Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/71686793-835a-45ec-ab49-31bec463864e.roa
File:                     71686793-835a-45ec-ab49-31bec463864e.roa (raw, json)
Hash identifier:          l/Lflz6W3IrDKpetxvqlKh4h7LDKZvjW81z7XofvoTM=
Subject key identifier:   BF:65:36:A7:67:8E:72:89:29:D8:A4:93:69:6B:0C:E5:66:C5:50:D1
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       63DB6451EE439612B4E6C5ED16B2686E856FF617
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/71686793-835a-45ec-ab49-31bec463864e.roa
Signing time:             Mon 23 Jun 2025 15:30:31 +0000
ROA not before:           Mon 23 Jun 2025 15:30:31 +0000
ROA not after:            Mon 28 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.199.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 05 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:db:64:51:ee:43:96:12:b4:e6:c5:ed:16:b2:68:6e:85:6f:f6:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 23 15:30:31 2025 GMT
            Not After : Jul 28 23:59:59 2025 GMT
        Subject: serialNumber=fdf6ff2a946c1bfb324efd427488b487db13c24c0df9e7a041b15e5b663d91c7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:75:36:d3:40:84:1e:38:f0:16:9c:1d:df:42:
                    8a:32:b0:0e:f0:c7:9e:b8:49:12:4a:48:d4:1b:ca:
                    b0:ae:57:1b:c9:18:71:c3:50:a9:2f:c2:be:35:05:
                    ff:a5:71:0b:38:dc:38:4e:cb:15:c0:f3:43:7d:f9:
                    da:20:f8:33:1d:df:e1:40:04:ed:af:90:19:cf:36:
                    42:49:ff:0f:1b:e0:fd:69:a0:08:ef:e6:77:95:73:
                    6e:9a:84:d8:6e:ac:c2:ef:9b:b1:38:35:c9:25:f5:
                    c8:30:3c:f0:4d:4f:a3:b3:e0:e0:f5:2e:a6:cd:ff:
                    98:82:41:ad:f3:c1:62:91:5c:fc:90:9b:2e:36:cd:
                    79:4f:9c:f6:d0:bd:85:4b:10:fb:17:ac:ab:d0:7a:
                    9e:61:5c:ab:d1:46:6b:69:a0:36:8a:7b:80:9f:5c:
                    60:09:11:d0:83:20:cf:36:d8:1a:eb:d8:35:83:26:
                    14:2a:a3:3b:ce:a9:74:e8:9e:de:ca:18:16:9b:4a:
                    41:d4:63:31:55:87:1e:e5:f6:73:47:ab:36:c8:2d:
                    22:63:3b:9e:23:98:78:fa:3e:a4:f8:f3:99:23:4a:
                    b5:8a:66:3c:33:9c:98:87:45:4e:5c:35:76:bf:16:
                    02:a4:c9:57:1f:45:98:32:4d:d9:cd:6a:32:47:bf:
                    04:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:65:36:A7:67:8E:72:89:29:D8:A4:93:69:6B:0C:E5:66:C5:50:D1
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/71686793-835a-45ec-ab49-31bec463864e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.199.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         be:b0:f5:dc:e9:5d:63:dc:10:53:03:b2:34:a1:27:ce:71:3c:
         bd:86:7a:ee:66:13:58:a0:82:a8:da:0f:44:3d:c2:5e:e9:21:
         ce:3c:69:df:f2:67:ac:c2:28:ba:38:b3:16:a0:4f:6b:99:62:
         da:e0:f1:42:72:99:c4:5e:cd:95:f3:2a:c3:ea:28:41:72:bc:
         c7:cb:d1:27:47:c4:3c:e6:f4:77:c0:41:3a:25:37:48:5f:ba:
         fd:a2:0b:71:e0:a9:cd:5e:28:ce:65:7f:4c:80:fc:55:f9:93:
         00:74:4e:be:e3:03:c9:2c:10:9c:56:85:23:70:a8:90:30:2a:
         07:63:d4:9d:59:e3:03:d3:e2:6d:43:a1:4d:4e:83:d8:a2:45:
         03:3f:4b:fd:f1:60:9e:f2:90:bd:af:59:43:4e:cd:32:2f:ff:
         7c:97:a4:2c:56:14:53:0d:fa:3b:88:d8:2e:41:1d:87:8d:3c:
         2a:56:49:4f:01:34:64:7b:26:d5:08:7d:4f:69:2d:fb:23:6d:
         96:66:cf:27:d9:8b:b0:3a:c7:ab:f0:3b:c5:0f:58:27:72:6a:
         44:3a:a3:98:13:b4:63:a2:15:64:b4:70:82:77:04:5c:99:bf:
         4f:d1:ea:8e:c8:fc:de:46:2c:54:12:36:a3:73:73:f2:9c:22:
         9f:9b:28:f6
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUY9tkUe5DlhK05sXtFrJoboVv9hcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjIzMTUzMDMxWhcNMjUwNzI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BmZGY2ZmYyYTk0NmMxYmZiMzI0ZWZkNDI3NDg4YjQ4N2Ri
MTNjMjRjMGRmOWU3YTA0MWIxNWU1YjY2M2Q5MWM3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDXdTbTQIQeOPAWnB3fQooysA7wx564SRJKSNQbyrCuVxvJ
GHHDUKkvwr41Bf+lcQs43DhOyxXA80N9+dog+DMd3+FABO2vkBnPNkJJ/w8b4P1p
oAjv5neVc26ahNhurMLvm7E4Nckl9cgwPPBNT6Oz4OD1LqbN/5iCQa3zwWKRXPyQ
my42zXlPnPbQvYVLEPsXrKvQep5hXKvRRmtpoDaKe4CfXGAJEdCDIM822Brr2DWD
JhQqozvOqXTont7KGBabSkHUYzFVhx7l9nNHqzbILSJjO54jmHj6PqT485kjSrWK
ZjwznJiHRU5cNXa/FgKkyVcfRZgyTdnNajJHvwSfAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUv2U2p2eOcokp2KSTaWsM5WbFUNEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzcxNjg2NzkzLTgzNWEtNDVlYy1hYjQ5LTMxYmVjNDYzODY0ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4xzANBgkqhkiG9w0BAQsFAAOCAQEAvrD13OldY9wQUwOyNKEnznE8vYZ6
7mYTWKCCqNoPRD3CXukhzjxp3/JnrMIoujizFqBPa5li2uDxQnKZxF7NlfMqw+oo
QXK8x8vRJ0fEPOb0d8BBOiU3SF+6/aILceCpzV4ozmV/TID8VfmTAHROvuMDySwQ
nFaFI3CokDAqB2PUnVnjA9PibUOhTU6D2KJFAz9L/fFgnvKQva9ZQ07NMi//fJek
LFYUUw36O4jYLkEdh408KlZJTwE0ZHsm1Qh9T2kt+yNtlmbPJ9mLsDrHq/A7xQ9Y
J3JqRDqjmBO0Y6IVZLRwgncEXJm/T9Hqjsj83kYsVBI2o3Nz8pwin5so9g==
-----END CERTIFICATE-----
Generated at Fri Jul 4 04:05:45 2025 by rpki-client