Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b8e867f3-9430-4ec2-8be1-c7406b137e2a.roa
File:                     b8e867f3-9430-4ec2-8be1-c7406b137e2a.roa (raw, json)
Hash identifier:          JNPE/xSLzDLk+YdUajT9Wz/PHWSmltfXKcO8HXT93ls=
Subject key identifier:   03:BB:56:FF:E1:A6:2D:7E:87:BE:08:97:CD:FD:7F:9E:E6:E6:04:D6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       15556E5CC5381DB1BC0413FC96248AB593B59FB2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b8e867f3-9430-4ec2-8be1-c7406b137e2a.roa
Signing time:             Sat 06 Sep 2025 00:32:06 +0000
ROA not before:           Sat 06 Sep 2025 00:32:06 +0000
ROA not after:            Sat 11 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.82.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 08 Sep 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:55:6e:5c:c5:38:1d:b1:bc:04:13:fc:96:24:8a:b5:93:b5:9f:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep  6 00:32:06 2025 GMT
            Not After : Oct 11 23:59:59 2025 GMT
        Subject: serialNumber=f4d185c5c0f631f6da623315d2a2320ff9f685504e36bb66d86c16c6e9645aed, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:be:d2:7c:74:4d:4b:35:39:34:a2:b2:74:c3:
                    7d:5d:c3:37:af:f6:26:61:ae:0a:15:f7:6f:80:4e:
                    c2:9a:94:00:b2:29:6e:58:9b:97:6c:6f:91:b1:df:
                    aa:39:09:c4:dd:6e:a1:1e:fd:5e:35:d6:b4:c5:1e:
                    30:35:2b:03:25:44:57:63:c7:33:93:91:ed:5d:13:
                    6b:84:03:3d:82:ea:5e:89:78:e8:d9:9b:30:82:19:
                    be:dd:4d:2c:c6:60:5a:5a:ab:86:53:77:33:03:53:
                    35:fb:d3:b2:e9:9b:db:b1:1f:55:32:2a:ab:a7:9c:
                    ec:ef:23:e7:80:e2:8e:cc:c9:3d:ea:2c:c3:85:e8:
                    b4:4e:cb:fe:49:5a:2d:32:57:e4:8b:b5:32:22:01:
                    b3:7e:c2:b0:cf:c6:7e:86:f2:02:30:5a:54:fb:37:
                    5f:1b:9f:f7:8b:fe:03:0a:84:ab:76:e3:dc:5c:fb:
                    10:31:0d:b5:64:d0:67:97:1a:2f:8a:a9:87:4f:f2:
                    11:d6:26:3c:8a:f5:aa:30:81:7c:11:53:9b:0f:78:
                    7b:54:00:a0:a6:e5:58:45:e8:76:d9:07:c1:14:02:
                    bb:a0:e9:8b:c8:92:fa:e6:66:73:68:6b:a3:ee:d3:
                    13:1f:4d:dc:71:d0:40:1d:9f:91:bf:51:1c:3c:07:
                    61:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:BB:56:FF:E1:A6:2D:7E:87:BE:08:97:CD:FD:7F:9E:E6:E6:04:D6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b8e867f3-9430-4ec2-8be1-c7406b137e2a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.82.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         2e:8d:78:73:ca:6f:12:3a:67:f1:57:c7:cb:74:b1:50:2b:53:
         d4:35:17:ba:4c:25:80:84:2a:90:f1:63:d2:5b:9c:2a:23:26:
         b6:01:f4:8a:b4:5f:06:67:3c:bd:c9:5e:15:f1:c0:94:ca:36:
         83:02:f7:24:54:6e:93:24:e9:54:b1:20:ac:57:9e:c3:27:ef:
         d0:2f:93:55:e0:18:3f:9f:36:2b:4e:1e:95:33:6d:ce:0a:67:
         cf:2a:19:70:1b:05:37:e2:11:6f:cb:c3:42:80:10:38:fd:fc:
         0c:8b:0b:1c:b4:13:2a:e3:22:9c:34:c7:f3:c6:1a:2c:97:72:
         35:e3:ed:9b:c8:87:01:6d:47:d0:f7:5d:cc:c1:55:f3:2e:7b:
         3d:ab:56:e3:35:ac:a4:d2:65:89:cd:54:be:29:bd:f2:6e:a0:
         71:6f:c5:aa:2b:b0:55:13:77:92:b2:b5:c7:11:e7:23:cb:11:
         94:63:90:0d:d8:51:11:11:26:6c:bd:c8:06:a0:c0:54:42:60:
         cd:fd:aa:a6:3a:a5:ef:7f:0d:82:a9:99:85:7c:03:47:1d:91:
         3f:0f:9e:6e:0c:ce:a6:23:35:fc:b6:00:ee:9c:4a:40:fd:8d:
         8b:44:64:dc:d2:a0:eb:fe:a2:8f:0b:1e:aa:6f:ff:9d:04:46:
         87:0c:6a:e4
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUFVVuXMU4HbG8BBP8liSKtZO1n7IwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTA2MDAzMjA2WhcNMjUxMDExMjM1OTU5
WjB6MUkwRwYDVQQFE0BmNGQxODVjNWMwZjYzMWY2ZGE2MjMzMTVkMmEyMzIwZmY5
ZjY4NTUwNGUzNmJiNjZkODZjMTZjNmU5NjQ1YWVkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDOvtJ8dE1LNTk0orJ0w31dwzev9iZhrgoV92+ATsKalACy
KW5Ym5dsb5Gx36o5CcTdbqEe/V411rTFHjA1KwMlRFdjxzOTke1dE2uEAz2C6l6J
eOjZmzCCGb7dTSzGYFpaq4ZTdzMDUzX707Lpm9uxH1UyKqunnOzvI+eA4o7MyT3q
LMOF6LROy/5JWi0yV+SLtTIiAbN+wrDPxn6G8gIwWlT7N18bn/eL/gMKhKt249xc
+xAxDbVk0GeXGi+KqYdP8hHWJjyK9aowgXwRU5sPeHtUAKCm5VhF6HbZB8EUArug
6YvIkvrmZnNoa6Pu0xMfTdxx0EAdn5G/URw8B2FBAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUA7tW/+GmLX6HvgiXzf1/nubmBNYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I4ZTg2N2YzLTk0MzAtNGVjMi04YmUxLWM3NDA2YjEzN2UyYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4UjANBgkqhkiG9w0BAQsFAAOCAQEALo14c8pvEjpn8VfHy3SxUCtT1DUX
ukwlgIQqkPFj0lucKiMmtgH0irRfBmc8vcleFfHAlMo2gwL3JFRukyTpVLEgrFee
wyfv0C+TVeAYP582K04elTNtzgpnzyoZcBsFN+IRb8vDQoAQOP38DIsLHLQTKuMi
nDTH88YaLJdyNePtm8iHAW1H0PddzMFV8y57PatW4zWspNJlic1Uvim98m6gcW/F
qiuwVRN3krK1xxHnI8sRlGOQDdhREREmbL3IBqDAVEJgzf2qpjql738NgqmZhXwD
Rx2RPw+ebgzOpiM1/LYA7pxKQP2Ni0Rk3NKg6/6ijwseqm//nQRGhwxq5A==
-----END CERTIFICATE-----
Generated at Sat Sep 6 16:44:10 2025 by rpki-client