Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/293c2826-82f4-42e2-82d9-04501c4668dd.roa
File:                     293c2826-82f4-42e2-82d9-04501c4668dd.roa (raw, json)
Hash identifier:          YCSAA/CuZpX4bIJZNSu6yinOkrJ7QXz2GpDQfAgd1Dg=
Subject key identifier:   EF:B4:E9:FE:57:E5:59:35:9B:77:2E:29:D1:24:51:10:18:41:6F:91
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4CBF967F648606380BAD98894E4D3A781E5F91
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/293c2826-82f4-42e2-82d9-04501c4668dd.roa
Signing time:             Mon 16 Jun 2025 15:51:41 +0000
ROA not before:           Mon 16 Jun 2025 15:51:41 +0000
ROA not after:            Mon 21 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.84.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 02 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:bf:96:7f:64:86:06:38:0b:ad:98:89:4e:4d:3a:78:1e:5f:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 16 15:51:41 2025 GMT
            Not After : Jul 21 23:59:59 2025 GMT
        Subject: serialNumber=a1215790cbce17035f6ab0acdb8d7c734485e549d5ac8453562ad0d05e743b3f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:71:0a:b0:16:9c:a0:cd:ca:e2:0a:4f:ef:f4:
                    13:a2:74:5d:d7:4a:a1:a1:da:53:b0:de:2b:99:32:
                    d6:aa:df:95:78:ec:56:ff:7d:3d:a8:58:ed:d5:94:
                    dc:48:7f:9a:b3:02:01:7c:2f:0a:b6:0d:79:a0:40:
                    f2:9f:9f:b5:04:d5:e3:3b:3b:4a:f5:26:cc:3a:96:
                    fd:4e:6b:df:83:55:80:2f:d3:0c:ec:18:d2:65:5f:
                    d1:af:eb:83:e7:0d:93:c4:7e:43:76:0f:e7:30:47:
                    fa:98:e7:bf:20:3d:8e:a3:e7:23:46:ed:5c:eb:3f:
                    e6:3f:24:8f:0b:90:20:dc:b3:29:43:06:69:da:8b:
                    19:0a:c4:6d:67:70:a0:2a:c8:cb:93:a0:ba:4b:19:
                    86:89:d7:e5:b1:d2:3c:ba:43:1b:cf:81:fa:7e:b4:
                    4f:30:db:7f:51:12:48:2f:03:b7:dc:38:1f:e7:1f:
                    59:2d:58:50:f5:a0:64:96:0e:d6:7d:bc:f9:0f:de:
                    07:b0:af:73:4e:c8:4b:58:e7:ab:36:44:c2:8f:36:
                    c2:b8:a2:0e:82:9c:c1:f0:48:5f:00:4a:16:39:86:
                    cf:01:f5:8c:78:f8:22:f3:04:b9:38:58:c1:0c:97:
                    7a:e9:3a:d0:8c:37:12:dd:fd:39:99:f4:2b:9b:89:
                    12:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:B4:E9:FE:57:E5:59:35:9B:77:2E:29:D1:24:51:10:18:41:6F:91
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/293c2826-82f4-42e2-82d9-04501c4668dd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.84.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         44:f2:e9:0c:49:38:61:40:ed:5f:29:a6:61:b0:8c:0b:f2:4a:
         7e:7e:2f:cb:a1:55:3a:09:af:6c:a5:93:d0:d5:54:78:5d:4c:
