Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e4274e13-b3eb-47ca-8f50-e130d402b187.roa
File:                     e4274e13-b3eb-47ca-8f50-e130d402b187.roa (raw, json)
Hash identifier:          DvxS8r4sp75kdCFDaGQMUbG+cqxARFaOzXM45fSxgyQ=
Subject key identifier:   BE:93:BA:83:8F:EE:83:B2:D9:1C:C6:59:48:44:FC:5E:4F:29:00:C6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       285DD1BA35E654FE471A851BCD05B2A2F3F95925
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e4274e13-b3eb-47ca-8f50-e130d402b187.roa
Signing time:             Mon 23 Jun 2025 15:30:22 +0000
ROA not before:           Mon 23 Jun 2025 15:30:22 +0000
ROA not after:            Mon 28 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.167.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 03 Jul 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:5d:d1:ba:35:e6:54:fe:47:1a:85:1b:cd:05:b2:a2:f3:f9:59:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 23 15:30:22 2025 GMT
            Not After : Jul 28 23:59:59 2025 GMT
        Subject: serialNumber=91993e655058415559533ac39845618b96242a7fe9b951da1b18140c05d89b4f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:15:e1:93:04:9b:d9:68:5f:96:11:95:ce:fa:
                    a1:4f:3d:01:90:3d:f8:81:d8:76:9f:68:6e:50:ec:
                    8c:04:50:b4:3e:6f:b3:0a:31:6d:da:1e:21:01:f3:
                    61:51:02:48:3c:05:56:65:72:5c:0f:4a:25:1d:9d:
                    e7:92:ff:a2:dd:b0:1a:24:65:50:60:85:cf:97:8c:
                    43:74:a7:84:6e:24:4b:bf:8e:d9:bd:80:2e:1f:33:
                    5e:37:44:35:12:b4:ff:9c:71:1b:99:fe:a3:6c:84:
                    87:f0:a1:5d:af:f5:f6:44:f8:71:68:18:cb:00:8d:
                    df:ff:0e:6a:30:ac:0b:a4:dc:51:13:9f:95:b1:74:
                    ff:2c:3c:86:6e:87:b8:41:dd:b5:47:51:f6:92:8b:
                    84:65:f2:56:83:04:c8:62:a1:20:db:52:d4:ce:0f:
                    4b:7a:a5:e2:43:69:10:90:14:85:a9:aa:d9:11:37:
                    71:da:59:14:a0:e2:68:56:3e:88:c2:75:0b:31:54:
                    c0:53:3d:de:b8:0c:22:dc:26:8e:12:5a:de:c4:4c:
                    6c:92:36:ec:54:c6:77:3a:78:df:d2:cb:77:fb:39:
                    05:dc:83:82:79:a0:48:15:26:63:bc:e0:c5:28:32:
                    0a:e9:ae:a1:7f:8d:37:56:06:dd:0c:0b:3b:80:de:
                    fb:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:93:BA:83:8F:EE:83:B2:D9:1C:C6:59:48:44:FC:5E:4F:29:00:C6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e4274e13-b3eb-47ca-8f50-e130d402b187.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.167.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         8f:ba:63:c4:19:3c:2a:8a:48:43:2b:d4:e5:d0:b7:27:94:61:
         00:c5:74:8b:51:9b:0a:ad:22:49:3e:1e:56:da:56:4a:0b:d5:
         2d:84:96:e1:45:53:0a:1e:02:4d:c4:c5:b4:9d:6c:3d:53:9f:
         5b:e5:4f:36:da:41:28:db:78:50:70:91:56:0d:04:fe:aa:4d:
         b8:c8:b1:ad:90:c7:c2:22:03:84:b6:86:0d:6d:7d:fd:25:6f:
         06:93:ed:87:b7:a3:48:51:6b:27:79:97:1c:fb:b1:fa:ec:63:
         de:07:b7:05:22:d6:ea:bf:05:b9:4b:61:2a:a9:ba:b2:d8:38:
         50:ed:77:4a:8d:09:61:62:8f:52:72:30:2c:e0:c4:d4:0f:af:
         ae:24:a6:a3:27:a4:2f:17:ea:30:67:fb:77:84:80:3f:e0:ba:
         61:71:11:bd:32:e0:2a:1c:8f:bd:7d:31:11:8e:c3:d9:9b:31:
         91:1a:be:a2:2f:18:ad:87:4b:b4:8f:0e:13:46:82:4d:35:92:
         60:5b:6b:63:96:c5:ba:b1:f2:bf:f4:02:85:3c:d7:b6:da:dd:
         2a:af:e5:0f:94:43:ff:b9:95:f4:bb:ee:5a:7c:4b:9c:31:5e:
         aa:89:d5:c6:27:ca:e7:f7:31:ef:40:c8:1f:bf:71:75:12:4b:
         b4:af:38:21
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUKF3RujXmVP5HGoUbzQWyovP5WSUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjIzMTUzMDIyWhcNMjUwNzI4MjM1OTU5
WjB6MUkwRwYDVQQFE0A5MTk5M2U2NTUwNTg0MTU1NTk1MzNhYzM5ODQ1NjE4Yjk2
MjQyYTdmZTliOTUxZGExYjE4MTQwYzA1ZDg5YjRmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCbFeGTBJvZaF+WEZXO+qFPPQGQPfiB2HafaG5Q7IwEULQ+
b7MKMW3aHiEB82FRAkg8BVZlclwPSiUdneeS/6LdsBokZVBghc+XjEN0p4RuJEu/
jtm9gC4fM143RDUStP+ccRuZ/qNshIfwoV2v9fZE+HFoGMsAjd//DmowrAuk3FET
n5WxdP8sPIZuh7hB3bVHUfaSi4Rl8laDBMhioSDbUtTOD0t6peJDaRCQFIWpqtkR
N3HaWRSg4mhWPojCdQsxVMBTPd64DCLcJo4SWt7ETGySNuxUxnc6eN/Sy3f7OQXc
g4J5oEgVJmO84MUoMgrprqF/jTdWBt0MCzuA3vtPAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUvpO6g4/ug7LZHMZZSET8Xk8pAMYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U0Mjc0ZTEzLWIzZWItNDdjYS04ZjUwLWUxMzBkNDAyYjE4Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4pzANBgkqhkiG9w0BAQsFAAOCAQEAj7pjxBk8KopIQyvU5dC3J5RhAMV0
i1GbCq0iST4eVtpWSgvVLYSW4UVTCh4CTcTFtJ1sPVOfW+VPNtpBKNt4UHCRVg0E
/qpNuMixrZDHwiIDhLaGDW19/SVvBpPth7ejSFFrJ3mXHPux+uxj3ge3BSLW6r8F
uUthKqm6stg4UO13So0JYWKPUnIwLODE1A+vriSmoyekLxfqMGf7d4SAP+C6YXER
vTLgKhyPvX0xEY7D2ZsxkRq+oi8YrYdLtI8OE0aCTTWSYFtrY5bFurHyv/QChTzX
ttrdKq/lD5RD/7mV9LvuWnxLnDFeqonVxifK5/cx70DIH79xdRJLtK84IQ==
-----END CERTIFICATE-----
Generated at Wed Jul 2 01:26:27 2025 by rpki-client