Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8e18da5a-f870-44ce-b5d0-8665afe2c5c7.roa
File:                     8e18da5a-f870-44ce-b5d0-8665afe2c5c7.roa (raw, json)
Hash identifier:          bqQ2+j5VVF8bdj7KwQh3oxNHVNRgA83YBB/oSL1lZcc=
Subject key identifier:   E2:17:7A:C5:8A:A4:05:6C:0E:A7:FC:59:A6:A3:03:54:A6:06:CB:F4
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       12E6BEFFCBE16D8C839F27F72634FBB79174CF7C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8e18da5a-f870-44ce-b5d0-8665afe2c5c7.roa
Signing time:             Tue 17 Jun 2025 00:10:25 +0000
ROA not before:           Tue 17 Jun 2025 00:10:25 +0000
ROA not after:            Tue 22 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        167.243.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 02 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:e6:be:ff:cb:e1:6d:8c:83:9f:27:f7:26:34:fb:b7:91:74:cf:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 17 00:10:25 2025 GMT
            Not After : Jul 22 23:59:59 2025 GMT
        Subject: serialNumber=c17b727eb0fd1c4eac415c092622f0f8df4c1bf502c88dd1f65d46e638e74180, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:94:ae:97:b6:13:19:d4:cc:cc:94:69:26:e8:
                    76:54:7a:b2:d8:06:9d:fd:b9:a4:e9:65:fe:eb:cf:
                    74:42:d4:b2:21:1b:52:14:d6:d2:e9:9a:f6:e9:dd:
                    de:af:40:b3:07:ad:b2:be:63:1d:ea:e5:0b:87:36:
                    e0:be:e6:5f:0a:74:f4:3c:74:ae:75:3b:e5:eb:bc:
                    e4:f2:d5:d7:ae:9a:5b:ff:ef:24:47:bd:97:a8:62:
                    3b:90:27:42:5e:40:05:49:8c:b5:a7:ad:aa:19:9d:
                    ea:fd:ef:ef:c1:37:95:54:b9:47:f2:3f:c3:5d:64:
                    49:b1:80:e1:60:47:7e:41:d7:39:c5:0a:88:38:4f:
                    4d:aa:cd:a1:00:db:f8:11:27:c7:13:3c:a6:54:2e:
                    c6:b7:1d:89:67:21:4e:b5:e5:62:c4:69:ae:fa:00:
                    4f:13:e4:c3:0d:5c:33:f7:fe:2a:5c:8f:0d:21:6e:
                    0e:97:ff:53:16:d6:5d:24:d4:87:4d:7c:51:c5:13:
                    55:f5:11:58:a6:6b:5c:ad:ab:34:59:d5:fc:cf:ca:
                    48:23:fd:5f:b1:44:dd:e1:52:29:fb:9d:53:50:47:
                    08:28:cd:85:a6:19:64:2b:1e:13:9a:5f:9b:1b:03:
                    e7:0b:16:f1:38:59:97:47:35:9c:8d:ad:ae:21:dd:
                    c0:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:17:7A:C5:8A:A4:05:6C:0E:A7:FC:59:A6:A3:03:54:A6:06:CB:F4
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8e18da5a-f870-44ce-b5d0-8665afe2c5c7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  167.243.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         68:07:d4:7b:55:b7:2e:27:f4:d7:ce:ec:ea:7b:89:bb:e4:56:
         09:7f:4c:5d:d4:f4:46:8f:96:02:43:9e:09:96:e5:13:ca:9d:
         4f:f0:49:dc:b6:ee:39:50:71:7d:7f:0a:8d:88:f4:ab:99:0b:
         c9:25:9b:20:3e:51:fc:e2:16:7d:38:18:7e:78:a7:8a:d8:e0:
         64:6f:26:d6:63:dd:a2:d9:54:5f:e8:a0:d3:3a:83:0e:00:f2:
         ff:29:26:b1:69:06:98:21:9a:4b:fb:7a:a8:d1:2b:36:cd:f8:
         dc:b5:d5:5e:f5:5d:4d:46:e7:0f:f1:ee:76:78:a5:7f:a6:e2:
         2b:d6:0f:33:c0:c1:af:ec:f2:58:be:53:70:2c:c8:82:cc:77:
         0a:18:69:4b:65:a3:47:e5:0d:51:b1:93:21:e5:58:61:65:ad:
         73:64:9d:4c:1d:07:d8:39:c1:12:8d:59:df:8f:05:ab:6e:d3:
         89:7c:8c:f0:d8:7c:b2:b3:51:35:11:d2:61:8c:7c:75:88:71:
         e0:90:67:61:ea:48:ae:61:13:2e:d1:e6:ab:e5:7e:c0:5c:33:
         60:84:20:8c:aa:df:b7:df:fa:e4:34:98:08:8c:3e:a4:c3:81:
         1d:2f:be:39:40:55:06:f9:20:00:2e:06:39:e7:2a:7c:f7:10:
         d5:ee:a5:f1
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUEua+/8vhbYyDnyf3JjT7t5F0z3wwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjE3MDAxMDI1WhcNMjUwNzIyMjM1OTU5
WjB6MUkwRwYDVQQFE0BjMTdiNzI3ZWIwZmQxYzRlYWM0MTVjMDkyNjIyZjBmOGRm
NGMxYmY1MDJjODhkZDFmNjVkNDZlNjM4ZTc0MTgwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7lK6XthMZ1MzMlGkm6HZUerLYBp39uaTpZf7rz3RC1LIh
G1IU1tLpmvbp3d6vQLMHrbK+Yx3q5QuHNuC+5l8KdPQ8dK51O+XrvOTy1deumlv/
7yRHvZeoYjuQJ0JeQAVJjLWnraoZner97+/BN5VUuUfyP8NdZEmxgOFgR35B1znF
Cog4T02qzaEA2/gRJ8cTPKZULsa3HYlnIU615WLEaa76AE8T5MMNXDP3/ipcjw0h
bg6X/1MW1l0k1IdNfFHFE1X1EVima1ytqzRZ1fzPykgj/V+xRN3hUin7nVNQRwgo
zYWmGWQrHhOaX5sbA+cLFvE4WZdHNZyNra4h3cC3AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU4hd6xYqkBWwOp/xZpqMDVKYGy/QwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhlMThkYTVhLWY4NzAtNDRjZS1iNWQwLTg2NjVhZmUyYzVjNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCn8zANBgkqhkiG9w0BAQsFAAOCAQEAaAfUe1W3Lif0187s6nuJu+RWCX9M
XdT0Ro+WAkOeCZblE8qdT/BJ3LbuOVBxfX8KjYj0q5kLySWbID5R/OIWfTgYfnin
itjgZG8m1mPdotlUX+ig0zqDDgDy/ykmsWkGmCGaS/t6qNErNs343LXVXvVdTUbn
D/Hudnilf6biK9YPM8DBr+zyWL5TcCzIgsx3ChhpS2WjR+UNUbGTIeVYYWWtc2Sd
TB0H2DnBEo1Z348Fq27TiXyM8Nh8srNRNRHSYYx8dYhx4JBnYepIrmETLtHmq+V+
wFwzYIQgjKrft9/65DSYCIw+pMOBHS++OUBVBvkgAC4GOecqfPcQ1e6l8Q==
-----END CERTIFICATE-----
Generated at Mon Jun 30 21:07:56 2025 by rpki-client