Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/da29a997-0e47-4721-ba0c-ccfed50a5876.roa
File:                     da29a997-0e47-4721-ba0c-ccfed50a5876.roa (raw, json)
Hash identifier:          d5DkHAuAWzuCWIpBEAr5i0jh8YIoIYXrbwGD8yW+Sl0=
Subject key identifier:   F3:DF:5D:14:BA:06:F7:22:43:63:5E:22:2D:22:B2:0A:29:6E:C0:1B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4B28C4D81787B3D72B02592991B181A4F39539FC
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/da29a997-0e47-4721-ba0c-ccfed50a5876.roa
Signing time:             Mon 16 Jun 2025 15:42:31 +0000
ROA not before:           Mon 16 Jun 2025 15:42:31 +0000
ROA not after:            Mon 21 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        74.233.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 04 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:28:c4:d8:17:87:b3:d7:2b:02:59:29:91:b1:81:a4:f3:95:39:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 16 15:42:31 2025 GMT
            Not After : Jul 21 23:59:59 2025 GMT
        Subject: serialNumber=d3ff24ec218a81b807ce623dba7f086637afe942a009afa6213111aaf8e191da, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:34:1e:7d:88:14:c7:82:cc:76:7d:be:c2:e2:
                    a9:cb:dd:41:12:a7:1f:3b:9b:7e:fe:49:5b:a9:55:
                    85:a5:b8:79:74:2f:d0:f8:5b:27:47:a5:c6:26:2f:
                    0e:29:48:7b:e4:a0:16:30:68:e6:4c:72:0f:e1:cc:
                    68:07:f4:71:e2:77:0b:0a:1f:97:d3:66:78:c7:23:
                    b3:bb:0b:66:c3:b6:59:04:40:b1:90:b0:f5:f3:61:
                    d8:10:8e:09:a5:f6:67:4d:91:ac:bd:a4:d0:da:1a:
                    f7:57:7a:54:b2:85:f2:9a:ec:b7:ab:92:a1:9e:e8:
                    41:e1:b1:3a:4b:13:e5:68:3d:c5:fc:0b:e5:ec:97:
                    2a:13:9f:d0:f7:35:35:9e:f9:e2:26:8f:29:77:f3:
                    dd:97:b9:d7:4f:19:95:96:ea:95:83:29:48:04:fb:
                    05:b5:2d:3a:02:35:9a:5e:77:eb:9a:9c:3b:0f:6f:
                    19:f2:01:58:8e:9e:c5:51:37:1d:44:57:8d:ff:bf:
                    67:5c:98:92:cb:51:6e:c6:42:34:1c:97:d6:f6:2b:
                    88:f0:93:95:bb:66:8e:8d:a6:de:3e:db:8e:7b:26:
                    ab:51:24:21:c8:91:8b:a8:d8:d8:a4:8c:a7:1f:0e:
                    97:47:b0:4b:ee:53:80:8d:ac:d3:7d:c2:2a:4a:8c:
                    a2:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:DF:5D:14:BA:06:F7:22:43:63:5E:22:2D:22:B2:0A:29:6E:C0:1B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/da29a997-0e47-4721-ba0c-ccfed50a5876.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  74.233.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         92:ef:8d:a4:f0:98:45:27:8c:73:52:ea:2e:69:1b:6b:93:22:
         e3:95:ba:1f:14:2d:aa:e7:be:1a:db:a9:7b:f5:d7:9b:9d:0a:
         57:f2:18:07:9d:87:7c:ec:05:c4:47:86:fb:11:4a:c0:57:3f:
         41:db:cb:d2:da:4c:13:2f:3e:df:1b:65:42:da:0c:07:c6:47:
         b3:65:c6:65:32:79:f1:e1:0b:9b:fd:da:72:ea:2e:42:c6:8a:
         a6:10:ab:9f:63:3e:a5:67:1a:3d:e7:5f:4e:f5:ab:14:4f:1f:
         a8:51:2f:5a:96:ab:46:5e:56:0e:c5:89:47:f0:e1:33:76:f1:
         d1:11:e3:33:d4:dd:48:d6:19:e8:de:1e:22:1f:a1:a9:26:b7:
         30:4d:50:81:79:57:2b:b8:0d:40:e5:59:41:9f:c2:95:af:11:
         e4:c1:ec:a6:f5:49:af:11:53:62:1d:8e:34:fe:c1:30:4a:50:
         c6:42:2a:d1:01:b6:17:76:a4:4a:7d:f5:6b:fe:14:2f:72:61:
         0d:aa:9b:2b:0c:9d:db:09:76:fd:62:dc:37:4f:d6:6f:6b:45:
         f7:e6:f9:41:12:42:39:90:99:ff:d6:6f:03:85:76:b1:c8:e9:
         e1:ae:0b:99:29:91:06:de:74:49:3b:56:57:68:8d:f2:33:9a:
         41:f2:af:d0
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUSyjE2BeHs9crAlkpkbGBpPOVOfwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjE2MTU0MjMxWhcNMjUwNzIxMjM1OTU5
WjB6MUkwRwYDVQQFE0BkM2ZmMjRlYzIxOGE4MWI4MDdjZTYyM2RiYTdmMDg2NjM3
YWZlOTQyYTAwOWFmYTYyMTMxMTFhYWY4ZTE5MWRhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDsNB59iBTHgsx2fb7C4qnL3UESpx87m37+SVupVYWluHl0
L9D4WydHpcYmLw4pSHvkoBYwaOZMcg/hzGgH9HHidwsKH5fTZnjHI7O7C2bDtlkE
QLGQsPXzYdgQjgml9mdNkay9pNDaGvdXelSyhfKa7LerkqGe6EHhsTpLE+VoPcX8
C+XslyoTn9D3NTWe+eImjyl3892XuddPGZWW6pWDKUgE+wW1LToCNZped+uanDsP
bxnyAViOnsVRNx1EV43/v2dcmJLLUW7GQjQcl9b2K4jwk5W7Zo6Npt4+2457JqtR
JCHIkYuo2NikjKcfDpdHsEvuU4CNrNN9wipKjKL/AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU899dFLoG9yJDY14iLSKyCiluwBswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2RhMjlhOTk3LTBlNDctNDcyMS1iYTBjLWNjZmVkNTBhNTg3Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBK6TANBgkqhkiG9w0BAQsFAAOCAQEAku+NpPCYRSeMc1LqLmkba5Mi45W6
HxQtque+Gtupe/XXm50KV/IYB52HfOwFxEeG+xFKwFc/QdvL0tpMEy8+3xtlQtoM
B8ZHs2XGZTJ58eELm/3acuouQsaKphCrn2M+pWcaPedfTvWrFE8fqFEvWparRl5W
DsWJR/DhM3bx0RHjM9TdSNYZ6N4eIh+hqSa3ME1QgXlXK7gNQOVZQZ/Cla8R5MHs
pvVJrxFTYh2ONP7BMEpQxkIq0QG2F3akSn31a/4UL3JhDaqbKwyd2wl2/WLcN0/W
b2tF9+b5QRJCOZCZ/9ZvA4V2scjp4a4LmSmRBt50STtWV2iN8jOaQfKv0A==
-----END CERTIFICATE-----
Generated at Wed Jul 2 15:21:17 2025 by rpki-client