Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ed432fea-e545-4d6d-beae-21ab78adea7b.roa
File:                     ed432fea-e545-4d6d-beae-21ab78adea7b.roa (raw, json)
Hash identifier:          N//8dv/ZNlCTZaQF41paYNuw6V3eSpUjsqDwSlpM5KY=
Subject key identifier:   92:59:9C:04:F5:41:1E:A9:AA:33:6E:CA:C6:DE:C7:24:A7:58:B2:4A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0BEE71A129033BA276B27D794FB14D43B1FEFE72
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ed432fea-e545-4d6d-beae-21ab78adea7b.roa
Signing time:             Tue 24 Jun 2025 00:01:45 +0000
ROA not before:           Tue 24 Jun 2025 00:01:45 +0000
ROA not after:            Tue 29 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        173.246.160.0/19 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 08 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:ee:71:a1:29:03:3b:a2:76:b2:7d:79:4f:b1:4d:43:b1:fe:fe:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 24 00:01:45 2025 GMT
            Not After : Jul 29 23:59:59 2025 GMT
        Subject: serialNumber=bb42aba0b2ff4a6b9a3d75a8dc2730b55ef8bbf396a46de8f9cf3541a130b0f6, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:d2:44:4e:db:dc:1a:1e:29:b3:cb:0a:99:c4:
                    e7:3e:e7:85:ba:6c:7c:59:06:70:b5:81:db:2f:0a:
                    80:b7:68:e4:20:b7:d4:4f:bf:53:27:ad:a5:73:3f:
                    33:9f:b7:1b:5f:08:29:de:b8:21:65:5d:30:ae:ce:
                    70:1a:e0:f5:7f:8a:b9:38:c2:7e:3d:28:99:50:3a:
                    2a:7a:e3:2b:b8:b0:db:5d:0f:9c:72:24:e7:ef:e9:
                    41:2f:74:40:97:ad:af:6a:bc:90:b9:82:7d:cc:7b:
                    64:25:e5:78:e7:26:f8:ba:bc:a5:8e:12:17:08:2d:
                    32:07:02:cf:d2:4d:ae:e2:d8:c1:d3:3c:bd:44:ec:
                    d2:88:48:8c:42:9e:6e:c0:17:37:b4:2e:e8:82:d2:
                    25:0f:6b:80:bc:dc:a4:16:55:63:23:06:e3:64:a2:
                    95:d0:3d:27:75:bf:e7:f0:f4:13:a3:a1:51:7a:40:
                    45:4c:83:c2:44:6a:15:df:71:f4:9b:37:01:80:b0:
                    bc:09:4a:69:32:31:3a:20:d4:b4:9c:e6:f8:27:d5:
                    d4:41:e0:be:9f:c6:aa:8d:7d:f5:f4:4d:b1:33:c8:
                    0f:e5:a1:6d:f5:88:33:06:6c:62:97:e6:f7:87:0d:
                    5e:63:3a:c7:40:5e:d1:f5:a3:c6:2a:78:5b:71:15:
                    69:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:59:9C:04:F5:41:1E:A9:AA:33:6E:CA:C6:DE:C7:24:A7:58:B2:4A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ed432fea-e545-4d6d-beae-21ab78adea7b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  173.246.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         be:69:f9:b1:dd:f6:7e:c6:68:dd:cd:29:1b:64:52:d2:70:59:
         ed:1a:81:dd:a0:20:d5:59:a5:78:cd:ea:ad:fb:7b:53:57:11:
         87:97:f3:af:5c:4f:1b:16:3a:ef:e8:b7:89:5e:cc:93:54:78:
         96:a7:b2:94:81:df:33:b2:22:15:4f:11:59:7f:7b:bc:2b:53:
         df:10:1b:79:45:e0:35:9a:78:35:35:27:f5:97:ff:45:c6:15:
         ee:06:f8:3d:07:f2:09:94:da:e0:31:f3:81:ec:e2:3f:97:87:
         b9:80:ce:d8:d6:af:b1:0d:72:76:cb:68:e0:b8:c3:39:44:a2:
         72:8b:55:03:fc:03:27:a8:db:96:0b:c7:8a:aa:78:1c:b9:47:
         20:d6:a7:46:99:9c:db:db:92:78:8c:0b:5c:fc:94:06:ad:f3:
         16:c4:53:6f:9c:8e:12:44:ed:be:28:7e:0c:04:78:14:1a:08:
         d6:bd:67:20:b8:db:78:c7:f4:10:76:e7:ca:7b:6e:69:c6:b9:
         4e:5e:3f:90:13:ce:35:01:d5:75:2a:3c:20:63:cd:98:19:b7:
         68:1b:5b:99:c9:77:54:3f:b4:ee:7c:13:21:06:41:62:1c:f8:
         80:9f:2c:7d:6a:3c:1a:2e:80:80:6f:e5:31:ec:92:82:1f:fc:
         bf:e7:5f:ec
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUC+5xoSkDO6J2sn15T7FNQ7H+/nIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjI0MDAwMTQ1WhcNMjUwNzI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BiYjQyYWJhMGIyZmY0YTZiOWEzZDc1YThkYzI3MzBiNTVl
ZjhiYmYzOTZhNDZkZThmOWNmMzU0MWExMzBiMGY2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC90kRO29waHimzywqZxOc+54W6bHxZBnC1gdsvCoC3aOQg
t9RPv1MnraVzPzOftxtfCCneuCFlXTCuznAa4PV/irk4wn49KJlQOip64yu4sNtd
D5xyJOfv6UEvdECXra9qvJC5gn3Me2Ql5XjnJvi6vKWOEhcILTIHAs/STa7i2MHT
PL1E7NKISIxCnm7AFze0LuiC0iUPa4C83KQWVWMjBuNkopXQPSd1v+fw9BOjoVF6
QEVMg8JEahXfcfSbNwGAsLwJSmkyMTog1LSc5vgn1dRB4L6fxqqNffX0TbEzyA/l
oW31iDMGbGKX5veHDV5jOsdAXtH1o8YqeFtxFWnXAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUklmcBPVBHqmqM27Kxt7HJKdYskowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2VkNDMyZmVhLWU1NDUtNGQ2ZC1iZWFlLTIxYWI3OGFkZWE3Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAWt9qAwDQYJKoZIhvcNAQELBQADggEBAL5p+bHd9n7GaN3NKRtkUtJwWe0a
gd2gINVZpXjN6q37e1NXEYeX869cTxsWOu/ot4lezJNUeJanspSB3zOyIhVPEVl/
e7wrU98QG3lF4DWaeDU1J/WX/0XGFe4G+D0H8gmU2uAx84Hs4j+Xh7mAztjWr7EN
cnbLaOC4wzlEonKLVQP8Ayeo25YLx4qqeBy5RyDWp0aZnNvbkniMC1z8lAat8xbE
U2+cjhJE7b4ofgwEeBQaCNa9ZyC423jH9BB258p7bmnGuU5eP5ATzjUB1XUqPCBj
zZgZt2gbW5nJd1Q/tO58EyEGQWIc+ICfLH1qPBougIBv5THskoIf/L/nX+w=
-----END CERTIFICATE-----
Generated at Sun Jul 6 23:44:28 2025 by rpki-client