20:15 +0000
ROA not before:           Wed 16 Jul 2025 00:20:15 +0000
ROA not after:            Wed 20 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        168.185.4.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:85:3d:8c:6e:68:ff:26:39:b7:c8:95:8b:f8:94:a6:a1:3e:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 16 00:20:15 2025 GMT
            Not After : Aug 20 23:59:59 2025 GMT
        Subject: serialNumber=5daa564019c67e1b95634cf98f28983b1ad9347fa5c39e4c04debe279b7a62aa, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:10:a5:a3:ec:ca:00:95:b6:1a:4d:a7:23:d0:
                    5c:d1:e8:58:bc:9c:d9:d6:b2:55:06:3f:c8:08:6f:
                    30:0a:d6:1a:41:af:e2:61:b3:fc:da:bf:0d:ab:2b:
                    94:aa:85:e5:1b:1d:59:05:b8:52:27:b9:65:54:62:
                    62:db:bc:74:b3:7c:85:71:9f:f7:e9:93:60:39:f3:
                    dd:4f:39:14:91:f9:86:cc:a2:c1:89:fc:c2:2d:13:
                    2f:4f:22:3c:a4:93:72:4a:8a:eb:6c:9c:03:b1:79:
                    66:e5:fe:0a:b2:df:bf:32:54:1b:85:ec:a7:c4:6c:
                    8a:b4:16:d8:82:6d:69:55:1f:47:f2:dd:4a:cf:77:
                    9e:4d:e3:2f:2f:b6:2e:01:66:4a:59:a4:dd:57:cb:
                    9b:58:31:fb:09:e1:63:2a:da:d0:d3:6a:89:98:51:
                    b1:d1:4d:6c:b4:22:85:74:90:12:42:70:31:59:c8:
                    ae:85:f3:46:50:19:5f:cc:f3:1f:40:2e:7b:6a:a7:
                    a9:37:e9:7d:08:dd:51:da:d3:84:94:d7:90:40:fa:
                    d4:2d:e6:28:de:88:ff:e0:cb:fc:be:11:20:41:60:
                    3f:0b:6b:6b:79:2d:3c:e2:ed:f5:27:1f:61:62:ec:
                    33:44:f6:81:a9:b2:dc:9c:81:98:70:b3:aa:94:eb:
                    69:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:7B:C9:03:F5:17:0F:7C:3B:53:D3:D5:F3:19:B5:48:6F:18:65:66
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fc706d20-6a97-46a0-ad78-2cde42ad80c6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.185.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         d1:55:2f:6e:a9:3e:43:d8:38:a1:5f:37:15:18:85:06:f8:76:
         6a:fb:4e:5e:0c:33:c6:62:d5:c2:67:88:4a:35:e7:a9:5c:22:
         00:ab:0a:43:50:14:87:08:52:78:3e:2c:f3:55:db:41:ee:33:
         8f:c3:83:34:ac:41:77:d2:bc:15:e0:3d:16:7d:0d:e9:cc:ab:
         b2:08:2a:9d:58:09:02:8f:aa:2e:49:48:13:34:b6:7d:ab:3f:
         3e:ec:7b:79:f8:9f:0c:4e:c7:9d:4d:84:22:a0:92:e7:ae:01:
         7c:b1:41:98:d5:da:cd:1d:f9:c3:6b:81:82:b2:8b:3e:03:2a:
         46:df:ed:d7:bd:3d:82:4b:17:48:9e:a5:01:d8:94:f6:6f:ae:
         78:96:15:2a:e4:df:5e:88:8a:a5:b6:e5:de:89:59:96:3d:d3:
         7b:f1:3a:bb:db:00:fc:03:27:1a:2a:7a:49:3b:a6:a7:02:4b:
         31:cc:d5:4b:d3:65:ce:61:d9:58:ce:58:dd:24:f6:c5:51:ee:
         fb:ea:32:9b:87:e6:d4:1f:3d:1e:e0:59:3e:34:e3:d6:e2:70:
         da:b7:11:c1:6d:cf:4d:2c:36:48:2e:51:c2:ee:df:1e:4a:b1:
         c8:ef:3f:ea:f1:fd:57:49:14:ec:b5:2a:aa:f2:e3:6f:fe:09:
         c5:b3:b1:62
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITQIU9jG5o/yY5t8iVi/iUpqE+lDANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzI2ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAxOGQ0MmJlMzU4ZWIz
NzEwN2RiZThjYjcxZDBhNzAeFw0yNTA3MTYwMDIwMTVaFw0yNTA4MjAyMzU5NTla
MHoxSTBHBgNVBAUTQDVkYWE1NjQwMTljNjdlMWI5NTYzNGNmOThmMjg5ODNiMWFk
OTM0N2ZhNWMzOWU0YzA0ZGViZTI3OWI3YTYyYWExLTArBgNVBAMTJGIyNWM5NzBm
LWQ4MTMtNDQ1Yy1iZmUyLTYyNjY4NTE4Yzg3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMcQpaPsygCVthpNpyPQXNHoWLyc2dayVQY/yAhvMArWGkGv
4mGz/Nq/DasrlKqF5RsdWQW4Uie5ZVRiYtu8dLN8hXGf9+mTYDnz3U85FJH5hsyi
wYn8wi0TL08iPKSTckqK62ycA7F5ZuX+CrLfvzJUG4Xsp8RsirQW2IJtaVUfR/Ld
Ss93nk3jLy+2LgFmSlmk3VfLm1gx+wnhYyra0NNqiZhRsdFNbLQihXSQEkJwMVnI
roXzRlAZX8zzH0Aue2qnqTfpfQjdUdrThJTXkED61C3mKN6I/+DL/L4RIEFgPwtr
a3ktPOLt9ScfYWLsM0T2gamy3JyBmHCzqpTraecCAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBT2e8kD9RcPfDtT09XzGbVIbxhlZjAfBgNVHSMEGDAWgBQQXdeNVXhAq0Nd
vRUhII8p+kk/rjAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzFiYTMwMmI4LThk
YWItNDkxZC1iOWVkLWQ3YzkyZDAzMGQ4Mi82ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAx
OGQ0MmJlMzU4ZWIzNzEwN2RiZThjYjcxZDBhNy5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8yMGFhMzI5Yi1mYzUyLTRjNjEtYmY1My0wOTcy
NWMwNDI5NDIvZmM3MDZkMjAtNmE5Ny00NmEwLWFkNzgtMmNkZTQyYWQ4MGM2LnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMt
MDk3MjVjMDQyOTQyL19xeDNSSjhCalVLLU5ZNnpjUWZiNk10eDBLYy5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAqi5BDANBgkqhkiG9w0BAQsFAAOCAQEA0VUvbqk+Q9g4oV83FRiFBvh2avtO
XgwzxmLVwmeISjXnqVwiAKsKQ1AUhwhSeD4s81XbQe4zj8ODNKxBd9K8FeA9Fn0N
6cyrsggqnVgJAo+qLklIEzS2fas/Pux7efifDE7HnU2EIqCS564BfLFBmNXazR35
w2uBgrKLPgMqRt/t1709gksXSJ6lAdiU9m+ueJYVKuTfXoiKpbbl3olZlj3Te/E6
u9sA/AMnGip6STumpwJLMczVS9NlzmHZWM5Y3ST2xVHu++oym4fm1B89HuBZPjTj
1uJw2rcRwW3PTSw2SC5Rwu7fHkqxyO8/6vH9V0kU7LUqqvLjb/4JxbOxYg==
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:55:18 2025 by rpki-client