         ae:a4:54:5f:ac:0c:a6:21:94:cd:3b:24:a2:6c:e5:21:7b:6f:
         f4:cf:c9:80:bf:9a:74:b5:d9:8a:0f:19:74:69:37:76:83:2d:
         0c:16:4b:ad:06:1c:59:66:80:a5:4e:e7:86:41:4f:0c:96:4b:
         af:d5:3e:e9:a6:59:dd:39:1a:d4:a9:cd:9b:14:3e:5a:ad:99:
         3c:3b:53:83:69:1c:17:6b:94:44:a9:7f:94:9d:4c:35:68:15:
         c2:04:38:c9:5b:9d:5f:8b:5a:6c:02:9b:74:39:4c:bd:ad:7c:
         d0:a2:62:2c:95:51:eb:4f:36:f1:7e:00:19:9b:81:8e:6c:6c:
         40:58:f1:98:46:93:46:18:06:1c:63:d4:af:ec:43:30:b9:7c:
         fa:73:46:34:7b:26:64:bf:8b:91:9f:39:a5:d4:43:27:88:86:
         08:89:3b:f5:7d:3d:30:8d:bc:eb:1b:10:44:42:25:c5:9a:be:
         a4:43:61:e0:51:e7:6e:36:25:50:6d:a3:56:10:f4:c0:c6:1f:
         c7:bb:47:db:12:2c:3a:36:91:ea:1e:54:84:da:3b:79:20:72:
         0f:7b:77:18
-----BEGIN CERTIFICATE-----
MIIF9jCCBN6gAwIBAgITTL+Wf2SGBjgLrZiJTk06eB5fkTANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzI2ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAxOGQ0MmJlMzU4ZWIz
NzEwN2RiZThjYjcxZDBhNzAeFw0yNTA2MTYxNTUxNDFaFw0yNTA3MjEyMzU5NTla
MHoxSTBHBgNVBAUTQGExMjE1NzkwY2JjZTE3MDM1ZjZhYjBhY2RiOGQ3YzczNDQ4
NWU1NDlkNWFjODQ1MzU2MmFkMGQwNWU3NDNiM2YxLTArBgNVBAMTJGIyNWM5NzBm
LWQ4MTMtNDQ1Yy1iZmUyLTYyNjY4NTE4Yzg3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALlxCrAWnKDNyuIKT+/0E6J0XddKoaHaU7DeK5ky1qrflXjs
Vv99PahY7dWU3Eh/mrMCAXwvCrYNeaBA8p+ftQTV4zs7SvUmzDqW/U5r34NVgC/T
DOwY0mVf0a/rg+cNk8R+Q3YP5zBH+pjnvyA9jqPnI0btXOs/5j8kjwuQINyzKUMG
adqLGQrEbWdwoCrIy5OguksZhonX5bHSPLpDG8+B+n60TzDbf1ESSC8Dt9w4H+cf
WS1YUPWgZJYO1n28+Q/eB7Cvc07IS1jnqzZEwo82wriiDoKcwfBIXwBKFjmGzwH1
jHj4IvMEuThYwQyXeuk60Iw3Et39OZn0K5uJEpcCAwEAAaOCArAwggKsMB0GA1Ud
DgQWBBTvtOn+V+VZNZt3LinRJFEQGEFvkTAfBgNVHSMEGDAWgBQQXdeNVXhAq0Nd
vRUhII8p+kk/rjAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzFiYTMwMmI4LThk
YWItNDkxZC1iOWVkLWQ3YzkyZDAzMGQ4Mi82ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAx
OGQ0MmJlMzU4ZWIzNzEwN2RiZThjYjcxZDBhNy5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8yMGFhMzI5Yi1mYzUyLTRjNjEtYmY1My0wOTcy
NWMwNDI5NDIvMjkzYzI4MjYtODJmNC00MmUyLTgyZDktMDQ1MDFjNDY2OGRkLnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMt
MDk3MjVjMDQyOTQyL19xeDNSSjhCalVLLU5ZNnpjUWZiNk10eDBLYy5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEw
BQMDAGNUMA0GCSqGSIb3DQEBCwUAA4IBAQBE8ukMSThhQO1fKaZhsIwL8kp+fi/L
oVU6Ca9spZPQ1VR4XUyupFRfrAymIZTNOySibOUhe2/0z8mAv5p0tdmKDxl0aTd2
gy0MFkutBhxZZoClTueGQU8Mlkuv1T7pplndORrUqc2bFD5arZk8O1ODaRwXa5RE
qX+UnUw1aBXCBDjJW51fi1psApt0OUy9rXzQomIslVHrTzbxfgAZm4GObGxAWPGY
RpNGGAYcY9Sv7EMwuXz6c0Y0eyZkv4uRnzml1EMniIYIiTv1fT0wjbzrGxBEQiXF
mr6kQ2HgUeduNiVQbaNWEPTAxh/Hu0fbEiw6NpHqHlSE2jt5IHIPe3cY
-----END CERTIFICATE-----
Generated at Mon Jun 30 21:08:42 2025 by rpki-client