Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7671e404-27d3-4739-9da3-e9ffff3d4e14.roa
File:                     7671e404-27d3-4739-9da3-e9ffff3d4e14.roa (raw, json)
Hash identifier:          VYKea7hPBS/abagYTAym5MMSwovZ2iXow0Aj11fCtYA=
Subject key identifier:   88:A7:30:AF:2F:BD:E9:45:B6:02:0C:1E:1E:39:70:98:12:EC:D7:53
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2E7EFD9965390EDEBA404A83D90CDEAF20CC52CB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7671e404-27d3-4739-9da3-e9ffff3d4e14.roa
Signing time:             Sat 06 Sep 2025 00:51:21 +0000
ROA not before:           Sat 06 Sep 2025 00:51:21 +0000
ROA not after:            Sat 11 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.76.64.0/18 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 08 Sep 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:7e:fd:99:65:39:0e:de:ba:40:4a:83:d9:0c:de:af:20:cc:52:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep  6 00:51:21 2025 GMT
            Not After : Oct 11 23:59:59 2025 GMT
        Subject: serialNumber=64c16b92c1c06d6369f956855bd44000603aff555d34c1dba47d358f6974a8ea, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:81:9b:b6:22:39:9e:30:e1:86:8b:44:fd:1d:
                    ca:3a:16:bd:29:20:a9:45:e4:60:47:e6:71:f8:35:
                    13:e1:9a:0d:de:fc:0a:42:f5:06:87:48:9a:66:d8:
                    73:eb:1a:43:81:ce:b2:c0:b2:85:41:e0:69:65:ac:
                    e7:cb:95:f9:07:a4:bf:c7:28:f7:63:b0:38:7b:05:
                    52:9d:83:62:43:f7:9c:16:72:b4:67:31:3a:61:75:
                    a4:73:fc:16:49:70:ba:10:6f:d8:dc:2a:c3:d8:8f:
                    fd:8e:53:8d:c9:c2:cf:17:d0:4c:ec:16:86:28:b7:
                    31:d2:43:fe:95:75:73:d2:63:0f:84:a5:39:04:17:
                    35:da:85:dd:0c:8e:9a:9d:ec:cf:20:ff:6f:c0:9f:
                    76:27:2b:f9:81:84:bc:a3:8c:2f:fb:6e:c1:f0:13:
                    34:43:29:50:10:f9:13:a6:14:75:0e:80:dc:eb:1c:
                    e9:00:c4:ab:e0:96:b5:db:df:0a:97:be:6b:67:31:
                    0a:61:94:c0:51:c0:2f:42:a5:7a:4b:33:dd:23:66:
                    31:ed:08:4e:97:60:ee:1d:26:a5:33:22:13:e9:1f:
                    b0:75:d6:a1:85:f1:2e:2f:8c:da:08:03:b1:74:89:
                    db:05:28:14:9d:b4:6d:0e:b3:86:ef:f6:d2:3b:d7:
                    74:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:A7:30:AF:2F:BD:E9:45:B6:02:0C:1E:1E:39:70:98:12:EC:D7:53
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7671e404-27d3-4739-9da3-e9ffff3d4e14.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.76.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         50:ac:7d:e3:69:13:d4:9c:00:75:42:fd:d3:44:28:b5:f1:7c:
         b3:7f:e4:48:48:f2:88:11:c0:bd:76:d1:b2:cf:ae:55:90:af:
         c6:0e:2a:9b:aa:96:2f:1c:eb:60:6c:0c:88:3a:2c:9d:18:8e:
         27:b7:4b:bf:2a:03:d3:46:ea:0b:79:34:cd:99:04:4e:d0:9f:
         bf:24:10:a6:42:fa:74:31:f2:81:f1:34:cc:02:1b:5f:ab:8a:
         c2:0d:f5:87:80:55:59:05:02:cf:cd:1c:f4:d7:f7:a3:85:bd:
         64:db:c4:50:2c:eb:1d:dc:d8:bc:c5:1f:95:b0:f8:2d:ab:81:
         9f:70:3a:df:e4:0d:f7:e7:99:4e:be:66:42:8e:07:40:0b:84:
         4c:5f:6c:90:0e:39:b8:2a:ec:15:1c:15:4b:63:ec:89:e9:dd:
         8b:bc:9c:29:78:fa:92:38:b1:49:69:e5:a2:25:db:38:a8:10:
         01:5e:c6:62:b5:f1:41:f9:0d:d7:de:92:a8:e2:12:9e:79:4f:
         44:85:b0:4f:e5:b8:55:b9:7e:6e:c8:b6:2c:5b:a6:aa:a3:23:
         d4:89:14:53:c5:fc:8a:41:30:f0:3c:86:fc:2b:1c:f3:c0:1a:
         a0:a1:63:8e:7a:27:a2:08:48:4c:fa:c2:d4:20:ab:7b:ea:33:
         25:c0:40:76
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULn79mWU5Dt66QEqD2QzeryDMUsswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTA2MDA1MTIxWhcNMjUxMDExMjM1OTU5
WjB6MUkwRwYDVQQFE0A2NGMxNmI5MmMxYzA2ZDYzNjlmOTU2ODU1YmQ0NDAwMDYw
M2FmZjU1NWQzNGMxZGJhNDdkMzU4ZjY5NzRhOGVhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7gZu2IjmeMOGGi0T9Hco6Fr0pIKlF5GBH5nH4NRPhmg3e
/ApC9QaHSJpm2HPrGkOBzrLAsoVB4GllrOfLlfkHpL/HKPdjsDh7BVKdg2JD95wW
crRnMTphdaRz/BZJcLoQb9jcKsPYj/2OU43Jws8X0EzsFoYotzHSQ/6VdXPSYw+E
pTkEFzXahd0Mjpqd7M8g/2/An3YnK/mBhLyjjC/7bsHwEzRDKVAQ+ROmFHUOgNzr
HOkAxKvglrXb3wqXvmtnMQphlMBRwC9CpXpLM90jZjHtCE6XYO4dJqUzIhPpH7B1
1qGF8S4vjNoIA7F0idsFKBSdtG0Os4bv9tI713RNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUiKcwry+96UW2AgweHjlwmBLs11MwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc2NzFlNDA0LTI3ZDMtNDczOS05ZGEzLWU5ZmZmZjNkNGUxNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZjTEAwDQYJKoZIhvcNAQELBQADggEBAFCsfeNpE9ScAHVC/dNEKLXxfLN/
5EhI8ogRwL120bLPrlWQr8YOKpuqli8c62BsDIg6LJ0Yjie3S78qA9NG6gt5NM2Z
BE7Qn78kEKZC+nQx8oHxNMwCG1+risIN9YeAVVkFAs/NHPTX96OFvWTbxFAs6x3c
2LzFH5Ww+C2rgZ9wOt/kDffnmU6+ZkKOB0ALhExfbJAOObgq7BUcFUtj7Inp3Yu8
nCl4+pI4sUlp5aIl2zioEAFexmK18UH5DdfekqjiEp55T0SFsE/luFW5fm7Itixb
pqqjI9SJFFPF/IpBMPA8hvwrHPPAGqChY456J6IISEz6wtQgq3vqMyXAQHY=
-----END CERTIFICATE-----
Generated at Sat Sep 6 16:44:12 2025 by rpki-client