Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7f4aece0-320f-46a2-ae45-69cd23b5c314.roa
File:                     7f4aece0-320f-46a2-ae45-69cd23b5c314.roa (raw, json)
Hash identifier:          r696atpeDX+DwuF5SufEYlRP1bqq5P4xUgVnQCm55QU=
Subject key identifier:   19:5B:26:2D:B7:AB:08:18:EF:FE:E4:3D:42:6B:7A:06:55:76:8A:D7
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       30667CA5040B4D5F21C64CE31EEE3172549572BF
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7f4aece0-320f-46a2-ae45-69cd23b5c314.roa
Signing time:             Tue 17 Jun 2025 00:12:14 +0000
ROA not before:           Tue 17 Jun 2025 00:12:14 +0000
ROA not after:            Tue 22 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        149.188.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 02 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:66:7c:a5:04:0b:4d:5f:21:c6:4c:e3:1e:ee:31:72:54:95:72:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 17 00:12:14 2025 GMT
            Not After : Jul 22 23:59:59 2025 GMT
        Subject: serialNumber=f4807f6bba37fde5f82b9d9658cfa539fc23b035351eb527d99977361235d658, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:77:7e:62:3c:de:e9:f2:da:82:43:ef:b7:96:
                    a9:55:ec:b8:ab:70:72:80:0c:3e:e1:18:a5:00:40:
                    d2:20:71:7f:50:5d:0d:ce:b2:9a:9b:85:5c:b8:de:
                    cd:52:d9:e3:be:2b:fd:c9:ff:b6:f9:d3:d5:91:00:
                    ec:40:c2:54:bc:77:53:7b:44:68:51:cc:29:d6:5f:
                    14:50:f3:ca:42:2f:86:08:e6:39:c9:3c:d1:76:f3:
                    22:88:f4:cf:99:5b:9e:32:83:0e:30:53:7a:0f:8a:
                    5a:10:2f:12:fa:0d:92:f6:38:28:f1:f9:fc:07:e0:
                    28:fb:37:a2:25:0b:65:fb:46:96:67:5e:07:5f:42:
                    8f:09:5d:23:ac:30:df:37:bb:27:7c:0c:d1:b2:95:
                    75:5d:2e:a3:e1:c2:4a:0a:d4:83:3c:d5:e5:a0:32:
                    24:e9:db:26:3a:4f:1e:45:fe:4b:a7:b4:79:9c:cc:
                    c3:ec:11:19:84:ed:08:14:26:22:fa:8d:b9:5c:94:
                    15:47:d2:69:06:06:ca:83:ac:2b:88:fe:47:60:58:
                    6e:be:b8:c0:23:73:84:24:5c:2e:8c:d0:a7:22:62:
                    d4:bf:52:9b:77:5c:2b:4b:00:ec:fe:5f:a5:fe:71:
                    9c:74:c4:93:38:c8:95:ce:73:aa:a8:b9:d3:76:61:
                    d6:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:5B:26:2D:B7:AB:08:18:EF:FE:E4:3D:42:6B:7A:06:55:76:8A:D7
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7f4aece0-320f-46a2-ae45-69cd23b5c314.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  149.188.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         42:bd:d3:05:8f:e5:5e:88:d5:df:47:de:45:93:e2:b9:0b:6d:
         2b:ce:a4:f0:bf:fe:de:c4:b1:1a:ab:2c:83:0c:9c:47:2e:6b:
         e0:cc:64:cb:40:46:c3:44:fe:85:02:a0:05:36:76:8d:67:2f:
         44:2f:5a:25:a1:c1:23:22:6e:55:d0:9a:8e:32:c8:57:fd:8c:
         3b:fa:e4:4f:7c:84:24:0c:00:4b:21:85:06:53:18:99:2e:d7:
         53:69:17:2f:93:f8:5e:2f:6a:e9:e1:07:7c:67:f9:b1:a7:2e:
         0c:cd:27:6b:64:69:ee:2f:eb:e1:77:00:e7:82:5a:5f:5f:ac:
         76:35:6d:37:54:5d:71:61:01:ac:58:ef:cd:ff:b7:01:3b:16:
         9c:da:fc:4a:52:95:2b:83:65:9e:80:88:56:50:75:5c:a2:c1:
         91:96:b3:fa:56:db:18:84:1b:4e:4c:67:cd:e7:b4:ef:d4:60:
         25:8a:d5:29:1f:c4:88:7b:47:01:2a:c3:1a:49:36:01:1a:39:
         30:2c:26:3d:93:b7:58:d9:bc:a3:3c:20:93:a6:53:fa:9a:c2:
         2f:e7:81:15:fc:ac:1f:38:9b:c6:c8:8c:bd:3b:3a:30:db:ef:
         eb:fd:0f:9a:a5:b5:92:f0:e3:ed:36:a8:fd:fc:46:08:d6:44:
         26:34:86:a5
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUMGZ8pQQLTV8hxkzjHu4xclSVcr8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjE3MDAxMjE0WhcNMjUwNzIyMjM1OTU5
WjB6MUkwRwYDVQQFE0BmNDgwN2Y2YmJhMzdmZGU1ZjgyYjlkOTY1OGNmYTUzOWZj
MjNiMDM1MzUxZWI1MjdkOTk5NzczNjEyMzVkNjU4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCfd35iPN7p8tqCQ++3lqlV7LircHKADD7hGKUAQNIgcX9Q
XQ3OspqbhVy43s1S2eO+K/3J/7b509WRAOxAwlS8d1N7RGhRzCnWXxRQ88pCL4YI
5jnJPNF28yKI9M+ZW54ygw4wU3oPiloQLxL6DZL2OCjx+fwH4Cj7N6IlC2X7RpZn
XgdfQo8JXSOsMN83uyd8DNGylXVdLqPhwkoK1IM81eWgMiTp2yY6Tx5F/kuntHmc
zMPsERmE7QgUJiL6jblclBVH0mkGBsqDrCuI/kdgWG6+uMAjc4QkXC6M0KciYtS/
Upt3XCtLAOz+X6X+cZx0xJM4yJXOc6qoudN2YdbXAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUGVsmLberCBjv/uQ9Qmt6BlV2itcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdmNGFlY2UwLTMyMGYtNDZhMi1hZTQ1LTY5Y2QyM2I1YzMxNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCVvDANBgkqhkiG9w0BAQsFAAOCAQEAQr3TBY/lXojV30feRZPiuQttK86k
8L/+3sSxGqssgwycRy5r4Mxky0BGw0T+hQKgBTZ2jWcvRC9aJaHBIyJuVdCajjLI
V/2MO/rkT3yEJAwASyGFBlMYmS7XU2kXL5P4Xi9q6eEHfGf5sacuDM0na2Rp7i/r
4XcA54JaX1+sdjVtN1RdcWEBrFjvzf+3ATsWnNr8SlKVK4NlnoCIVlB1XKLBkZaz
+lbbGIQbTkxnzee079RgJYrVKR/EiHtHASrDGkk2ARo5MCwmPZO3WNm8ozwgk6ZT
+prCL+eBFfysHzibxsiMvTs6MNvv6/0PmqW1kvDj7Tao/fxGCNZEJjSGpQ==
-----END CERTIFICATE-----
Generated at Mon Jun 30 21:21:38 2025 by rpki-client