Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/05102ffa-6c72-4fc1-9ad8-e881f3c1974e.roa
File:                     05102ffa-6c72-4fc1-9ad8-e881f3c1974e.roa (raw, json)
Hash identifier:          VoslTPp/pNxro/jA+Ot7nh6nkGpSyJd9FyZoEXocdcI=
Subject key identifier:   F5:E4:D1:4F:16:B0:7A:C1:3C:B2:8D:70:BC:EE:A6:12:EC:CF:8F:18
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       74949725153350A2D0D8EF181B8433F222F0AD8F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/05102ffa-6c72-4fc1-9ad8-e881f3c1974e.roa
Signing time:             Fri 29 Aug 2025 16:40:57 +0000
ROA not before:           Fri 29 Aug 2025 16:40:57 +0000
ROA not after:            Fri 03 Oct 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        56.137.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 07 Sep 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:94:97:25:15:33:50:a2:d0:d8:ef:18:1b:84:33:f2:22:f0:ad:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 29 16:40:57 2025 GMT
            Not After : Oct  3 23:59:59 2025 GMT
        Subject: serialNumber=9acf102c9372984108f5713bfd55c12345521b2a1626def5d4e3179919ed88fb, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:66:28:a4:ef:8d:9a:c7:24:4f:18:52:65:1f:
                    f9:1c:59:e6:24:5c:cb:ec:78:9c:a1:d2:81:72:8c:
                    91:0d:ab:26:18:f8:61:de:92:3d:a7:b7:03:07:13:
                    1a:c6:ba:4f:81:c5:91:f8:02:2d:f2:63:9c:ee:21:
                    dc:65:76:be:0b:95:36:d5:3d:06:f3:0d:fd:26:49:
                    c5:06:5e:48:3c:fc:1a:47:ae:36:2f:b5:de:82:21:
                    f9:0d:43:00:d2:c8:70:df:e7:9f:bd:ac:3c:de:a1:
                    dd:63:d4:d4:e5:2e:e6:0d:69:ed:a1:27:be:3a:94:
                    c6:41:a3:b6:94:bd:4f:65:09:61:5c:2c:fd:1e:7b:
                    75:b5:69:85:75:54:54:b9:b7:f2:3d:fd:c8:90:69:
                    86:ae:14:db:98:91:8b:89:6d:09:84:9b:c0:8e:53:
                    17:a5:6f:82:23:aa:4b:0f:b6:e7:98:52:27:24:7f:
                    d2:aa:8c:fc:d8:91:b2:3a:16:dd:87:f0:59:d4:0d:
                    db:d1:47:40:8f:ba:4f:7a:41:da:2f:b1:2f:c8:a5:
                    0e:7e:e7:dd:2a:c8:49:6a:c8:aa:83:a9:a5:b4:84:
                    ea:7e:9c:17:5b:3e:04:eb:06:63:0b:4c:4b:41:28:
                    6f:9e:93:80:b5:d7:51:b6:93:1b:01:bb:6a:41:32:
                    8b:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:E4:D1:4F:16:B0:7A:C1:3C:B2:8D:70:BC:EE:A6:12:EC:CF:8F:18
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/05102ffa-6c72-4fc1-9ad8-e881f3c1974e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.137.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         20:87:b4:27:eb:22:7f:64:9d:a4:f1:90:0e:8d:4b:04:f7:91:
         ba:b5:1f:b2:56:3e:84:79:c8:47:a2:62:e7:87:6a:b2:a1:6b:
         80:0d:2a:1a:57:af:60:7b:bb:30:a2:e5:ea:a8:dd:55:de:8d:
         e8:a1:28:41:5d:72:70:c6:79:c3:ad:c1:55:5d:03:d9:7d:66:
         5d:40:2b:20:08:90:78:dd:0b:73:d7:76:48:92:4d:33:ac:e2:
         8f:e1:e9:b1:79:a2:21:6f:af:52:0c:7f:54:7c:d0:0d:c0:4d:
         b0:b2:b3:b2:10:ac:dc:42:44:76:da:0c:b9:63:6e:45:46:4e:
         c2:b0:39:49:ad:29:ed:c4:a0:51:7a:9f:39:17:39:c6:f9:ed:
         11:f3:f8:71:5f:fc:7a:f2:ab:9d:60:dd:58:57:d2:bc:c1:35:
         85:b7:04:10:18:bf:0e:28:2a:53:ba:06:e2:2c:ef:e9:c6:1c:
         c7:90:97:02:08:99:27:41:da:97:59:83:9e:e4:4c:58:35:e6:
         71:62:4f:49:88:ae:98:5e:62:23:05:e7:3e:d0:0d:b6:00:66:
         a4:a0:cc:bc:2e:0c:d4:97:53:77:78:81:fe:ae:02:5d:b4:6d:
         34:8a:90:a8:bb:d6:65:60:17:b2:6a:c2:25:0c:24:49:a8:33:
         2c:73:cb:71
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUdJSXJRUzUKLQ2O8YG4Qz8iLwrY8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODI5MTY0MDU3WhcNMjUxMDAzMjM1OTU5
WjB6MUkwRwYDVQQFE0A5YWNmMTAyYzkzNzI5ODQxMDhmNTcxM2JmZDU1YzEyMzQ1
NTIxYjJhMTYyNmRlZjVkNGUzMTc5OTE5ZWQ4OGZiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvZiik742axyRPGFJlH/kcWeYkXMvseJyh0oFyjJENqyYY
+GHekj2ntwMHExrGuk+BxZH4Ai3yY5zuIdxldr4LlTbVPQbzDf0mScUGXkg8/BpH
rjYvtd6CIfkNQwDSyHDf55+9rDzeod1j1NTlLuYNae2hJ746lMZBo7aUvU9lCWFc
LP0ee3W1aYV1VFS5t/I9/ciQaYauFNuYkYuJbQmEm8COUxelb4IjqksPtueYUick
f9KqjPzYkbI6Ft2H8FnUDdvRR0CPuk96QdovsS/IpQ5+590qyElqyKqDqaW0hOp+
nBdbPgTrBmMLTEtBKG+ek4C111G2kxsBu2pBMouLAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU9eTRTxawesE8so1wvO6mEuzPjxgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzA1MTAyZmZhLTZjNzItNGZjMS05YWQ4LWU4ODFmM2MxOTc0ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4iTANBgkqhkiG9w0BAQsFAAOCAQEAIIe0J+sif2SdpPGQDo1LBPeRurUf
slY+hHnIR6Ji54dqsqFrgA0qGlevYHu7MKLl6qjdVd6N6KEoQV1ycMZ5w63BVV0D
2X1mXUArIAiQeN0Lc9d2SJJNM6zij+HpsXmiIW+vUgx/VHzQDcBNsLKzshCs3EJE
dtoMuWNuRUZOwrA5Sa0p7cSgUXqfORc5xvntEfP4cV/8evKrnWDdWFfSvME1hbcE
EBi/DigqU7oG4izv6cYcx5CXAgiZJ0Hal1mDnuRMWDXmcWJPSYiumF5iIwXnPtAN
tgBmpKDMvC4M1JdTd3iB/q4CXbRtNIqQqLvWZWAXsmrCJQwkSagzLHPLcQ==
-----END CERTIFICATE-----
Generated at Sat Sep 6 14:14:09 2025 by rpki-client