Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/94760639-2712-4f50-9362-9ff9626e6a44.roa
File:                     94760639-2712-4f50-9362-9ff9626e6a44.roa (raw, json)
Hash identifier:          M1jKBwOO2A0C/ikTc/71DDgJTdb5J6DYoiJCS0PUNeA=
Subject key identifier:   50:49:1C:8A:E1:4D:64:51:8D:C8:D9:0B:26:B0:74:02:59:6A:68:9D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       046E7D121AED0C30F1A4BE0FDD729DC053BCD47B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/94760639-2712-4f50-9362-9ff9626e6a44.roa
Signing time:             Mon 08 Sep 2025 15:01:39 +0000
ROA not before:           Mon 08 Sep 2025 15:01:39 +0000
ROA not after:            Mon 13 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        107.152.128.0/17 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 19 Sep 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:6e:7d:12:1a:ed:0c:30:f1:a4:be:0f:dd:72:9d:c0:53:bc:d4:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep  8 15:01:39 2025 GMT
            Not After : Oct 13 23:59:59 2025 GMT
        Subject: serialNumber=e511e4f5bcaab52d1c2df16495a03112f56a4d2a47b9990f44fcb2f56d613e88, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:73:ed:da:cc:cc:7b:0f:f9:98:6e:4d:33:b7:
                    e1:3d:a1:c5:5b:21:64:cf:e2:16:17:80:dc:cd:b1:
                    36:f8:7c:75:5c:82:58:2a:67:73:74:a4:2b:f6:3e:
                    f3:05:86:d3:00:fd:6c:75:1e:38:fc:3e:8b:4b:ea:
                    eb:19:36:95:ca:f1:5a:3a:c9:22:b2:c7:9e:ba:4c:
                    91:a4:c5:82:03:f3:8d:92:ab:4f:50:f5:b0:de:11:
                    95:53:9a:00:f0:e6:d3:0a:55:7d:7e:75:4d:da:fb:
                    7c:9c:19:37:eb:fb:8e:b6:45:50:14:43:88:de:5d:
                    d8:d4:9a:cb:ac:d6:b2:85:96:83:95:e2:d6:88:18:
                    c6:9a:8c:c0:da:50:2e:6b:8d:87:1c:29:59:47:33:
                    f7:d5:4e:ba:e4:10:83:93:95:24:69:55:99:ba:37:
                    99:2c:6d:ff:3b:b4:dd:b0:f6:16:04:2b:bf:fd:cb:
                    45:53:57:dd:c8:73:3b:e0:3d:ad:16:b8:75:1a:6e:
                    84:d7:7c:15:2b:4b:1e:20:c7:51:25:87:37:97:f9:
                    57:3d:0a:eb:df:87:95:6c:4d:40:25:5a:57:df:90:
                    e4:52:18:61:ec:c2:16:7a:25:1f:02:ae:56:c6:f9:
                    d7:00:62:76:a6:46:84:c3:ff:6a:87:be:c9:30:56:
                    e5:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:49:1C:8A:E1:4D:64:51:8D:C8:D9:0B:26:B0:74:02:59:6A:68:9D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/94760639-2712-4f50-9362-9ff9626e6a44.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  107.152.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         93:57:b9:31:e9:21:a9:2e:8f:9e:68:1f:c7:cc:8a:49:50:5b:
         fe:e8:31:e7:28:a5:df:55:a9:05:a7:26:5d:09:d8:0a:c5:32:
         1f:6c:3b:5e:b1:a7:c7:9f:32:e1:fe:4f:0b:7a:3a:c9:ae:8c:
         5a:96:20:21:90:30:40:20:f0:dc:1c:99:fc:ad:cc:17:f8:65:
         f0:e9:3d:a5:b2:e9:fa:c6:1f:cb:10:c6:f5:5b:38:86:2c:69:
         f9:56:bc:92:ba:cb:af:68:fe:97:89:4f:f2:4a:8c:8a:79:a6:
         78:44:64:63:6d:ba:52:20:d6:a1:b8:dc:47:0e:b7:ba:f5:74:
         48:78:2f:c2:d4:33:9e:04:9b:03:bd:cd:80:03:8f:17:23:84:
         49:80:2d:6e:48:a7:66:1a:07:80:e9:9a:55:9a:7f:6f:a2:5f:
         d0:71:ea:da:5e:55:d2:b9:43:4a:5e:4b:d5:a0:de:5a:95:c5:
         dc:af:b6:a6:12:8c:ae:6d:ba:b2:9b:b4:ae:2a:e9:e3:fb:df:
         88:2a:96:6d:2d:8f:1e:84:1a:6c:33:2c:d2:da:da:bb:8a:6b:
         6e:f2:a9:0d:45:fa:49:91:b7:2b:9d:0f:59:4b:a9:71:e6:7d:
         04:e7:a1:73:c5:ed:c1:19:93:46:8f:3a:76:0d:15:ee:f1:14:
         80:75:a9:be
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBG59EhrtDDDxpL4P3XKdwFO81HswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTA4MTUwMTM5WhcNMjUxMDEzMjM1OTU5
WjB6MUkwRwYDVQQFE0BlNTExZTRmNWJjYWFiNTJkMWMyZGYxNjQ5NWEwMzExMmY1
NmE0ZDJhNDdiOTk5MGY0NGZjYjJmNTZkNjEzZTg4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDCc+3azMx7D/mYbk0zt+E9ocVbIWTP4hYXgNzNsTb4fHVc
glgqZ3N0pCv2PvMFhtMA/Wx1Hjj8PotL6usZNpXK8Vo6ySKyx566TJGkxYID842S
q09Q9bDeEZVTmgDw5tMKVX1+dU3a+3ycGTfr+462RVAUQ4jeXdjUmsus1rKFloOV
4taIGMaajMDaUC5rjYccKVlHM/fVTrrkEIOTlSRpVZm6N5ksbf87tN2w9hYEK7/9
y0VTV93IczvgPa0WuHUaboTXfBUrSx4gx1ElhzeX+Vc9Cuvfh5VsTUAlWlffkORS
GGHswhZ6JR8CrlbG+dcAYnamRoTD/2qHvskwVuWTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUUEkciuFNZFGNyNkLJrB0AllqaJ0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk0NzYwNjM5LTI3MTItNGY1MC05MzYyLTlmZjk2MjZlNmE0NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAdrmIAwDQYJKoZIhvcNAQELBQADggEBAJNXuTHpIakuj55oH8fMiklQW/7o
Mecopd9VqQWnJl0J2ArFMh9sO16xp8efMuH+Twt6OsmujFqWICGQMEAg8Nwcmfyt
zBf4ZfDpPaWy6frGH8sQxvVbOIYsaflWvJK6y69o/peJT/JKjIp5pnhEZGNtulIg
1qG43EcOt7r1dEh4L8LUM54EmwO9zYADjxcjhEmALW5Ip2YaB4DpmlWaf2+iX9Bx
6tpeVdK5Q0peS9Wg3lqVxdyvtqYSjK5turKbtK4q6eP734gqlm0tjx6EGmwzLNLa
2ruKa27yqQ1F+kmRtyudD1lLqXHmfQTnoXPF7cEZk0aPOnYNFe7xFIB1qb4=
-----END CERTIFICATE-----
Generated at Thu Sep 18 11:12:09 2025 by rpki-client