Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1044c764-927e-41a1-b94e-b8bb9091f9c3.roa
File:                     1044c764-927e-41a1-b94e-b8bb9091f9c3.roa (raw, json)
Hash identifier:          kW0SM8citlmx39U+yxck1F37Ab5dVQ1FlACFYbf9xJo=
Subject key identifier:   0E:DC:D3:67:77:10:B8:D2:40:A5:F0:25:28:8B:73:07:74:7D:0D:40
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2C25E5EA3A8D40364C1CE2C3FB9DD1AD75306DD7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1044c764-927e-41a1-b94e-b8bb9091f9c3.roa
Signing time:             Fri 05 Sep 2025 00:20:14 +0000
ROA not before:           Fri 05 Sep 2025 00:20:14 +0000
ROA not after:            Fri 10 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        194.134.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 07 Sep 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:25:e5:ea:3a:8d:40:36:4c:1c:e2:c3:fb:9d:d1:ad:75:30:6d:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep  5 00:20:14 2025 GMT
            Not After : Oct 10 23:59:59 2025 GMT
        Subject: serialNumber=49b0bebbcc2ab4d23c706f5e98b18af928ccb55d5f8920d17e5ef8edbc0f590d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:6e:a8:90:09:e5:ed:03:b1:b8:3a:aa:34:0d:
                    1d:96:37:ca:45:4c:85:4f:8d:7f:03:5b:bd:d2:0b:
                    30:e2:c6:69:40:8e:98:31:50:f8:7a:ba:c3:59:5e:
                    d8:1d:4e:03:d3:85:50:b1:e9:be:04:82:ed:95:0f:
                    61:de:9d:05:05:fb:d4:de:cb:49:46:ab:7a:3a:0c:
                    37:ed:8c:07:f9:48:b1:09:36:07:1d:58:e2:dd:df:
                    69:0d:2d:50:81:1c:c2:bc:62:dc:73:43:65:d1:7a:
                    96:f0:ef:ad:72:17:a1:b4:3c:cb:74:95:2f:3b:e6:
                    3b:7f:59:f5:a4:0e:78:76:89:37:11:fb:06:6c:3b:
                    61:75:0b:c7:78:08:b9:d4:45:5e:44:e6:88:cd:3a:
                    6f:5b:f9:29:4a:cb:81:59:0b:d3:a5:46:98:85:09:
                    16:74:29:1c:a7:30:b6:e1:b4:89:60:95:95:dc:72:
                    76:5e:38:bb:be:79:b0:48:51:2d:4a:2e:a1:02:3d:
                    13:de:f2:42:42:c8:3d:3e:8e:c1:ee:34:48:2b:1d:
                    12:96:3c:e0:98:1e:2d:d1:e3:96:d9:5b:2f:ea:4c:
                    4d:4b:39:47:7a:e2:ce:17:1f:0e:f4:e5:01:83:0e:
                    2f:17:35:75:6f:5e:87:10:e9:ff:24:16:72:82:9d:
                    bd:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:DC:D3:67:77:10:B8:D2:40:A5:F0:25:28:8B:73:07:74:7D:0D:40
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1044c764-927e-41a1-b94e-b8bb9091f9c3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.134.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         74:e9:d5:75:ed:5c:59:83:37:41:e1:6d:02:de:b4:9f:2a:a6:
         96:3a:8f:75:69:35:76:a7:e8:ec:45:18:33:2a:25:0d:bf:5b:
         22:6c:51:2d:f6:c7:b7:ab:cc:d2:ec:06:61:af:bd:7c:57:32:
         38:9a:28:d4:2e:31:40:7e:9e:55:11:18:fc:6c:e4:e4:ac:57:
         61:c1:99:42:a3:b4:7a:d3:08:a1:bc:3f:ca:00:9f:73:eb:b2:
         35:d4:11:16:09:71:6e:e2:1a:12:26:62:77:ca:af:fd:71:62:
         14:4c:a6:33:f4:a6:cc:18:cb:0b:76:36:41:1e:23:6d:01:aa:
         fe:c0:48:79:10:c7:ba:55:f7:ae:03:d8:16:64:8e:f4:ad:3d:
         86:48:59:1e:40:9f:94:8b:65:95:d1:24:0a:fd:c6:74:b3:aa:
         af:5a:6c:8f:39:70:97:d9:d3:e9:10:d1:64:62:f8:52:36:78:
         39:98:33:b7:9f:ff:14:ea:14:4e:be:ca:1b:97:1f:c5:0a:5a:
         fc:eb:60:6c:73:7d:ef:54:a0:65:08:ab:2d:8b:79:95:ef:ac:
         a3:e9:30:b0:e7:b9:7d:1e:e8:60:1e:5b:6c:e0:fe:c7:79:5e:
         3c:3e:95:8a:cd:16:eb:5e:66:20:fd:d6:c8:1b:76:e1:cf:13:
         f2:d7:95:7a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIULCXl6jqNQDZMHOLD+53RrXUwbdcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTA1MDAyMDE0WhcNMjUxMDEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A0OWIwYmViYmNjMmFiNGQyM2M3MDZmNWU5OGIxOGFmOTI4
Y2NiNTVkNWY4OTIwZDE3ZTVlZjhlZGJjMGY1OTBkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCZbqiQCeXtA7G4Oqo0DR2WN8pFTIVPjX8DW73SCzDixmlA
jpgxUPh6usNZXtgdTgPThVCx6b4Egu2VD2HenQUF+9Tey0lGq3o6DDftjAf5SLEJ
NgcdWOLd32kNLVCBHMK8YtxzQ2XRepbw761yF6G0PMt0lS875jt/WfWkDnh2iTcR
+wZsO2F1C8d4CLnURV5E5ojNOm9b+SlKy4FZC9OlRpiFCRZ0KRynMLbhtIlglZXc
cnZeOLu+ebBIUS1KLqECPRPe8kJCyD0+jsHuNEgrHRKWPOCYHi3R45bZWy/qTE1L
OUd64s4XHw705QGDDi8XNXVvXocQ6f8kFnKCnb3rAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUDtzTZ3cQuNJApfAlKItzB3R9DUAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzEwNDRjNzY0LTkyN2UtNDFhMS1iOTRlLWI4YmI5MDkxZjljMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwDChjANBgkqhkiG9w0BAQsFAAOCAQEAdOnVde1cWYM3QeFtAt60nyqmljqP
dWk1dqfo7EUYMyolDb9bImxRLfbHt6vM0uwGYa+9fFcyOJoo1C4xQH6eVREY/Gzk
5KxXYcGZQqO0etMIobw/ygCfc+uyNdQRFglxbuIaEiZid8qv/XFiFEymM/SmzBjL
C3Y2QR4jbQGq/sBIeRDHulX3rgPYFmSO9K09hkhZHkCflItlldEkCv3GdLOqr1ps
jzlwl9nT6RDRZGL4UjZ4OZgzt5//FOoUTr7KG5cfxQpa/OtgbHN971SgZQirLYt5
le+so+kwsOe5fR7oYB5bbOD+x3lePD6Vis0W615mIP3WyBt24c8T8teVeg==
-----END CERTIFICATE-----
Generated at Sat Sep 6 14:06:05 2025 by rpki-client