Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98aa5ac4-1895-4aa6-9175-1ee3bda2890d.roa
File:                     98aa5ac4-1895-4aa6-9175-1ee3bda2890d.roa (raw, json)
Hash identifier:          co2qbZevNRi2RkziFVwBkWaDT8B9TCZbE5Q180+7pzM=
Subject key identifier:   76:32:E1:C6:C0:CC:5C:15:5F:F7:D3:1D:3E:7B:C9:13:94:CB:86:E8
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3C1C236B7E0307196B4297241F7882ACD97087F9
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98aa5ac4-1895-4aa6-9175-1ee3bda2890d.roa
Signing time:             Fri 30 May 2025 00:30:22 +0000
ROA not before:           Fri 30 May 2025 00:30:22 +0000
ROA not after:            Fri 04 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        64.252.116.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:1c:23:6b:7e:03:07:19:6b:42:97:24:1f:78:82:ac:d9:70:87:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 30 00:30:22 2025 GMT
            Not After : Jul  4 23:59:59 2025 GMT
        Subject: serialNumber=8238e73c4b7ddfbf6691ab10375e95968e0ee98fee2633f6cb52af80d2e32f69, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:ed:a1:f2:f7:14:d8:48:bb:2a:19:41:7c:51:
                    7b:19:a2:7d:9b:5d:8a:bd:19:c8:b7:c7:67:0d:a5:
                    6b:f2:d0:53:82:ce:b0:f5:ce:e6:cf:7a:d0:c7:a5:
                    38:78:9e:32:9d:de:89:a8:a4:c6:f5:41:75:f3:36:
                    b1:ed:27:86:48:a5:ed:9b:16:79:13:54:b0:f2:b1:
                    14:81:30:3b:ff:7e:41:36:51:96:ea:1c:14:22:f5:
                    3c:c8:94:74:35:f3:1e:07:6d:c1:0f:49:30:e5:a2:
                    09:18:73:db:d6:27:02:7a:c1:09:32:8d:15:59:65:
                    cc:e7:c6:9e:f6:bf:fb:af:a1:01:90:48:99:9d:35:
                    c0:fc:8b:ab:a1:26:34:98:27:63:9f:68:72:d2:7a:
                    82:25:d8:7a:b6:f8:94:a7:1f:c4:86:d1:26:34:b4:
                    3f:81:b0:dc:74:b8:7e:04:9b:5b:35:34:b1:f9:fd:
                    48:c7:9b:61:ad:b6:33:fd:84:6e:c0:3f:30:7d:48:
                    cc:5a:88:53:8a:15:c5:d7:95:b9:a7:40:c0:fb:31:
                    d4:6e:38:31:f2:4e:06:d7:33:15:71:4b:7e:ad:d6:
                    06:8c:a8:f8:94:ba:6b:60:86:f9:9d:35:2d:52:cb:
                    0b:f5:f9:25:fb:51:86:2d:70:06:95:3e:f9:f9:30:
                    5a:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:32:E1:C6:C0:CC:5C:15:5F:F7:D3:1D:3E:7B:C9:13:94:CB:86:E8
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98aa5ac4-1895-4aa6-9175-1ee3bda2890d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.252.116.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:cb:2b:a4:8b:fe:48:02:e1:95:25:86:58:5c:53:36:42:84:
         e9:d9:a4:b6:83:ee:41:8a:ef:f1:1c:c2:0b:5a:d8:aa:de:87:
         2e:0c:15:ed:cc:3a:8f:e2:fb:b5:99:71:16:fd:88:ff:06:c8:
         5e:6e:11:03:b3:d2:32:1a:88:e8:6d:53:62:52:1a:90:a8:f4:
         ac:51:9a:2f:88:37:99:2a:d5:dd:86:56:19:6b:f2:89:10:7f:
         e6:ac:31:d2:f6:c6:27:da:4c:4e:5b:c4:df:d7:88:bd:c4:03:
         e5:d3:54:4c:11:4e:e6:90:22:31:04:98:cb:b7:3e:be:d4:bc:
         f4:b0:f9:f3:2a:bf:ab:3b:0c:f4:77:a6:ff:e9:b0:d7:84:e8:
         44:5d:96:9a:d9:70:fd:c1:da:e9:8c:32:8c:5f:16:26:48:1f:
         7a:da:cb:07:54:63:20:b4:13:4a:0c:3b:c7:f8:09:79:3b:09:
         b0:a8:3c:da:2e:b1:74:40:6b:e6:e8:03:a3:46:ed:87:b6:17:
         99:58:b8:30:81:e5:23:c2:90:e6:53:dd:f9:70:71:60:8c:c4:
         0c:5b:27:ec:49:76:0e:c7:e9:fc:fa:a2:fd:da:92:04:ef:eb:
         27:ab:f5:d2:ac:30:f4:c7:63:56:2f:22:db:be:d5:62:34:80:
         eb:1c:20:8a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUPBwja34DBxlrQpckH3iCrNlwh/kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTMwMDAzMDIyWhcNMjUwNzA0MjM1OTU5
WjB6MUkwRwYDVQQFE0A4MjM4ZTczYzRiN2RkZmJmNjY5MWFiMTAzNzVlOTU5Njhl
MGVlOThmZWUyNjMzZjZjYjUyYWY4MGQyZTMyZjY5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD17aHy9xTYSLsqGUF8UXsZon2bXYq9Gci3x2cNpWvy0FOC
zrD1zubPetDHpTh4njKd3omopMb1QXXzNrHtJ4ZIpe2bFnkTVLDysRSBMDv/fkE2
UZbqHBQi9TzIlHQ18x4HbcEPSTDlogkYc9vWJwJ6wQkyjRVZZcznxp72v/uvoQGQ
SJmdNcD8i6uhJjSYJ2OfaHLSeoIl2Hq2+JSnH8SG0SY0tD+BsNx0uH4Em1s1NLH5
/UjHm2GttjP9hG7APzB9SMxaiFOKFcXXlbmnQMD7MdRuODHyTgbXMxVxS36t1gaM
qPiUumtghvmdNS1Sywv1+SX7UYYtcAaVPvn5MFoPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUdjLhxsDMXBVf99MdPnvJE5TLhugwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk4YWE1YWM0LTE4OTUtNGFhNi05MTc1LTFlZTNiZGEyODkwZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABA/HQwDQYJKoZIhvcNAQELBQADggEBAATLK6SL/kgC4ZUlhlhcUzZChOnZ
pLaD7kGK7/Ecwgta2Krehy4MFe3MOo/i+7WZcRb9iP8GyF5uEQOz0jIaiOhtU2JS
GpCo9KxRmi+IN5kq1d2GVhlr8okQf+asMdL2xifaTE5bxN/XiL3EA+XTVEwRTuaQ
IjEEmMu3Pr7UvPSw+fMqv6s7DPR3pv/psNeE6ERdlprZcP3B2umMMoxfFiZIH3ra
ywdUYyC0E0oMO8f4CXk7CbCoPNousXRAa+boA6NG7Ye2F5lYuDCB5SPCkOZT3flw
cWCMxAxbJ+xJdg7H6fz6ov3akgTv6yer9dKsMPTHY1YvItu+1WI0gOscIIo=
-----END CERTIFICATE-----
Generated at Sun Jun 1 05:21:30 2025 by rpki-client