Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/18be7a76-724b-4e6a-9d5a-ba51fd885a5e.roa
File:                     18be7a76-724b-4e6a-9d5a-ba51fd885a5e.roa (raw, json)
Hash identifier:          3I4Wbkci5xDA1G/B8n6CGAiuAq2cRZrgctrzk3DeL9E=
Subject key identifier:   8D:04:78:A5:C6:91:7B:F6:A9:92:36:02:4E:00:FC:BB:2E:08:23:F4
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       11D22231BA373376922D9D7A5D4EEC4D459897A6
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/18be7a76-724b-4e6a-9d5a-ba51fd885a5e.roa
Signing time:             Sat 28 Jun 2025 00:10:35 +0000
ROA not before:           Sat 28 Jun 2025 00:10:35 +0000
ROA not after:            Sat 02 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        136.18.32.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 03 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:d2:22:31:ba:37:33:76:92:2d:9d:7a:5d:4e:ec:4d:45:98:97:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 28 00:10:35 2025 GMT
            Not After : Aug  2 23:59:59 2025 GMT
        Subject: serialNumber=6b8c2ef5820f5e608eecf7f4f0cb44de43ceab43cff1fe0b2f8ff04f8adcbe5d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:28:aa:e0:2f:99:d7:f8:50:98:c7:fb:b9:3e:
                    d1:5c:68:86:d7:e4:f6:14:b8:3e:a2:d1:f8:86:86:
                    43:02:05:e7:00:88:3e:ca:06:34:c0:96:20:90:8e:
                    7e:f3:fd:49:10:2f:63:1e:2b:25:00:10:f8:5b:6e:
                    6c:36:22:36:f5:b6:a1:82:5b:12:c2:8f:b2:a7:fc:
                    88:6f:26:e7:f7:62:85:a1:e8:4b:77:35:14:24:84:
                    0b:b5:ba:1d:78:22:20:cb:20:bb:da:a3:d8:10:fc:
                    14:74:24:5b:a8:38:b2:ed:03:a3:d7:3a:68:31:b1:
                    18:98:3e:1d:85:f9:0e:b0:f8:dc:f9:06:05:8f:17:
                    e7:8f:66:3c:e1:37:5d:09:8c:96:0c:64:a8:cd:11:
                    75:37:ee:12:54:9d:c8:04:c0:2e:90:32:29:d5:b8:
                    0e:24:23:ea:a9:77:d8:4b:ea:52:23:46:65:b6:49:
                    71:ca:b9:3f:ad:77:99:b2:82:47:05:df:92:c9:8f:
                    08:69:e1:47:f9:d2:c1:4b:d5:48:be:eb:a8:d8:b7:
                    a1:95:e0:49:06:dc:b6:f8:63:cd:1c:e3:a0:4f:2d:
                    72:45:d4:3d:b4:b2:33:58:a8:a7:67:77:ff:bc:d5:
                    a7:b3:85:78:d0:e7:90:96:31:ab:75:cd:65:18:9f:
                    b1:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:04:78:A5:C6:91:7B:F6:A9:92:36:02:4E:00:FC:BB:2E:08:23:F4
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/18be7a76-724b-4e6a-9d5a-ba51fd885a5e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  136.18.32.0/20

    Signature Algorithm: sha256WithRSAEncryption
         7f:f5:25:e6:63:91:1e:2d:ff:2c:13:34:82:0c:5e:86:23:23:
         f4:b6:60:63:4c:23:e7:26:99:8c:99:54:aa:95:65:51:ff:4a:
         e8:9c:d6:28:44:40:86:68:38:04:1b:cc:ae:aa:6f:1f:a5:6c:
         8e:6b:e9:05:f0:c5:87:74:9f:c3:23:dd:09:b6:cd:98:0c:02:
         90:b7:a2:26:b9:37:95:4d:8d:fe:5f:ba:ff:6c:c5:ea:a6:1c:
         fb:bd:55:c2:6f:00:0d:45:f6:df:6e:27:49:99:9b:bd:ec:02:
         43:fa:1b:12:3a:e1:5b:db:1b:bf:40:bc:3a:8f:20:3c:1a:bb:
         3b:af:93:16:c5:54:b8:81:df:e5:e7:89:80:8b:40:03:d5:ae:
         8a:5a:b1:5c:9d:0e:0b:37:81:3c:f1:84:d6:5a:3d:33:c9:15:
         6f:d7:29:bb:25:48:c5:33:69:e2:41:ff:7a:32:71:c2:1c:53:
         be:4b:6b:d8:18:b7:03:eb:a1:6d:49:dc:fd:39:98:76:09:a3:
         a2:82:79:2b:5c:c2:ca:84:1e:5a:8f:af:94:87:db:5e:e1:d9:
         11:f2:90:37:00:6c:ac:0f:ad:d4:ef:09:6e:45:b8:4c:da:bb:
         18:a8:98:a1:e2:84:41:3f:2b:c3:58:d4:3d:63:ac:2a:a2:ff:
         40:ed:25:56
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUEdIiMbo3M3aSLZ16XU7sTUWYl6YwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjI4MDAxMDM1WhcNMjUwODAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A2YjhjMmVmNTgyMGY1ZTYwOGVlY2Y3ZjRmMGNiNDRkZTQz
Y2VhYjQzY2ZmMWZlMGIyZjhmZjA0ZjhhZGNiZTVkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD5KKrgL5nX+FCYx/u5PtFcaIbX5PYUuD6i0fiGhkMCBecA
iD7KBjTAliCQjn7z/UkQL2MeKyUAEPhbbmw2Ijb1tqGCWxLCj7Kn/IhvJuf3YoWh
6Et3NRQkhAu1uh14IiDLILvao9gQ/BR0JFuoOLLtA6PXOmgxsRiYPh2F+Q6w+Nz5
BgWPF+ePZjzhN10JjJYMZKjNEXU37hJUncgEwC6QMinVuA4kI+qpd9hL6lIjRmW2
SXHKuT+td5mygkcF35LJjwhp4Uf50sFL1Ui+66jYt6GV4EkG3Lb4Y80c46BPLXJF
1D20sjNYqKdnd/+81aezhXjQ55CWMat1zWUYn7FJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUjQR4pcaRe/apkjYCTgD8uy4II/QwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE4YmU3YTc2LTcyNGItNGU2YS05ZDVhLWJhNTFmZDg4NWE1ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBASIEiAwDQYJKoZIhvcNAQELBQADggEBAH/1JeZjkR4t/ywTNIIMXoYjI/S2
YGNMI+cmmYyZVKqVZVH/Suic1ihEQIZoOAQbzK6qbx+lbI5r6QXwxYd0n8Mj3Qm2
zZgMApC3oia5N5VNjf5fuv9sxeqmHPu9VcJvAA1F9t9uJ0mZm73sAkP6GxI64Vvb
G79AvDqPIDwauzuvkxbFVLiB3+XniYCLQAPVropasVydDgs3gTzxhNZaPTPJFW/X
KbslSMUzaeJB/3oyccIcU75La9gYtwProW1J3P05mHYJo6KCeStcwsqEHlqPr5SH
217h2RHykDcAbKwPrdTvCW5FuEzauxiomKHihEE/K8NY1D1jrCqi/0DtJVY=
-----END CERTIFICATE-----
Generated at Wed Jul 2 01:18:10 2025 by rpki-client