Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6a94972a-5622-44f7-85a8-f166881512cb.roa
File:                     6a94972a-5622-44f7-85a8-f166881512cb.roa (raw, json)
Hash identifier:          1+NVLLlxmzy6PdA0Wh8Xzkp57aLRWBW+ALF99DoytrE=
Subject key identifier:   38:35:A9:AB:2F:D6:1F:5B:88:48:0D:07:B9:7C:E8:83:53:56:FD:86
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       48E44B901A699F4E6F6B8F1F2AEFCF16F77A5F7D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6a94972a-5622-44f7-85a8-f166881512cb.roa
Signing time:             Wed 28 May 2025 00:51:18 +0000
ROA not before:           Wed 28 May 2025 00:51:18 +0000
ROA not after:            Wed 02 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.134.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 05 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:e4:4b:90:1a:69:9f:4e:6f:6b:8f:1f:2a:ef:cf:16:f7:7a:5f:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 28 00:51:18 2025 GMT
            Not After : Jul  2 23:59:59 2025 GMT
        Subject: serialNumber=5ad69ef3a67a60589aab919289e2a6af79357e9315bf000b3804717c928c1123, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:0f:17:6d:51:54:c6:5a:7e:a3:c2:e7:31:11:
                    7d:1b:5d:c0:29:58:0e:b0:4d:21:1d:70:f2:21:b8:
                    31:5c:f8:3e:37:dd:a1:fa:7f:b3:59:0e:c7:67:f3:
                    5a:a6:10:6f:d5:53:6a:52:78:05:42:46:10:23:c0:
                    11:61:cb:00:25:eb:a7:af:37:30:f0:3f:a8:d2:2e:
                    a6:30:f8:5c:ef:79:06:6a:f6:06:1a:1b:78:6a:7c:
                    fc:45:a3:c6:7b:21:e9:fb:ea:16:01:aa:0f:7b:38:
                    6c:36:73:3e:9b:80:56:b0:16:83:87:a6:dc:5e:5d:
                    ca:7c:1e:a4:d3:a7:f3:aa:c3:61:a0:f4:30:ba:2b:
                    25:76:d1:c7:8e:53:77:24:67:61:ec:d6:58:f8:ce:
                    f7:f9:71:2c:2e:fa:f7:55:de:e0:b2:3c:d8:15:37:
                    7f:8e:9b:1e:1c:35:d4:cc:ee:a4:86:e6:f2:88:26:
                    eb:12:3e:30:76:dd:df:5f:f3:e1:01:bb:92:e3:00:
                    67:8d:8f:41:f2:99:c0:5a:81:c5:a8:35:67:ca:d6:
                    45:c7:c7:e6:c5:dd:0d:e0:09:e5:a6:10:f8:b7:76:
                    03:99:82:1d:f5:c4:71:a7:46:da:3c:31:aa:5c:6c:
                    19:d0:f3:e3:06:8d:69:4d:9d:7e:52:bb:ab:69:a4:
                    5b:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:35:A9:AB:2F:D6:1F:5B:88:48:0D:07:B9:7C:E8:83:53:56:FD:86
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6a94972a-5622-44f7-85a8-f166881512cb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.134.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bb:17:5a:6d:57:69:c1:3c:74:9f:e1:b5:16:23:18:60:d0:bc:
         a1:eb:7b:ba:32:de:ac:df:33:d7:bd:82:60:b1:d7:96:d4:0a:
         bf:9d:1a:1c:ab:b3:6c:8e:05:a5:e6:f2:ca:5f:75:5a:b2:1b:
         10:d0:d5:2b:4d:4f:ba:3f:5e:ea:fc:b6:8a:df:d2:5d:b1:34:
         5d:1b:95:69:34:7b:b0:ee:49:94:d9:1a:cc:3f:94:c5:91:bc:
         84:c5:08:e7:4e:15:ce:1d:5c:93:a0:eb:31:4f:0c:dd:2d:b5:
         94:da:f0:8c:cc:11:f1:1c:8c:99:d0:ec:45:3f:5b:eb:3e:d4:
         d7:88:d6:b2:dc:e3:c9:20:16:9b:e6:cc:03:a0:bc:76:ad:f9:
         31:99:9e:e5:d2:a2:c3:20:1c:fb:e5:d8:64:76:e0:a2:d8:78:
         b3:5b:8e:19:5d:a0:03:cd:b1:7c:d6:ec:9b:56:9b:df:ce:2c:
         a1:45:6b:36:24:32:09:62:1a:6d:a3:cb:5f:cf:98:80:bb:20:
         cb:0e:8c:e1:ac:44:1d:67:4d:8a:57:1f:b9:97:02:4e:05:3a:
         1c:15:eb:de:f1:eb:45:f1:4e:eb:63:20:ac:eb:54:21:2c:66:
         30:cd:fb:f6:72:f4:07:d9:9f:65:fe:37:71:60:70:d0:5a:5e:
         b7:29:3c:59
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSORLkBppn05va48fKu/PFvd6X30wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTI4MDA1MTE4WhcNMjUwNzAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A1YWQ2OWVmM2E2N2E2MDU4OWFhYjkxOTI4OWUyYTZhZjc5
MzU3ZTkzMTViZjAwMGIzODA0NzE3YzkyOGMxMTIzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCyDxdtUVTGWn6jwucxEX0bXcApWA6wTSEdcPIhuDFc+D43
3aH6f7NZDsdn81qmEG/VU2pSeAVCRhAjwBFhywAl66evNzDwP6jSLqYw+FzveQZq
9gYaG3hqfPxFo8Z7Ien76hYBqg97OGw2cz6bgFawFoOHptxeXcp8HqTTp/Oqw2Gg
9DC6KyV20ceOU3ckZ2Hs1lj4zvf5cSwu+vdV3uCyPNgVN3+Omx4cNdTM7qSG5vKI
JusSPjB23d9f8+EBu5LjAGeNj0HymcBagcWoNWfK1kXHx+bF3Q3gCeWmEPi3dgOZ
gh31xHGnRto8MapcbBnQ8+MGjWlNnX5Su6tppFsjAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUODWpqy/WH1uISA0HuXzog1NW/YYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZhOTQ5NzJhLTU2MjItNDRmNy04NWE4LWYxNjY4ODE1MTJjYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTYYwDQYJKoZIhvcNAQELBQADggEBALsXWm1XacE8dJ/htRYjGGDQvKHr
e7oy3qzfM9e9gmCx15bUCr+dGhyrs2yOBaXm8spfdVqyGxDQ1StNT7o/Xur8torf
0l2xNF0blWk0e7DuSZTZGsw/lMWRvITFCOdOFc4dXJOg6zFPDN0ttZTa8IzMEfEc
jJnQ7EU/W+s+1NeI1rLc48kgFpvmzAOgvHat+TGZnuXSosMgHPvl2GR24KLYeLNb
jhldoAPNsXzW7JtWm9/OLKFFazYkMgliGm2jy1/PmIC7IMsOjOGsRB1nTYpXH7mX
Ak4FOhwV697x60XxTutjIKzrVCEsZjDN+/Zy9AfZn2X+N3FgcNBaXrcpPFk=
-----END CERTIFICATE-----
Generated at Wed Jun 4 11:13:10 2025 by rpki-client