Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/04ee03b7-12a6-41a9-a0ce-ab7e197d0ac3.roa
File:                     04ee03b7-12a6-41a9-a0ce-ab7e197d0ac3.roa (raw, json)
Hash identifier:          hm9U9oWXPv4qXhT3tyMnO/HXyUGz9DQxWMqoIZwUbiA=
Subject key identifier:   F3:8A:8F:B0:06:BD:39:50:F6:BF:AC:66:CB:36:22:59:D1:2A:C0:5E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4CB3D1427CE211562E95C0E8B5521D04A31E2CCA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/04ee03b7-12a6-41a9-a0ce-ab7e197d0ac3.roa
Signing time:             Sat 06 Sep 2025 00:11:42 +0000
ROA not before:           Sat 06 Sep 2025 00:11:42 +0000
ROA not after:            Sat 11 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        209.54.160.0/19 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 07 Sep 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:b3:d1:42:7c:e2:11:56:2e:95:c0:e8:b5:52:1d:04:a3:1e:2c:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep  6 00:11:42 2025 GMT
            Not After : Oct 11 23:59:59 2025 GMT
        Subject: serialNumber=79f41aff58d6151818c9c419ce77b67c79b95a12ff489259195f3885834a8b84, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:a4:f5:32:12:d1:d8:32:d3:37:3a:f4:a6:34:
                    50:64:ea:5e:e4:44:9b:93:39:6c:5a:c2:6a:7a:82:
                    b8:79:f1:d7:c0:9a:10:da:9b:7f:c6:57:65:a6:ec:
                    b8:e4:9d:29:19:7d:3e:d5:03:d0:c3:97:6d:32:ff:
                    89:11:ae:46:78:51:54:6f:86:84:a5:f1:23:db:56:
                    53:cc:5b:b6:2b:b7:46:09:a5:0b:3a:a9:2f:84:4f:
                    91:49:23:dd:b4:20:b4:47:dd:90:3a:dd:6f:15:c5:
                    9a:c4:d4:22:af:7a:f1:cc:c8:0f:f5:1c:df:36:1d:
                    d3:4e:f4:48:25:45:da:7c:1b:a4:bb:d5:90:7b:cc:
                    35:6e:a7:82:8f:07:04:91:66:b5:a0:75:1e:80:ed:
                    ee:0f:5f:e8:65:7e:1f:34:38:27:c9:99:f6:aa:b3:
                    e7:ae:9a:4e:74:f1:88:ee:28:e6:26:9e:b8:82:60:
                    8e:16:3c:23:c9:e2:b7:87:88:c0:b9:43:9d:a6:b1:
                    83:8a:c4:92:a6:65:7b:68:86:25:94:91:5f:0e:92:
                    94:9b:74:47:89:d1:56:3a:b6:79:74:8b:b3:90:ae:
                    52:31:67:85:2c:64:8c:09:b1:0d:1a:51:fa:4d:ea:
                    06:59:69:e4:f0:b5:da:dc:b8:80:4e:1d:0d:e8:0a:
                    37:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:8A:8F:B0:06:BD:39:50:F6:BF:AC:66:CB:36:22:59:D1:2A:C0:5E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/04ee03b7-12a6-41a9-a0ce-ab7e197d0ac3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  209.54.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         cd:b8:11:88:7b:e9:e8:7c:47:10:66:b2:ba:9e:3a:33:3e:00:
         39:80:4e:aa:bb:cd:55:13:74:50:13:4f:1b:0e:b9:d9:b1:b2:
         84:a9:e0:1e:81:ab:ec:50:63:88:4d:d3:bd:2a:be:e9:1d:ca:
         ba:e8:77:b1:13:ed:a7:45:7c:5f:94:58:ed:53:3f:6c:ad:c7:
         18:88:f1:84:f2:86:a8:11:3a:c9:78:39:53:15:ce:ad:55:86:
         da:3f:4e:31:0b:47:6d:f8:86:c9:7a:74:2d:ee:90:c0:26:df:
         d6:47:79:6c:a8:93:85:0a:3e:47:9e:80:2c:22:0b:78:d2:e9:
         ac:db:34:67:b5:b6:51:d7:51:79:f1:8c:7a:67:aa:21:da:48:
         41:9c:04:88:9d:62:57:51:6e:41:a0:c1:22:6b:0a:9c:ea:bf:
         a8:3e:25:94:88:e1:e5:44:8f:76:01:40:41:9e:d8:07:3b:36:
         27:84:f5:ec:59:f7:bd:4f:44:34:21:fc:48:29:a4:5a:03:b4:
         7f:a8:19:ea:fd:aa:c3:cb:5d:c3:a0:da:6b:23:80:07:6d:23:
         d2:4c:da:39:a1:00:04:10:0e:99:73:0e:c4:3c:23:c1:7c:b9:
         eb:71:33:81:da:f8:a4:af:79:7f:df:10:40:af:41:d3:48:79:
         04:b6:38:68
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTLPRQnziEVYulcDotVIdBKMeLMowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTA2MDAxMTQyWhcNMjUxMDExMjM1OTU5
WjB6MUkwRwYDVQQFE0A3OWY0MWFmZjU4ZDYxNTE4MThjOWM0MTljZTc3YjY3Yzc5
Yjk1YTEyZmY0ODkyNTkxOTVmMzg4NTgzNGE4Yjg0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCepPUyEtHYMtM3OvSmNFBk6l7kRJuTOWxawmp6grh58dfA
mhDam3/GV2Wm7LjknSkZfT7VA9DDl20y/4kRrkZ4UVRvhoSl8SPbVlPMW7Yrt0YJ
pQs6qS+ET5FJI920ILRH3ZA63W8VxZrE1CKvevHMyA/1HN82HdNO9EglRdp8G6S7
1ZB7zDVup4KPBwSRZrWgdR6A7e4PX+hlfh80OCfJmfaqs+eumk508YjuKOYmnriC
YI4WPCPJ4reHiMC5Q52msYOKxJKmZXtohiWUkV8OkpSbdEeJ0VY6tnl0i7OQrlIx
Z4UsZIwJsQ0aUfpN6gZZaeTwtdrcuIBOHQ3oCjdPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU84qPsAa9OVD2v6xmyzYiWdEqwF4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzA0ZWUwM2I3LTEyYTYtNDFhOS1hMGNlLWFiN2UxOTdkMGFjMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAXRNqAwDQYJKoZIhvcNAQELBQADggEBAM24EYh76eh8RxBmsrqeOjM+ADmA
Tqq7zVUTdFATTxsOudmxsoSp4B6Bq+xQY4hN070qvukdyrrod7ET7adFfF+UWO1T
P2ytxxiI8YTyhqgROsl4OVMVzq1Vhto/TjELR234hsl6dC3ukMAm39ZHeWyok4UK
PkeegCwiC3jS6azbNGe1tlHXUXnxjHpnqiHaSEGcBIidYldRbkGgwSJrCpzqv6g+
JZSI4eVEj3YBQEGe2Ac7NieE9exZ971PRDQh/EgppFoDtH+oGer9qsPLXcOg2msj
gAdtI9JM2jmhAAQQDplzDsQ8I8F8uetxM4Ha+KSveX/fEECvQdNIeQS2OGg=
-----END CERTIFICATE-----
Generated at Sat Sep 6 14:06:04 2025 by rpki-client