Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/696c1b1e-0246-458d-a96e-56b6b29e333d.roa
File:                     696c1b1e-0246-458d-a96e-56b6b29e333d.roa (raw, json)
Hash identifier:          FqkihvsY5oIBA5lAC6O/lSpCGxcwrYqJv9JeibKOYQU=
Subject key identifier:   FC:81:DD:8E:DD:9B:30:A6:67:42:D4:E1:4D:AC:B5:DB:06:67:F9:50
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       73F95970E24C2BA93851E1FD9AA70338B0C2796B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/696c1b1e-0246-458d-a96e-56b6b29e333d.roa
Signing time:             Fri 29 Aug 2025 15:20:31 +0000
ROA not before:           Fri 29 Aug 2025 15:20:31 +0000
ROA not after:            Fri 03 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.70.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 07 Sep 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:f9:59:70:e2:4c:2b:a9:38:51:e1:fd:9a:a7:03:38:b0:c2:79:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 29 15:20:31 2025 GMT
            Not After : Oct  3 23:59:59 2025 GMT
        Subject: serialNumber=63547997bf08009ae95c8dcb541a520efd538fac6010f983f6b399dcadfeed4e, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:6d:6c:e5:f2:c7:b6:a4:01:59:ac:38:45:09:
                    3e:48:4d:21:44:fe:f0:4a:44:8b:02:20:00:3c:2f:
                    e1:21:df:47:5a:e6:63:84:c1:d0:73:af:56:9b:9d:
                    5f:4f:8a:d4:42:ac:64:1a:a2:7f:1a:bc:12:1a:8e:
                    be:86:b5:c3:ae:25:c5:0d:6b:66:dc:2a:f7:d3:1d:
                    82:f1:34:44:a6:f8:10:99:70:bc:bc:94:dc:fe:1f:
                    82:a7:d1:49:7f:1b:31:c2:b1:6d:4a:21:eb:ff:00:
                    eb:9f:65:e2:40:b7:b3:a2:65:52:6e:03:64:38:db:
                    ed:33:54:19:aa:b6:ad:35:ec:56:c3:c6:97:98:bc:
                    49:15:5d:68:2a:ef:f2:10:15:35:eb:7b:43:a3:d2:
                    26:33:b5:98:9d:12:3e:86:fc:0c:f6:9c:1e:17:95:
                    ac:49:fa:f9:ab:47:89:7d:24:1a:f3:85:89:4d:c8:
                    ba:57:c9:fe:6a:4a:29:6f:ea:ab:1f:0a:81:46:7a:
                    8d:59:dd:36:8f:75:1f:b8:3d:10:a0:f9:c2:c6:6e:
                    ac:df:c4:1d:17:5f:11:c0:34:e9:03:e0:52:07:b6:
                    53:28:f9:1d:86:fe:b2:25:71:7d:8c:f6:3c:b8:33:
                    71:f3:5d:80:c0:72:7c:f0:07:52:c3:a2:35:12:71:
                    1b:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:81:DD:8E:DD:9B:30:A6:67:42:D4:E1:4D:AC:B5:DB:06:67:F9:50
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/696c1b1e-0246-458d-a96e-56b6b29e333d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.70.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         50:46:83:f1:dc:4e:eb:7e:4a:18:3a:e6:a1:2f:71:d4:fc:9c:
         84:44:d4:df:78:28:a5:7b:ac:fa:ca:5d:21:05:0b:64:ad:af:
         2e:38:48:45:93:34:91:c7:a9:f5:b4:9c:fc:e5:be:a2:9e:c8:
         73:51:da:2d:72:80:52:21:f7:cb:04:49:39:35:b5:c0:81:e8:
         b3:43:30:99:46:c7:22:0b:2b:94:8d:58:75:cc:f6:42:38:4c:
         40:bf:29:76:98:0c:31:eb:e3:0b:41:ed:6d:9a:17:2b:22:15:
         0c:da:28:3f:fd:dc:13:ce:6d:91:7b:f3:49:46:1e:74:6e:43:
         e8:f3:b1:2e:36:05:ba:ae:8b:34:a8:4b:78:1c:71:38:07:18:
         7e:ff:3e:ba:3d:25:80:46:f2:b0:ae:3d:d8:d4:7a:ef:e7:37:
         9d:9c:5d:04:36:a4:3e:ab:37:93:44:19:5b:f3:85:01:c6:74:
         ce:90:93:77:f7:e0:cf:59:ce:9f:9f:97:56:c5:01:cd:64:f3:
         aa:47:63:28:16:a6:59:8b:09:37:13:8c:52:12:d5:b7:c7:47:
         88:94:e6:66:eb:9a:67:5c:2c:0e:b1:76:96:2e:12:15:5f:1f:
         40:a6:e4:f1:3c:26:2a:cb:0c:21:bf:b1:58:bb:90:40:c9:f1:
         0d:f8:63:91
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUc/lZcOJMK6k4UeH9mqcDOLDCeWswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODI5MTUyMDMxWhcNMjUxMDAzMjM1OTU5
WjB6MUkwRwYDVQQFE0A2MzU0Nzk5N2JmMDgwMDlhZTk1YzhkY2I1NDFhNTIwZWZk
NTM4ZmFjNjAxMGY5ODNmNmIzOTlkY2FkZmVlZDRlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQClbWzl8se2pAFZrDhFCT5ITSFE/vBKRIsCIAA8L+Eh30da
5mOEwdBzr1abnV9PitRCrGQaon8avBIajr6GtcOuJcUNa2bcKvfTHYLxNESm+BCZ
cLy8lNz+H4Kn0Ul/GzHCsW1KIev/AOufZeJAt7OiZVJuA2Q42+0zVBmqtq017FbD
xpeYvEkVXWgq7/IQFTXre0Oj0iYztZidEj6G/Az2nB4XlaxJ+vmrR4l9JBrzhYlN
yLpXyf5qSilv6qsfCoFGeo1Z3TaPdR+4PRCg+cLGbqzfxB0XXxHANOkD4FIHtlMo
+R2G/rIlcX2M9jy4M3HzXYDAcnzwB1LDojUScRudAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU/IHdjt2bMKZnQtThTay12wZn+VAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY5NmMxYjFlLTAyNDYtNDU4ZC1hOTZlLTU2YjZiMjllMzMzZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQRjANBgkqhkiG9w0BAQsFAAOCAQEAUEaD8dxO635KGDrmoS9x1PychETU
33gopXus+spdIQULZK2vLjhIRZM0kcep9bSc/OW+op7Ic1HaLXKAUiH3ywRJOTW1
wIHos0MwmUbHIgsrlI1Ydcz2QjhMQL8pdpgMMevjC0HtbZoXKyIVDNooP/3cE85t
kXvzSUYedG5D6POxLjYFuq6LNKhLeBxxOAcYfv8+uj0lgEbysK492NR67+c3nZxd
BDakPqs3k0QZW/OFAcZ0zpCTd/fgz1nOn5+XVsUBzWTzqkdjKBamWYsJNxOMUhLV
t8dHiJTmZuuaZ1wsDrF2li4SFV8fQKbk8TwmKssMIb+xWLuQQMnxDfhjkQ==
-----END CERTIFICATE-----
Generated at Sat Sep 6 14:05:50 2025 by rpki-client