Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3140b59c-e29d-4b8a-8974-b6c470960f1b.roa
File:                     3140b59c-e29d-4b8a-8974-b6c470960f1b.roa (raw, json)
Hash identifier:          CJ53x5VVokmuHv+07T/ZDFIqtWkl746EaDaMsvbR9NI=
Subject key identifier:   99:AC:43:58:3E:0C:B1:C1:3E:AE:2F:60:92:54:44:70:B4:21:7E:B3
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       78578921F570795B92876957F17795C7F971687B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3140b59c-e29d-4b8a-8974-b6c470960f1b.roa
Signing time:             Tue 19 Aug 2025 00:11:35 +0000
ROA not before:           Tue 19 Aug 2025 00:11:35 +0000
ROA not after:            Tue 23 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.115.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 25 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:57:89:21:f5:70:79:5b:92:87:69:57:f1:77:95:c7:f9:71:68:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 19 00:11:35 2025 GMT
            Not After : Sep 23 23:59:59 2025 GMT
        Subject: serialNumber=235ad632cb028df0e7381a26bebb802f14c5d662a7ef9c8daa7c968e2dba2e1a, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:7f:fc:f7:00:58:7f:3f:b0:7b:70:4a:3d:6c:
                    e1:47:39:36:f8:02:bd:19:3a:15:55:b3:5e:c1:86:
                    43:2f:05:69:17:f7:9d:dd:4d:fe:45:bf:20:6f:c2:
                    5e:2f:07:09:fa:38:82:fb:e5:f8:86:4d:a5:c6:d0:
                    63:3d:39:f5:4b:b9:fc:82:7b:e8:c5:0b:f6:13:6b:
                    3e:fd:df:d4:38:5f:03:c0:34:ca:7b:95:05:2f:01:
                    e1:ad:92:bb:d6:2c:e3:6a:67:b8:9b:bb:54:1e:7c:
                    9b:d7:5e:73:e9:c3:00:a9:9b:1e:55:0c:f8:48:aa:
                    31:d8:d0:9a:a1:f0:cd:78:00:c0:55:eb:db:7e:42:
                    a9:70:10:63:c1:30:e6:a7:17:2a:d2:34:68:d3:8b:
                    1d:93:e7:03:be:65:c0:27:6d:15:07:85:d2:1c:16:
                    2e:99:16:6a:85:f0:bc:7b:80:75:8b:bd:cb:d3:34:
                    83:ed:d8:4d:f3:11:5c:da:69:9b:19:6a:61:35:cc:
                    16:30:f4:8f:43:f7:36:43:df:b3:90:f1:24:ec:d3:
                    cd:f5:57:ca:7f:58:a7:43:44:9e:f9:cb:fa:f6:e4:
                    8f:4b:9c:c6:f0:f4:d3:63:50:75:11:02:40:b8:1d:
                    9f:42:a2:75:38:3a:0b:10:97:a8:51:f9:8d:62:50:
                    1e:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:AC:43:58:3E:0C:B1:C1:3E:AE:2F:60:92:54:44:70:B4:21:7E:B3
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3140b59c-e29d-4b8a-8974-b6c470960f1b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.115.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         a9:89:97:c9:f7:54:ff:e1:b4:a8:4a:19:86:e0:ef:07:ee:92:
         46:79:fe:45:f7:8f:eb:25:64:5f:3d:ac:0e:7c:50:d1:6d:46:
         1b:51:b3:4c:67:a5:fb:de:85:84:94:19:df:49:ed:c8:f6:9f:
         f3:f5:94:6f:97:57:50:db:47:70:89:96:33:7c:0d:ee:d3:28:
         cd:d1:57:45:e6:99:0e:81:7f:3e:4c:a5:0b:e1:f6:1a:8e:e2:
         f6:33:6b:e8:bb:14:87:52:73:c9:e5:64:bd:92:c6:ac:79:ca:
         24:e0:57:3f:80:41:bf:6c:66:14:b9:87:c5:33:e3:8d:ae:a6:
         8f:a3:ea:b8:5d:4a:c4:da:59:a7:7b:21:0b:64:c7:27:80:ca:
         13:48:6f:63:23:61:ff:58:22:74:eb:e6:e7:e2:38:4b:9c:8c:
         aa:aa:ae:0b:5c:a8:dd:3a:12:d4:a1:e8:7b:57:35:56:3c:45:
         f9:97:c8:47:97:d8:02:51:ac:d6:48:c2:ec:40:c9:6b:4e:96:
         96:c1:f8:eb:e2:74:d8:0e:42:2c:29:ac:fd:8d:a3:e4:bc:fa:
         f0:a0:96:c6:91:c1:11:7a:91:45:7c:96:27:1c:85:81:06:33:
         7c:c8:50:47:f5:7c:85:8e:cf:61:8c:95:06:d5:2b:65:df:4e:
         ef:ef:dd:c7
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUeFeJIfVweVuSh2lX8XeVx/lxaHswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODE5MDAxMTM1WhcNMjUwOTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0AyMzVhZDYzMmNiMDI4ZGYwZTczODFhMjZiZWJiODAyZjE0
YzVkNjYyYTdlZjljOGRhYTdjOTY4ZTJkYmEyZTFhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCdf/z3AFh/P7B7cEo9bOFHOTb4Ar0ZOhVVs17BhkMvBWkX
953dTf5FvyBvwl4vBwn6OIL75fiGTaXG0GM9OfVLufyCe+jFC/YTaz7939Q4XwPA
NMp7lQUvAeGtkrvWLONqZ7ibu1QefJvXXnPpwwCpmx5VDPhIqjHY0Jqh8M14AMBV
69t+QqlwEGPBMOanFyrSNGjTix2T5wO+ZcAnbRUHhdIcFi6ZFmqF8Lx7gHWLvcvT
NIPt2E3zEVzaaZsZamE1zBYw9I9D9zZD37OQ8STs0831V8p/WKdDRJ75y/r25I9L
nMbw9NNjUHURAkC4HZ9ConU4OgsQl6hR+Y1iUB4HAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUmaxDWD4MscE+ri9gklREcLQhfrMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzMxNDBiNTljLWUyOWQtNGI4YS04OTc0LWI2YzQ3MDk2MGYxYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4czANBgkqhkiG9w0BAQsFAAOCAQEAqYmXyfdU/+G0qEoZhuDvB+6SRnn+
RfeP6yVkXz2sDnxQ0W1GG1GzTGel+96FhJQZ30ntyPaf8/WUb5dXUNtHcImWM3wN
7tMozdFXReaZDoF/PkylC+H2Go7i9jNr6LsUh1JzyeVkvZLGrHnKJOBXP4BBv2xm
FLmHxTPjja6mj6PquF1KxNpZp3shC2THJ4DKE0hvYyNh/1gidOvm5+I4S5yMqqqu
C1yo3ToS1KHoe1c1VjxF+ZfIR5fYAlGs1kjC7EDJa06WlsH46+J02A5CLCms/Y2j
5Lz68KCWxpHBEXqRRXyWJxyFgQYzfMhQR/V8hY7PYYyVBtUrZd9O7+/dxw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:37:32 2025 by rpki-client