Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/14a5a826-4e23-42a8-bf85-ad094f67717e.roa
File:                     14a5a826-4e23-42a8-bf85-ad094f67717e.roa (raw, json)
Hash identifier:          nMLKv3qUv+85IcffLJv9ynK/MMnhu7gKYDW6hvosA2o=
Subject key identifier:   CE:40:CC:1B:46:96:B3:E0:65:E3:44:A1:A4:9A:E1:52:30:9D:00:EE
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1B95336CB452EB3A9C2538DCB479C721A2FE4BC4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/14a5a826-4e23-42a8-bf85-ad094f67717e.roa
Signing time:             Tue 19 Aug 2025 00:40:25 +0000
ROA not before:           Tue 19 Aug 2025 00:40:25 +0000
ROA not after:            Tue 23 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.151.112.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:95:33:6c:b4:52:eb:3a:9c:25:38:dc:b4:79:c7:21:a2:fe:4b:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 19 00:40:25 2025 GMT
            Not After : Sep 23 23:59:59 2025 GMT
        Subject: serialNumber=affc2cba52e6816acdc7aaacae9e5445d0fc7532de4454eebdf29ac6a6fae7da, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:ce:7b:73:f1:3a:89:41:a5:78:0a:70:bd:75:
                    c1:d7:07:ec:09:14:f7:41:ba:de:ad:5b:f3:3f:b8:
                    1b:95:f6:65:14:47:2d:11:e6:7b:22:a2:c3:92:d0:
                    25:56:54:e5:5a:23:42:5d:5a:de:68:c0:b2:b0:72:
                    cc:c9:3a:71:38:3b:64:0f:ed:70:82:19:23:6d:23:
                    ab:28:6f:6e:8b:d0:5c:70:b2:64:b4:f5:88:cc:bf:
                    00:d1:b5:f0:88:b7:1a:01:13:16:b6:78:f0:4e:8b:
                    2f:08:71:4a:c6:7b:07:aa:19:d2:51:07:9f:15:18:
                    be:a4:c9:21:b2:3a:ba:49:94:30:db:df:57:09:12:
                    2b:13:4e:3a:c9:aa:28:4d:3f:cc:cc:45:53:37:ef:
                    b1:36:e4:ee:2b:7b:4d:a3:56:2e:03:cf:9c:1e:6a:
                    27:87:5d:87:2e:0a:ab:46:83:4c:ce:0c:c6:73:78:
                    36:19:9f:3b:fa:06:a5:bb:d3:9f:4f:3b:eb:5a:df:
                    ec:91:81:01:5d:da:c9:c7:72:64:ce:b8:f7:fe:a0:
                    dd:87:e0:44:23:88:58:3d:78:2f:4e:d2:5f:a6:0b:
                    6e:f3:f9:eb:bf:d3:55:1b:d4:3a:cc:93:85:ff:6a:
                    ef:25:3b:61:33:98:2f:61:2c:c4:98:ce:50:be:38:
                    a6:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:40:CC:1B:46:96:B3:E0:65:E3:44:A1:A4:9A:E1:52:30:9D:00:EE
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/14a5a826-4e23-42a8-bf85-ad094f67717e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.151.112.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a5:ad:49:15:27:cd:1f:82:df:65:b0:b9:3b:0a:c3:6a:c3:d3:
         66:e4:ad:71:bf:ea:68:f1:7d:e2:85:99:ef:3d:03:98:a7:7f:
         ab:c7:42:0f:0f:b7:f1:98:23:28:bb:f8:d5:3d:40:a7:47:95:
         14:f1:46:87:e2:e3:74:c0:10:ff:4a:a4:61:b1:5f:9e:5c:82:
         f5:3d:82:c2:9e:1f:b0:17:af:8a:c2:8e:68:2c:ea:d8:57:19:
         b1:69:b9:29:df:5e:ec:55:48:95:8d:88:10:40:52:e7:24:36:
         0b:0b:54:5e:31:d2:20:af:5f:20:b8:a9:90:d2:eb:ff:18:4b:
         ac:db:e8:8e:ab:71:6f:5a:90:25:f2:99:ab:78:f6:4d:cb:04:
         a7:5d:42:8f:fc:f5:c8:bc:0f:7d:cc:23:7e:00:a4:04:40:64:
         07:93:e3:c1:75:a3:5c:6e:a2:db:d7:9b:e1:38:4a:82:d6:82:
         b6:39:88:fc:56:60:45:1b:09:44:f2:e0:2d:46:58:28:70:5e:
         97:13:f0:d3:59:5a:8c:48:8c:a4:52:37:7b:68:bf:7c:88:79:
         19:6e:8a:35:b9:6f:aa:12:20:27:4c:e7:72:77:13:b7:e7:dc:
         6b:54:4f:8e:8e:db:f1:f3:ea:2d:ff:59:e3:84:88:82:3d:e7:
         7d:c7:58:ab
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUG5UzbLRS6zqcJTjctHnHIaL+S8QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODE5MDA0MDI1WhcNMjUwOTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BhZmZjMmNiYTUyZTY4MTZhY2RjN2FhYWNhZTllNTQ0NWQw
ZmM3NTMyZGU0NDU0ZWViZGYyOWFjNmE2ZmFlN2RhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2zntz8TqJQaV4CnC9dcHXB+wJFPdBut6tW/M/uBuV9mUU
Ry0R5nsiosOS0CVWVOVaI0JdWt5owLKwcszJOnE4O2QP7XCCGSNtI6sob26L0Fxw
smS09YjMvwDRtfCItxoBExa2ePBOiy8IcUrGeweqGdJRB58VGL6kySGyOrpJlDDb
31cJEisTTjrJqihNP8zMRVM377E25O4re02jVi4Dz5weaieHXYcuCqtGg0zODMZz
eDYZnzv6BqW7059PO+ta3+yRgQFd2snHcmTOuPf+oN2H4EQjiFg9eC9O0l+mC27z
+eu/01Ub1DrMk4X/au8lO2EzmC9hLMSYzlC+OKbDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUzkDMG0aWs+Bl40ShpJrhUjCdAO4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE0YTVhODI2LTRlMjMtNDJhOC1iZjg1LWFkMDk0ZjY3NzE3ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFjl3AwDQYJKoZIhvcNAQELBQADggEBAKWtSRUnzR+C32WwuTsKw2rD02bk
rXG/6mjxfeKFme89A5inf6vHQg8Pt/GYIyi7+NU9QKdHlRTxRofi43TAEP9KpGGx
X55cgvU9gsKeH7AXr4rCjmgs6thXGbFpuSnfXuxVSJWNiBBAUuckNgsLVF4x0iCv
XyC4qZDS6/8YS6zb6I6rcW9akCXymat49k3LBKddQo/89ci8D33MI34ApARAZAeT
48F1o1xuotvXm+E4SoLWgrY5iPxWYEUbCUTy4C1GWChwXpcT8NNZWoxIjKRSN3to
v3yIeRluijW5b6oSICdM53J3E7fn3GtUT46O2/Hz6i3/WeOEiII9533HWKs=
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:15:35 2025 by rpki-client