Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2306c6cb-725b-41c8-b687-97caee05d794.roa
File:                     2306c6cb-725b-41c8-b687-97caee05d794.roa (raw, json)
Hash identifier:          acTiY6NYm359ZgXtc8HgGIEzz0GzfWZXK17KZmvf37Q=
Subject key identifier:   AA:34:F4:4E:2C:0A:AF:67:12:E9:41:B8:33:21:F0:3B:A4:A0:9F:88
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       415559E2F98BA4B49A43DEEF64DBA992AF44B169
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2306c6cb-725b-41c8-b687-97caee05d794.roa
Signing time:             Mon 23 Jun 2025 15:52:08 +0000
ROA not before:           Mon 23 Jun 2025 15:52:08 +0000
ROA not after:            Mon 28 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.82.167.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 02 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:55:59:e2:f9:8b:a4:b4:9a:43:de:ef:64:db:a9:92:af:44:b1:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 23 15:52:08 2025 GMT
            Not After : Jul 28 23:59:59 2025 GMT
        Subject: serialNumber=015f049ea20e072f2cb7f63a431524360de994370bed9b7e6c03bc0ce2a1eec6, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:42:50:d8:13:11:57:88:8b:88:3c:d3:5c:32:
                    86:bd:df:98:9f:5e:00:59:75:06:87:d1:ce:fa:47:
                    f7:60:d5:8e:4a:ec:56:66:b2:c9:9d:33:df:fc:50:
                    1d:d2:9f:b6:44:95:7f:2a:ff:7d:4c:d0:9b:8c:9f:
                    97:2c:2e:f7:8a:79:ee:91:72:f8:af:8a:67:49:e5:
                    76:e7:d0:4b:a6:58:4e:87:8a:4f:6f:80:be:de:d7:
                    34:7e:e1:d2:4a:12:cd:6a:fc:05:5e:28:6d:86:80:
                    98:a1:fd:83:63:34:b9:f9:31:99:8c:81:2f:f8:2c:
                    8d:4a:db:30:ae:58:ba:f7:6e:21:9b:0e:25:8b:67:
                    01:cc:c2:25:e5:ef:16:64:31:a9:aa:93:c9:e5:ee:
                    b7:31:fe:43:8b:8a:a4:ef:de:15:3f:72:e7:40:94:
                    02:67:76:36:e0:72:bf:a2:4e:91:e4:73:79:24:d5:
                    a4:1c:20:08:83:2a:c1:fb:5f:fb:0d:a2:0c:45:0e:
                    21:e4:35:dd:95:6d:24:58:fd:14:c8:4d:9a:93:3c:
                    64:4a:96:87:67:14:49:38:ca:82:0e:e6:ef:e0:bf:
                    7f:9f:80:3c:19:8b:a5:ad:1a:b8:d9:8e:fd:42:70:
                    c1:45:a9:82:fe:0a:2b:01:98:75:c2:ec:f9:91:5d:
                    04:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:34:F4:4E:2C:0A:AF:67:12:E9:41:B8:33:21:F0:3B:A4:A0:9F:88
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2306c6cb-725b-41c8-b687-97caee05d794.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.82.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:74:41:1a:3e:5e:c0:5a:ea:09:67:f8:89:87:94:24:a6:9b:
         7a:b6:c7:43:92:cf:74:8b:b7:68:87:a5:61:e7:d3:58:3a:a0:
         66:77:70:d2:a0:40:9b:f3:a4:a3:70:dc:62:20:38:e5:89:dd:
         bf:c0:d7:dd:63:4b:8c:1d:8d:24:5d:47:2b:18:91:cf:ea:7c:
         d5:42:22:7d:ad:77:a7:31:ad:ae:a1:d3:89:f4:65:c1:72:52:
         df:1f:d5:b4:ec:79:8a:d5:ac:55:1e:ac:2b:e2:39:f2:3a:e3:
         06:e0:b8:65:4a:dc:6c:a0:f1:e6:86:39:91:a1:a5:41:0e:a7:
         56:ef:85:3f:33:48:61:e6:4c:dd:68:25:af:5f:10:6f:43:d1:
         52:3f:5d:d7:25:41:83:53:d3:cc:51:6f:0d:7d:4e:5e:75:85:
         b4:d1:15:23:d6:b1:d2:cf:d9:3c:af:34:80:42:2c:97:0d:1c:
         b3:3b:d7:9d:d7:99:93:62:2e:7b:25:62:5c:db:24:02:ea:e7:
         5d:c9:6c:d4:18:4b:1a:b3:18:80:37:e1:4b:3b:c0:22:73:ae:
         be:ba:b9:3d:ce:63:12:53:ff:6d:0e:64:2b:d7:0f:2f:6b:0b:
         80:fb:25:6a:89:92:55:40:c6:42:60:b4:45:2d:29:0a:17:f8:
         a7:b7:0d:57
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQVVZ4vmLpLSaQ97vZNupkq9EsWkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjIzMTU1MjA4WhcNMjUwNzI4MjM1OTU5
WjB6MUkwRwYDVQQFE0AwMTVmMDQ5ZWEyMGUwNzJmMmNiN2Y2M2E0MzE1MjQzNjBk
ZTk5NDM3MGJlZDliN2U2YzAzYmMwY2UyYTFlZWM2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCbQlDYExFXiIuIPNNcMoa935ifXgBZdQaH0c76R/dg1Y5K
7FZmssmdM9/8UB3Sn7ZElX8q/31M0JuMn5csLveKee6RcvivimdJ5Xbn0EumWE6H
ik9vgL7e1zR+4dJKEs1q/AVeKG2GgJih/YNjNLn5MZmMgS/4LI1K2zCuWLr3biGb
DiWLZwHMwiXl7xZkMamqk8nl7rcx/kOLiqTv3hU/cudAlAJndjbgcr+iTpHkc3kk
1aQcIAiDKsH7X/sNogxFDiHkNd2VbSRY/RTITZqTPGRKlodnFEk4yoIO5u/gv3+f
gDwZi6WtGrjZjv1CcMFFqYL+CisBmHXC7PmRXQSFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUqjT0TiwKr2cS6UG4MyHwO6Sgn4gwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzIzMDZjNmNiLTcyNWItNDFjOC1iNjg3LTk3Y2FlZTA1ZDc5NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjUqcwDQYJKoZIhvcNAQELBQADggEBABJ0QRo+XsBa6gln+ImHlCSmm3q2
x0OSz3SLt2iHpWHn01g6oGZ3cNKgQJvzpKNw3GIgOOWJ3b/A191jS4wdjSRdRysY
kc/qfNVCIn2td6cxra6h04n0ZcFyUt8f1bTseYrVrFUerCviOfI64wbguGVK3Gyg
8eaGOZGhpUEOp1bvhT8zSGHmTN1oJa9fEG9D0VI/XdclQYNT08xRbw19Tl51hbTR
FSPWsdLP2TyvNIBCLJcNHLM7153XmZNiLnslYlzbJALq513JbNQYSxqzGIA34Us7
wCJzrr66uT3OYxJT/20OZCvXDy9rC4D7JWqJklVAxkJgtEUtKQoX+Ke3DVc=
-----END CERTIFICATE-----
Generated at Tue Jul 1 02:54:20 2025 by rpki-client