Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3de3c612-36d7-4d0e-8a61-dc9891466376.roa
File:                     3de3c612-36d7-4d0e-8a61-dc9891466376.roa (raw, json)
Hash identifier:          5Pz8KquflkaspZP67xD8ah6OtAEBsN/DJZw2eQfJMBM=
Subject key identifier:   39:9E:6B:36:7E:34:74:1D:2C:8B:39:72:80:F9:9A:B4:75:DF:E4:9F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2A70A77C1BDE900CD327F707A9F537686CC7F0CC
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3de3c612-36d7-4d0e-8a61-dc9891466376.roa
Signing time:             Tue 24 Jun 2025 00:30:20 +0000
ROA not before:           Tue 24 Jun 2025 00:30:20 +0000
ROA not after:            Tue 29 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        63.246.113.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 03 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2a:70:a7:7c:1b:de:90:0c:d3:27:f7:07:a9:f5:37:68:6c:c7:f0:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 24 00:30:20 2025 GMT
            Not After : Jul 29 23:59:59 2025 GMT
        Subject: serialNumber=32fcc0296ecad98a1ea3e11718d31b3bf2e74a27660f0768a7d44574f5291763, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:b4:9f:7e:94:df:b2:31:ab:b4:00:98:be:b5:
                    e2:a3:96:8c:c7:d4:6d:b5:a2:84:c9:93:86:76:31:
                    cd:63:68:db:65:10:f1:59:cf:b0:90:a1:6f:85:e8:
                    48:b0:78:cd:bc:02:5a:a6:44:1f:bc:5b:98:69:18:
                    bb:f9:3e:8e:94:51:f5:f8:a1:46:81:f7:26:df:71:
                    82:59:77:68:7a:0b:6e:7b:48:fa:f9:f8:11:d0:ba:
                    98:79:55:03:80:de:12:1d:a9:0f:71:c0:18:01:f7:
                    3d:b3:65:ad:f7:97:55:63:50:5b:96:fa:e9:04:4d:
                    29:83:bf:c4:90:db:b0:9c:fe:a7:ff:04:32:64:88:
                    c0:91:13:5b:f4:fb:18:f4:16:56:5a:29:4c:4c:35:
                    b4:70:fb:d2:66:07:53:ed:ff:35:06:6b:f9:06:4b:
                    34:52:df:e0:29:c2:7b:c7:d8:e1:1b:bc:21:9c:3e:
                    eb:94:8e:9c:75:b6:e7:61:2d:ca:48:a2:a1:fc:c7:
                    13:80:77:50:68:34:65:36:24:c8:f4:eb:1e:b8:9a:
                    bc:47:f6:53:83:e1:f5:4a:18:aa:13:90:21:2c:a1:
                    54:23:18:41:90:0d:62:7e:17:e2:58:5f:ef:fb:f5:
                    ed:c7:be:9b:3b:a0:37:26:e6:bd:4d:6d:61:79:86:
                    ec:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:9E:6B:36:7E:34:74:1D:2C:8B:39:72:80:F9:9A:B4:75:DF:E4:9F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3de3c612-36d7-4d0e-8a61-dc9891466376.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  63.246.113.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b2:ce:5c:7e:f4:23:79:b3:d0:7b:3b:f5:9b:99:8b:c9:dc:fc:
         04:b4:04:c8:81:58:d7:40:3e:f3:d5:0d:e9:49:d5:26:db:80:
         c3:ca:d6:ca:e8:a9:db:82:2d:ab:52:66:eb:e7:01:8b:86:46:
         93:ce:8d:43:56:3a:2b:ba:a5:2f:2c:ef:f5:02:ea:fa:5d:55:
         c4:e5:e7:bc:50:9a:b8:72:d0:68:8e:0a:9a:86:ee:53:a5:bc:
         4f:b5:e7:4f:b4:de:1a:d4:e6:85:e6:59:0b:ae:9d:f2:98:8f:
         68:72:c0:8c:26:32:fc:a8:1e:8c:ec:f6:b5:d1:ba:65:0b:f4:
         63:96:b7:1b:f2:3d:f7:6f:40:35:1b:38:1d:f2:43:07:6d:b0:
         9a:19:08:52:38:d2:3c:c6:74:4d:eb:71:df:42:21:55:02:e1:
         84:cc:b4:2b:fb:47:9e:c0:f4:25:50:7f:c4:d0:70:84:66:7f:
         45:f9:8e:05:a8:31:a0:95:ff:57:f6:78:83:2a:c1:aa:35:ea:
         aa:63:ac:ad:a6:20:8f:e2:ab:3c:ee:09:cb:5a:8d:a9:c6:13:
         48:2d:27:0f:f1:f6:d1:eb:44:3c:39:91:be:a3:1f:00:91:c1:
         c9:3e:a5:0a:ab:0e:b7:6f:51:ac:55:c3:17:c2:31:81:37:a4:
         60:99:03:d0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKnCnfBvekAzTJ/cHqfU3aGzH8MwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjI0MDAzMDIwWhcNMjUwNzI5MjM1OTU5
WjB6MUkwRwYDVQQFE0AzMmZjYzAyOTZlY2FkOThhMWVhM2UxMTcxOGQzMWIzYmYy
ZTc0YTI3NjYwZjA3NjhhN2Q0NDU3NGY1MjkxNzYzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/tJ9+lN+yMau0AJi+teKjlozH1G21ooTJk4Z2Mc1jaNtl
EPFZz7CQoW+F6EiweM28AlqmRB+8W5hpGLv5Po6UUfX4oUaB9ybfcYJZd2h6C257
SPr5+BHQuph5VQOA3hIdqQ9xwBgB9z2zZa33l1VjUFuW+ukETSmDv8SQ27Cc/qf/
BDJkiMCRE1v0+xj0FlZaKUxMNbRw+9JmB1Pt/zUGa/kGSzRS3+ApwnvH2OEbvCGc
PuuUjpx1tudhLcpIoqH8xxOAd1BoNGU2JMj06x64mrxH9lOD4fVKGKoTkCEsoVQj
GEGQDWJ+F+JYX+/79e3Hvps7oDcm5r1NbWF5huzfAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUOZ5rNn40dB0sizlygPmatHXf5J8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNkZTNjNjEyLTM2ZDctNGQwZS04YTYxLWRjOTg5MTQ2NjM3Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA/9nEwDQYJKoZIhvcNAQELBQADggEBALLOXH70I3mz0Hs79ZuZi8nc/AS0
BMiBWNdAPvPVDelJ1SbbgMPK1sroqduCLatSZuvnAYuGRpPOjUNWOiu6pS8s7/UC
6vpdVcTl57xQmrhy0GiOCpqG7lOlvE+150+03hrU5oXmWQuunfKYj2hywIwmMvyo
Hozs9rXRumUL9GOWtxvyPfdvQDUbOB3yQwdtsJoZCFI40jzGdE3rcd9CIVUC4YTM
tCv7R57A9CVQf8TQcIRmf0X5jgWoMaCV/1f2eIMqwao16qpjrK2mII/iqzzuCcta
janGE0gtJw/x9tHrRDw5kb6jHwCRwck+pQqrDrdvUaxVwxfCMYE3pGCZA9A=
-----END CERTIFICATE-----
Generated at Wed Jul 2 07:28:53 2025 by rpki-client