Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6d8a1b36-3855-4b0a-8d07-ec0c2baf4fe8.roa
File:                     6d8a1b36-3855-4b0a-8d07-ec0c2baf4fe8.roa (raw, json)
Hash identifier:          CoSp+MJnh5dHzHb6BeKlj4Qcdo36rG/1adG2UXxPCTM=
Subject key identifier:   51:D1:D7:D9:33:DF:39:CA:E8:3D:9A:9C:DE:CF:79:98:02:C0:50:5F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6479CD4FF01170423AAC510CEAB478E5B44AA7CB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6d8a1b36-3855-4b0a-8d07-ec0c2baf4fe8.roa
Signing time:             Tue 02 Sep 2025 00:11:23 +0000
ROA not before:           Tue 02 Sep 2025 00:11:23 +0000
ROA not after:            Tue 07 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        35.28.0.0/15 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 07 Sep 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            64:79:cd:4f:f0:11:70:42:3a:ac:51:0c:ea:b4:78:e5:b4:4a:a7:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep  2 00:11:23 2025 GMT
            Not After : Oct  7 23:59:59 2025 GMT
        Subject: serialNumber=b9c03b0a7bfd659d072149cab935a7b62fdeb120b3d5dd2b141863a6a3bffebd, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:86:65:c9:8c:43:50:32:73:a0:d7:fe:9f:2f:
                    48:a5:77:91:bd:95:0e:00:3e:a2:b6:c6:4b:12:1c:
                    f0:2a:0d:23:70:c9:2b:5a:ca:31:06:7d:83:be:fc:
                    b5:c1:e3:f2:98:41:1e:ce:be:1a:2a:9b:e0:96:e8:
                    f4:10:2f:9d:ad:53:95:17:54:2f:ba:98:51:e0:4f:
                    a8:79:9f:79:93:72:d4:67:7b:45:23:95:ac:69:ae:
                    ef:f9:99:2d:38:83:4d:27:49:5e:c8:23:42:49:6d:
                    6a:c5:c8:07:ca:4e:d8:dd:ae:88:18:f6:e1:b7:a2:
                    03:20:dd:49:57:49:9f:1e:5a:75:df:af:91:75:7c:
                    f9:c8:d7:86:79:b2:36:1f:1b:17:4d:d4:61:de:26:
                    20:08:58:2b:8a:28:cb:30:98:f2:7f:db:1e:d7:72:
                    ba:45:e4:45:30:fa:8c:a8:78:e8:83:b6:2a:d7:aa:
                    74:a5:b8:7f:ac:28:4a:3b:10:f2:ef:0c:c9:82:8a:
                    06:0d:23:ca:d5:a6:e0:ae:3d:f8:17:99:0e:00:cd:
                    43:53:f3:9a:8b:8c:86:0d:59:b7:c5:e7:b4:a4:b0:
                    53:55:5a:76:fc:85:03:16:09:e6:3d:ee:24:0a:94:
                    63:e0:bb:a0:c2:61:4b:9c:e5:c7:50:24:af:43:0c:
                    72:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:D1:D7:D9:33:DF:39:CA:E8:3D:9A:9C:DE:CF:79:98:02:C0:50:5F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6d8a1b36-3855-4b0a-8d07-ec0c2baf4fe8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.28.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         9b:b1:61:e5:cb:c9:84:f3:61:b8:d6:ef:d5:da:db:57:d0:ed:
         8e:dc:a7:45:b3:eb:16:61:fc:05:6b:51:8d:87:e9:da:00:cb:
         8c:5c:7a:24:48:c3:24:5c:e1:47:30:bd:3d:4f:5c:12:4e:47:
         2f:29:4b:f5:3a:83:6a:c0:1e:4e:03:58:b4:ef:df:60:84:67:
         03:d4:cb:7d:b7:f6:68:89:47:df:18:34:42:05:f0:81:df:68:
         6f:62:64:73:6c:03:7f:09:26:38:2f:4f:82:17:17:8c:53:c5:
         3e:62:2a:67:b2:7a:fd:80:30:3c:9e:9e:56:9f:8b:85:e4:75:
         34:ba:05:e1:4b:79:0c:3d:1f:ca:38:d1:2a:52:1b:15:af:f7:
         50:01:b5:75:44:ac:ef:60:88:0a:c1:11:78:cc:05:2d:de:b4:
         84:89:9c:47:6a:c3:6b:6e:34:5e:6c:f1:7a:33:48:55:31:26:
         af:ff:45:d3:0e:e0:58:39:b6:ad:91:8d:36:50:a9:ad:7f:f8:
         c7:8b:dd:d9:6b:e4:a2:0f:c0:b6:17:c0:7e:3f:0f:d1:a4:96:
         8e:2a:00:38:27:c5:c3:05:1a:3f:97:f5:09:f1:33:5b:e8:91:
         a9:6c:ec:36:30:31:5f:0d:fe:f9:fb:23:0a:30:74:38:f3:0d:
         c5:6c:d5:a0
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUZHnNT/ARcEI6rFEM6rR45bRKp8swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTAyMDAxMTIzWhcNMjUxMDA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BiOWMwM2IwYTdiZmQ2NTlkMDcyMTQ5Y2FiOTM1YTdiNjJm
ZGViMTIwYjNkNWRkMmIxNDE4NjNhNmEzYmZmZWJkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCqhmXJjENQMnOg1/6fL0ild5G9lQ4APqK2xksSHPAqDSNw
yStayjEGfYO+/LXB4/KYQR7Ovhoqm+CW6PQQL52tU5UXVC+6mFHgT6h5n3mTctRn
e0Ujlaxpru/5mS04g00nSV7II0JJbWrFyAfKTtjdrogY9uG3ogMg3UlXSZ8eWnXf
r5F1fPnI14Z5sjYfGxdN1GHeJiAIWCuKKMswmPJ/2x7XcrpF5EUw+oyoeOiDtirX
qnSluH+sKEo7EPLvDMmCigYNI8rVpuCuPfgXmQ4AzUNT85qLjIYNWbfF57SksFNV
Wnb8hQMWCeY97iQKlGPgu6DCYUuc5cdQJK9DDHJfAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUUdHX2TPfOcroPZqc3s95mALAUF8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZkOGExYjM2LTM4NTUtNGIwYS04ZDA3LWVjMGMyYmFmNGZlOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEjHDANBgkqhkiG9w0BAQsFAAOCAQEAm7Fh5cvJhPNhuNbv1drbV9Dtjtyn
RbPrFmH8BWtRjYfp2gDLjFx6JEjDJFzhRzC9PU9cEk5HLylL9TqDasAeTgNYtO/f
YIRnA9TLfbf2aIlH3xg0QgXwgd9ob2Jkc2wDfwkmOC9PghcXjFPFPmIqZ7J6/YAw
PJ6eVp+LheR1NLoF4Ut5DD0fyjjRKlIbFa/3UAG1dUSs72CICsEReMwFLd60hImc
R2rDa240XmzxejNIVTEmr/9F0w7gWDm2rZGNNlCprX/4x4vd2Wvkog/AthfAfj8P
0aSWjioAOCfFwwUaP5f1CfEzW+iRqWzsNjAxXw3++fsjCjB0OPMNxWzVoA==
-----END CERTIFICATE-----
Generated at Sat Sep 6 14:11:30 2025 by rpki-client