Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1799e86e-9c98-417a-9878-d7c2ab84b1a9.roa
File:                     1799e86e-9c98-417a-9878-d7c2ab84b1a9.roa (raw, json)
Hash identifier:          5SpM9zJpNDtxCesxhargUCM7llWrAFS/fe49pBNB9Gw=
Subject key identifier:   45:43:EC:2D:4B:8D:F6:7C:03:4B:F7:36:BE:F8:B3:53:63:B8:43:99
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       549DE091910FD346DCD0EF1FF6892757C9FB91FF
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1799e86e-9c98-417a-9878-d7c2ab84b1a9.roa
Signing time:             Mon 23 Jun 2025 15:21:34 +0000
ROA not before:           Mon 23 Jun 2025 15:21:34 +0000
ROA not after:            Mon 28 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.35.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 03 Jul 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:9d:e0:91:91:0f:d3:46:dc:d0:ef:1f:f6:89:27:57:c9:fb:91:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 23 15:21:34 2025 GMT
            Not After : Jul 28 23:59:59 2025 GMT
        Subject: serialNumber=a15b6432e306a4c4948808ad192e426a8a2c4f155402686417e535464fef7d56, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:75:bc:09:9a:8b:28:7c:08:73:ba:f2:a6:23:
                    40:e5:6e:df:74:77:cd:13:ec:22:fd:6b:89:55:c3:
                    6f:54:62:2e:f2:8e:78:37:ed:17:1c:89:dd:5e:0f:
                    4e:11:71:17:16:5b:86:42:17:84:b8:fb:2b:27:a6:
                    2e:b4:7d:fc:c0:61:a9:a0:ee:de:27:e6:40:08:c6:
                    a3:c0:fd:6f:e7:af:29:8c:bb:53:52:ad:b6:79:f1:
                    9e:fd:cf:80:21:ea:b0:5f:de:e0:43:a3:0c:7f:10:
                    e7:96:97:0c:b1:c3:ff:52:b2:ae:aa:04:83:f1:f4:
                    9a:a9:b1:37:8e:0f:9d:b6:2c:47:56:d7:e8:9d:db:
                    46:7f:6f:f6:2d:c8:d9:65:48:fa:5e:bd:f3:51:80:
                    33:d8:02:e6:ed:d4:64:66:45:db:05:9d:85:19:60:
                    d1:02:35:78:38:e3:3e:7f:c1:30:a5:9c:a7:ac:b7:
                    f5:0a:bc:41:e4:12:20:a1:59:de:90:b7:cf:c2:08:
                    8d:2a:61:cf:2c:07:98:1f:8b:f1:5f:3d:5d:51:49:
                    eb:ac:13:2a:12:d7:e9:a3:58:68:c2:02:3a:bd:d8:
                    a1:83:79:82:24:c1:78:8d:11:87:31:0e:8b:f5:15:
                    a2:83:f6:0a:ad:13:7b:e8:fb:80:dc:37:c1:73:3a:
                    4b:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:43:EC:2D:4B:8D:F6:7C:03:4B:F7:36:BE:F8:B3:53:63:B8:43:99
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1799e86e-9c98-417a-9878-d7c2ab84b1a9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.35.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         b6:5b:8a:92:7c:4a:bf:a8:62:78:1d:85:c8:d9:ce:32:17:da:
         0a:89:86:3e:6e:49:f7:9d:0b:1b:96:97:bf:47:b3:11:c2:25:
         a3:91:f8:42:ab:85:b3:58:2f:a5:92:2d:d0:e6:58:e2:c4:0f:
         04:7d:e2:a2:03:6c:83:9f:cd:7a:59:64:c0:91:c5:da:09:c5:
         db:d0:af:e0:65:89:a0:86:d4:c3:f5:4c:a3:bb:a2:fd:c4:54:
         27:ec:ba:02:70:49:5d:5d:ba:96:94:86:b4:db:2f:ad:f3:4d:
         e2:3e:45:83:bc:cf:5a:a2:66:29:1a:41:b1:c9:9f:d2:4d:54:
         7e:52:99:d4:cd:d2:60:d4:06:29:3b:17:79:12:69:62:82:79:
         e1:44:29:9d:d8:a6:63:c3:81:ca:7b:de:58:67:f4:1b:ed:7d:
         9e:67:63:95:e1:5b:a1:6e:6b:cb:7a:91:71:14:72:3a:99:20:
         a8:d0:3f:b5:cd:f6:b1:bd:09:6d:d5:95:86:dd:bd:e7:91:2a:
         c3:a5:34:16:98:9a:10:5e:ff:d3:82:0f:5f:f9:b2:76:ef:27:
         8c:28:b3:ad:fa:dc:5d:33:a0:0b:a4:18:5f:a5:1c:a2:7b:b7:
         d1:10:6a:d5:89:00:90:55:92:12:f7:90:36:56:58:8c:46:f4:
         75:59:b3:9d
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUVJ3gkZEP00bc0O8f9oknV8n7kf8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjIzMTUyMTM0WhcNMjUwNzI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BhMTViNjQzMmUzMDZhNGM0OTQ4ODA4YWQxOTJlNDI2YThh
MmM0ZjE1NTQwMjY4NjQxN2U1MzU0NjRmZWY3ZDU2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCWdbwJmosofAhzuvKmI0Dlbt90d80T7CL9a4lVw29UYi7y
jng37Rccid1eD04RcRcWW4ZCF4S4+ysnpi60ffzAYamg7t4n5kAIxqPA/W/nrymM
u1NSrbZ58Z79z4Ah6rBf3uBDowx/EOeWlwyxw/9Ssq6qBIPx9JqpsTeOD522LEdW
1+id20Z/b/YtyNllSPpevfNRgDPYAubt1GRmRdsFnYUZYNECNXg44z5/wTClnKes
t/UKvEHkEiChWd6Qt8/CCI0qYc8sB5gfi/FfPV1RSeusEyoS1+mjWGjCAjq92KGD
eYIkwXiNEYcxDov1FaKD9gqtE3vo+4DcN8FzOkvvAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQURUPsLUuN9nwDS/c2vvizU2O4Q5kwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE3OTllODZlLTljOTgtNDE3YS05ODc4LWQ3YzJhYjg0YjFhOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA2IzANBgkqhkiG9w0BAQsFAAOCAQEAtluKknxKv6hieB2FyNnOMhfaComG
Pm5J950LG5aXv0ezEcIlo5H4QquFs1gvpZIt0OZY4sQPBH3iogNsg5/NellkwJHF
2gnF29Cv4GWJoIbUw/VMo7ui/cRUJ+y6AnBJXV26lpSGtNsvrfNN4j5Fg7zPWqJm
KRpBscmf0k1UflKZ1M3SYNQGKTsXeRJpYoJ54UQpndimY8OBynveWGf0G+19nmdj
leFboW5ry3qRcRRyOpkgqNA/tc32sb0JbdWVht2955Eqw6U0FpiaEF7/04IPX/my
du8njCizrfrcXTOgC6QYX6Uconu30RBq1YkAkFWSEveQNlZYjEb0dVmznQ==
-----END CERTIFICATE-----
Generated at Tue Jul 1 20:24:55 2025 by rpki-client