Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/11aab549-ced0-4ada-9748-9d58cb0c1eb7.roa
File:                     11aab549-ced0-4ada-9748-9d58cb0c1eb7.roa (raw, json)
Hash identifier:          hShZjf3XAtjGzrHJuqeRDwvkNoY0xjUnAE8qhmWSRrM=
Subject key identifier:   77:DC:EF:B1:FC:84:FB:E8:72:A9:CB:30:AD:44:6E:5E:BB:6E:A7:BC
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4196B94EA53D9B8A2089D7A962E694312B6A6E6F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/11aab549-ced0-4ada-9748-9d58cb0c1eb7.roa
Signing time:             Fri 27 Jun 2025 00:10:27 +0000
ROA not before:           Fri 27 Jun 2025 00:10:27 +0000
ROA not after:            Fri 01 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.146.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 02 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:96:b9:4e:a5:3d:9b:8a:20:89:d7:a9:62:e6:94:31:2b:6a:6e:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 27 00:10:27 2025 GMT
            Not After : Aug  1 23:59:59 2025 GMT
        Subject: serialNumber=7c53d8ecf4cdeae4fff594fb60ac80e994a70e9888da3a96f294d0b7bb7b1002, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:0f:66:d5:cf:7e:5f:8f:cc:29:ee:05:ba:81:
                    89:02:59:6c:c6:23:8d:b6:cf:e0:dc:4b:ab:cb:49:
                    e6:69:80:1b:1f:51:be:4f:17:31:30:95:20:76:cb:
                    ea:46:f4:02:cc:e8:60:c7:d6:79:6c:85:dc:72:a5:
                    b3:e8:99:f2:c5:df:71:c0:9b:e6:37:ab:9f:6d:94:
                    5b:f9:5d:f4:0b:d1:ec:b6:fc:f4:85:d0:28:e0:7e:
                    ed:7a:9a:c2:0a:6b:20:7a:9d:8e:f3:d9:e3:00:da:
                    d9:a4:05:66:74:0f:c3:d4:61:0e:df:48:e8:91:8d:
                    32:ec:67:fa:d1:1a:33:a4:7b:b1:86:50:9b:72:d4:
                    d5:2a:dc:14:2f:7d:aa:59:01:ac:34:6e:08:8b:96:
                    ab:a7:3c:46:c4:2c:ab:8e:be:3b:b2:80:e4:e9:bc:
                    56:d2:dc:a3:ec:d6:2c:44:3a:2a:fe:32:01:05:86:
                    f1:2a:9a:a9:31:5b:78:aa:2e:c9:22:42:f8:98:34:
                    e1:b4:a1:b6:da:8a:e7:7b:9e:d5:64:01:87:14:93:
                    b1:30:87:50:0a:c4:c1:b5:d0:6d:fd:b0:fd:8b:f8:
                    92:45:0b:5e:7f:77:65:d0:34:34:2c:c2:27:3c:61:
                    fb:f6:58:bb:a0:a2:19:41:7e:b2:99:e4:42:6a:28:
                    99:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:DC:EF:B1:FC:84:FB:E8:72:A9:CB:30:AD:44:6E:5E:BB:6E:A7:BC
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/11aab549-ced0-4ada-9748-9d58cb0c1eb7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.146.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         d0:f0:ea:39:53:20:32:9d:72:d6:e5:89:85:2b:a2:8d:1e:e8:
         26:71:e1:a1:19:23:87:5a:35:72:00:20:b1:20:ac:1b:3c:3b:
         22:e5:d3:d9:9f:40:72:d4:c4:5a:c6:ef:eb:e0:e7:e4:b3:96:
         dd:ff:19:c0:c9:ae:3b:74:a1:52:0b:c9:65:71:e4:e1:cd:e6:
         bd:e5:a5:4f:4d:da:ad:83:0c:25:b9:e2:d4:59:0e:2f:db:e8:
         68:f3:05:02:10:3b:9a:1c:24:90:d8:5a:38:59:21:03:7f:a6:
         31:be:b6:26:ef:09:dd:02:b0:b4:25:67:2e:16:16:bf:a6:2a:
         9a:c4:27:c7:51:9f:ef:a9:69:ce:34:32:b6:a3:5f:5f:b3:91:
         c0:de:73:00:6f:e0:a3:3b:80:67:45:56:77:d6:d5:ee:e3:80:
         9b:92:92:1e:2d:ee:03:2f:57:27:7b:00:3d:d7:fb:b6:04:77:
         5f:c0:8f:b9:32:76:3c:b2:56:fe:53:f3:98:7d:22:87:07:7b:
         2a:a5:d4:74:70:3d:29:a9:eb:02:46:5a:f1:a6:2f:95:c9:7e:
         db:4e:5d:63:6b:2f:ce:23:bf:9c:b9:a3:95:bf:84:8a:29:eb:
         af:96:11:f5:85:6b:f7:f8:6e:f8:96:ac:d7:dd:01:e9:fc:a2:
         6c:41:8c:3e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUQZa5TqU9m4ogidepYuaUMStqbm8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjI3MDAxMDI3WhcNMjUwODAxMjM1OTU5
WjB6MUkwRwYDVQQFE0A3YzUzZDhlY2Y0Y2RlYWU0ZmZmNTk0ZmI2MGFjODBlOTk0
YTcwZTk4ODhkYTNhOTZmMjk0ZDBiN2JiN2IxMDAyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpD2bVz35fj8wp7gW6gYkCWWzGI422z+DcS6vLSeZpgBsf
Ub5PFzEwlSB2y+pG9ALM6GDH1nlshdxypbPomfLF33HAm+Y3q59tlFv5XfQL0ey2
/PSF0Cjgfu16msIKayB6nY7z2eMA2tmkBWZ0D8PUYQ7fSOiRjTLsZ/rRGjOke7GG
UJty1NUq3BQvfapZAaw0bgiLlqunPEbELKuOvjuygOTpvFbS3KPs1ixEOir+MgEF
hvEqmqkxW3iqLskiQviYNOG0obbaiud7ntVkAYcUk7Ewh1AKxMG10G39sP2L+JJF
C15/d2XQNDQswic8Yfv2WLugohlBfrKZ5EJqKJlxAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUd9zvsfyE++hyqcswrURuXrtup7wwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzExYWFiNTQ5LWNlZDAtNGFkYS05NzQ4LTlkNThjYjBjMWViNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwANkjANBgkqhkiG9w0BAQsFAAOCAQEA0PDqOVMgMp1y1uWJhSuijR7oJnHh
oRkjh1o1cgAgsSCsGzw7IuXT2Z9ActTEWsbv6+Dn5LOW3f8ZwMmuO3ShUgvJZXHk
4c3mveWlT03arYMMJbni1FkOL9voaPMFAhA7mhwkkNhaOFkhA3+mMb62Ju8J3QKw
tCVnLhYWv6YqmsQnx1Gf76lpzjQytqNfX7ORwN5zAG/gozuAZ0VWd9bV7uOAm5KS
Hi3uAy9XJ3sAPdf7tgR3X8CPuTJ2PLJW/lPzmH0ihwd7KqXUdHA9KanrAkZa8aYv
lcl+205dY2svziO/nLmjlb+Eiinrr5YR9YVr9/hu+Jas190B6fyibEGMPg==
-----END CERTIFICATE-----
Generated at Mon Jun 30 21:36:11 2025 by rpki-client