Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e76ba888-e1ac-48a5-816f-85ff90dc2f98.roa
File:                     e76ba888-e1ac-48a5-816f-85ff90dc2f98.roa (raw, json)
Hash identifier:          i7eo0czZfuArMC/C3s0lD0Qp/8Hiwvelff/zn0p6mv8=
Subject key identifier:   92:3F:77:1C:48:63:D9:6A:2C:3F:F3:AC:68:3B:E4:9C:03:F3:28:D1
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2DACDD3C4C8FF0251C37DB8A8CDB050093C5BCF9
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e76ba888-e1ac-48a5-816f-85ff90dc2f98.roa
Signing time:             Fri 05 Sep 2025 00:01:54 +0000
ROA not before:           Fri 05 Sep 2025 00:01:54 +0000
ROA not after:            Fri 10 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        159.47.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 07 Sep 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:ac:dd:3c:4c:8f:f0:25:1c:37:db:8a:8c:db:05:00:93:c5:bc:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep  5 00:01:54 2025 GMT
            Not After : Oct 10 23:59:59 2025 GMT
        Subject: serialNumber=c705769bb0a6222c544531c3cbf08423fc90c5e07a768a524a4782fcb52dfb79, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:b8:9e:9b:79:21:07:d6:3a:ba:8f:f4:be:56:
                    25:ad:ce:e6:74:b0:14:7f:c3:e5:6c:99:a5:d7:41:
                    ca:d6:67:b5:ce:7c:79:45:ef:83:31:f6:ae:0a:57:
                    0e:5f:2d:f8:47:05:b9:53:dd:a6:58:c0:54:69:e0:
                    c8:1c:b4:fe:fc:2e:a7:a4:9f:2e:94:2d:3f:3f:c4:
                    96:ac:df:00:fd:6f:43:88:b2:0f:da:83:54:95:99:
                    d7:9a:25:ea:0b:ad:60:fe:72:19:c9:8a:1c:01:d4:
                    3b:f6:bf:05:eb:99:d5:e6:ee:a3:0b:dd:08:15:37:
                    5f:ba:cd:1d:7b:38:50:86:db:7f:d7:2a:47:aa:d0:
                    51:1f:e6:43:c3:01:28:40:1d:f1:4b:66:72:2b:3c:
                    29:00:19:63:d0:6f:66:b2:eb:64:f7:94:20:05:bf:
                    4e:6f:c8:16:30:eb:cf:50:d6:9f:a4:7a:df:f7:6e:
                    45:2a:f0:b8:5b:97:d5:37:bb:9f:03:94:af:2b:71:
                    1d:ae:06:21:dc:39:61:31:c2:38:72:04:25:73:4c:
                    31:50:54:fb:48:5e:28:a9:38:da:57:19:61:eb:f0:
                    16:7d:5f:91:68:3d:35:b7:5a:9f:bd:b4:63:73:86:
                    94:2e:a0:26:ce:ca:4e:1d:56:45:e4:93:22:c5:26:
                    4b:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:3F:77:1C:48:63:D9:6A:2C:3F:F3:AC:68:3B:E4:9C:03:F3:28:D1
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e76ba888-e1ac-48a5-816f-85ff90dc2f98.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  159.47.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         01:3c:2b:ef:74:98:cb:82:36:dc:13:c1:25:87:fb:41:6f:3f:
         af:a1:2c:d5:d6:3f:fc:68:58:e7:a0:83:02:f1:18:db:f4:80:
         5f:8f:8d:8b:4a:5f:bf:d1:c4:7d:5c:40:81:a9:d9:5d:76:2e:
         9c:22:47:8c:c6:c2:ed:46:00:2d:eb:fa:28:8e:13:80:a3:b0:
         f1:36:68:c1:b9:c5:1d:e7:14:ae:74:03:2e:cd:2c:52:de:86:
         f7:1d:21:dd:2b:c2:93:48:a6:8f:ce:ef:f7:ac:df:ad:b2:ca:
         eb:8a:f4:79:4f:b9:6d:2b:43:b0:be:81:e3:01:13:97:94:43:
         d7:51:5a:cc:6c:41:15:9f:e2:d6:d6:29:88:5e:61:b1:5e:3b:
         e9:cc:80:16:e0:97:31:c6:f7:9d:fa:41:39:93:0d:ab:79:3e:
         20:a5:a8:a5:fb:f1:64:99:e6:0c:dd:28:e6:34:1b:df:43:5a:
         54:82:11:3a:43:8a:48:f0:d2:e7:45:ff:12:25:ab:05:1b:b9:
         be:75:b9:65:37:0e:1a:ff:96:58:eb:5f:fc:d6:21:ca:28:ec:
         c3:51:32:52:a0:db:a2:47:94:7d:18:1e:0e:40:db:cd:aa:8e:
         97:6c:e4:32:89:9c:ab:02:79:a3:9b:df:ff:d2:84:e0:dc:1e:
         75:5a:17:5e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIULazdPEyP8CUcN9uKjNsFAJPFvPkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTA1MDAwMTU0WhcNMjUxMDEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BjNzA1NzY5YmIwYTYyMjJjNTQ0NTMxYzNjYmYwODQyM2Zj
OTBjNWUwN2E3NjhhNTI0YTQ3ODJmY2I1MmRmYjc5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDWuJ6beSEH1jq6j/S+ViWtzuZ0sBR/w+VsmaXXQcrWZ7XO
fHlF74Mx9q4KVw5fLfhHBblT3aZYwFRp4MgctP78Lqekny6ULT8/xJas3wD9b0OI
sg/ag1SVmdeaJeoLrWD+chnJihwB1Dv2vwXrmdXm7qML3QgVN1+6zR17OFCG23/X
Kkeq0FEf5kPDAShAHfFLZnIrPCkAGWPQb2ay62T3lCAFv05vyBYw689Q1p+ket/3
bkUq8Lhbl9U3u58DlK8rcR2uBiHcOWExwjhyBCVzTDFQVPtIXiipONpXGWHr8BZ9
X5FoPTW3Wp+9tGNzhpQuoCbOyk4dVkXkkyLFJktnAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUkj93HEhj2WosP/OsaDvknAPzKNEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U3NmJhODg4LWUxYWMtNDhhNS04MTZmLTg1ZmY5MGRjMmY5OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCfLzANBgkqhkiG9w0BAQsFAAOCAQEAATwr73SYy4I23BPBJYf7QW8/r6Es
1dY//GhY56CDAvEY2/SAX4+Ni0pfv9HEfVxAganZXXYunCJHjMbC7UYALev6KI4T
gKOw8TZowbnFHecUrnQDLs0sUt6G9x0h3SvCk0imj87v96zfrbLK64r0eU+5bStD
sL6B4wETl5RD11FazGxBFZ/i1tYpiF5hsV476cyAFuCXMcb3nfpBOZMNq3k+IKWo
pfvxZJnmDN0o5jQb30NaVIIROkOKSPDS50X/EiWrBRu5vnW5ZTcOGv+WWOtf/NYh
yijsw1EyUqDbokeUfRgeDkDbzaqOl2zkMomcqwJ5o5vf/9KE4NwedVoXXg==
-----END CERTIFICATE-----
Generated at Sat Sep 6 14:12:07 2025 by rpki-client