Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5a474b2e-a6fd-4298-b5df-ff9caa26f91c.roa
File:                     5a474b2e-a6fd-4298-b5df-ff9caa26f91c.roa (raw, json)
Hash identifier:          pWtAIfc0IjGvKF6N2EMg75WHQlZdIFWExF1+wTUrFwQ=
Subject key identifier:   17:6F:D6:11:E9:91:98:36:C5:3E:0A:65:1C:2B:96:4E:66:95:1B:83
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1B03B0AE7C241BEF53F7B724ECF3EF179917132A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5a474b2e-a6fd-4298-b5df-ff9caa26f91c.roa
Signing time:             Sat 06 Sep 2025 00:32:01 +0000
ROA not before:           Sat 06 Sep 2025 00:32:01 +0000
ROA not after:            Sat 11 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.52.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 07 Sep 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:03:b0:ae:7c:24:1b:ef:53:f7:b7:24:ec:f3:ef:17:99:17:13:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep  6 00:32:01 2025 GMT
            Not After : Oct 11 23:59:59 2025 GMT
        Subject: serialNumber=f692e2f0f044fe37670b3c723336da4f815203b12d689657a0e981907846beac, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:d5:3c:98:aa:09:f4:53:92:a7:04:97:bc:39:
                    bf:ba:98:97:a1:7c:fa:18:85:31:eb:72:b7:59:ea:
                    cc:98:e1:12:9c:d5:14:fd:64:c2:ad:76:af:f9:b7:
                    c2:9a:70:c4:98:5a:fd:d5:07:d8:ba:df:05:9c:be:
                    d8:b6:64:8a:38:30:f2:ee:99:d4:4e:a2:92:d8:97:
                    ee:8b:98:47:3d:62:ee:f3:2f:d0:ec:55:e7:f1:bd:
                    22:c6:5a:e0:80:16:65:74:28:0f:f2:71:08:5a:13:
                    41:3c:8c:cb:d3:13:d2:80:02:89:03:4e:8e:e8:22:
                    b7:08:13:f5:d8:97:3b:eb:a4:24:6e:1f:c6:b0:f2:
                    17:dc:4e:f6:19:30:ca:db:5e:5c:63:67:42:fd:cb:
                    6d:14:06:21:3c:08:20:da:9f:f8:79:bb:3e:2b:f9:
                    bb:b8:27:79:27:56:42:8d:5e:0c:68:38:2d:da:40:
                    55:f3:63:13:81:68:02:ee:32:85:5d:f9:6f:d5:ab:
                    17:c3:1a:d9:91:7b:60:2d:6f:96:82:01:50:49:2b:
                    33:d4:d8:1c:6f:ec:fc:04:4a:37:a2:ef:6d:39:73:
                    4e:f9:79:e7:ce:4e:4d:34:c6:95:0c:e7:a3:c9:84:
                    c9:de:58:39:38:be:82:25:b3:93:7b:1b:aa:4a:89:
                    74:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:6F:D6:11:E9:91:98:36:C5:3E:0A:65:1C:2B:96:4E:66:95:1B:83
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5a474b2e-a6fd-4298-b5df-ff9caa26f91c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.52.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         33:ad:99:61:f5:ba:d4:d1:cc:79:0f:f8:3e:74:c2:06:35:4a:
         14:15:a7:a9:72:7f:f1:4e:cf:6b:db:a5:4c:fc:9f:08:f7:cd:
         8c:2b:4b:a1:53:fc:c1:57:4b:25:2e:42:78:d8:ec:16:15:d3:
         6a:ec:68:4d:57:4a:5c:40:e4:dd:02:5d:ab:6d:3b:2e:85:92:
         dc:58:fe:c3:d6:e3:84:bf:14:9c:2d:73:bd:4e:ef:d0:cf:8f:
         42:82:93:da:da:ae:f5:8f:19:de:91:08:0e:1b:c3:db:c4:06:
         ae:e0:50:e8:26:fb:3b:4d:34:7c:fc:51:bb:3a:2d:5c:7e:ab:
         c8:a3:02:ff:fb:7d:1d:14:4a:ca:09:8e:ec:92:dc:26:3e:fb:
         f1:c7:39:7a:e5:97:a4:09:a1:4b:d2:c2:61:d3:18:71:1f:88:
         2b:df:fc:6f:cd:98:b1:2e:4e:c3:fd:a9:68:d0:f8:21:b6:f0:
         5d:8c:75:2c:b7:88:a8:f1:dd:3f:86:55:71:35:12:4c:fe:61:
         bb:22:b3:70:6d:bf:c0:12:8a:da:fb:d6:e2:f2:0c:29:8c:69:
         d8:e6:f3:a5:88:1b:06:f7:65:e4:d0:f3:e2:db:22:5d:90:48:
         01:2f:03:56:b2:b8:16:7c:3f:12:10:41:2c:f4:52:72:8d:2d:
         1b:23:8a:78
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUGwOwrnwkG+9T97ck7PPvF5kXEyowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTA2MDAzMjAxWhcNMjUxMDExMjM1OTU5
WjB6MUkwRwYDVQQFE0BmNjkyZTJmMGYwNDRmZTM3NjcwYjNjNzIzMzM2ZGE0Zjgx
NTIwM2IxMmQ2ODk2NTdhMGU5ODE5MDc4NDZiZWFjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCu1TyYqgn0U5KnBJe8Ob+6mJehfPoYhTHrcrdZ6syY4RKc
1RT9ZMKtdq/5t8KacMSYWv3VB9i63wWcvti2ZIo4MPLumdROopLYl+6LmEc9Yu7z
L9DsVefxvSLGWuCAFmV0KA/ycQhaE0E8jMvTE9KAAokDTo7oIrcIE/XYlzvrpCRu
H8aw8hfcTvYZMMrbXlxjZ0L9y20UBiE8CCDan/h5uz4r+bu4J3knVkKNXgxoOC3a
QFXzYxOBaALuMoVd+W/VqxfDGtmRe2Atb5aCAVBJKzPU2Bxv7PwESjei7205c075
eefOTk00xpUM56PJhMneWDk4voIls5N7G6pKiXRRAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUF2/WEemRmDbFPgplHCuWTmaVG4MwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzVhNDc0YjJlLWE2ZmQtNDI5OC1iNWRmLWZmOWNhYTI2ZjkxYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4NDANBgkqhkiG9w0BAQsFAAOCAQEAM62ZYfW61NHMeQ/4PnTCBjVKFBWn
qXJ/8U7Pa9ulTPyfCPfNjCtLoVP8wVdLJS5CeNjsFhXTauxoTVdKXEDk3QJdq207
LoWS3Fj+w9bjhL8UnC1zvU7v0M+PQoKT2tqu9Y8Z3pEIDhvD28QGruBQ6Cb7O000
fPxRuzotXH6ryKMC//t9HRRKygmO7JLcJj778cc5euWXpAmhS9LCYdMYcR+IK9/8
b82YsS5Ow/2paND4IbbwXYx1LLeIqPHdP4ZVcTUSTP5huyKzcG2/wBKK2vvW4vIM
KYxp2ObzpYgbBvdl5NDz4tsiXZBIAS8DVrK4Fnw/EhBBLPRSco0tGyOKeA==
-----END CERTIFICATE-----
Generated at Sat Sep 6 14:08:29 2025 by rpki-client