Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6f4424f1-a154-4dc3-838e-553cde0d6d3a.roa
File:                     6f4424f1-a154-4dc3-838e-553cde0d6d3a.roa (raw, json)
Hash identifier:          jpT8WSjH/wNiAsQPw3X/cIUAsNFUFOVePcrMfh61TuI=
Subject key identifier:   2D:38:41:99:A5:FA:E8:1A:32:EC:3A:E0:CD:07:F5:49:FB:C7:2C:25
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       68F49CAD6011BD20820905BA02A7447B5E4D4893
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6f4424f1-a154-4dc3-838e-553cde0d6d3a.roa
Signing time:             Fri 08 Aug 2025 00:00:32 +0000
ROA not before:           Fri 08 Aug 2025 00:00:32 +0000
ROA not after:            Fri 12 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.11.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:f4:9c:ad:60:11:bd:20:82:09:05:ba:02:a7:44:7b:5e:4d:48:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  8 00:00:32 2025 GMT
            Not After : Sep 12 23:59:59 2025 GMT
        Subject: serialNumber=67573002a70caf8a717df6a86a6ee449cf4dca266debfae30a5759ddbf298852, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:67:9a:81:79:ca:4f:fa:16:30:54:7e:32:1a:
                    66:cd:8b:41:cf:b1:ed:f9:76:4f:86:79:28:7b:94:
                    9a:48:93:d9:e3:3f:02:c8:96:83:0d:13:02:97:68:
                    fb:2b:73:e3:14:c8:b4:a4:a1:fc:5a:d7:f8:dc:05:
                    08:d5:97:c4:d5:25:08:70:17:df:f3:77:18:e4:a3:
                    b5:92:5b:e0:56:66:29:3c:ba:e5:f7:6d:a7:c0:9a:
                    bc:d3:7d:27:18:85:a4:59:ad:93:97:e5:34:ac:da:
                    21:03:58:5d:96:00:f5:ab:7e:cd:2b:00:e1:92:51:
                    77:9d:61:2c:c3:d4:4e:7d:20:37:b0:a4:c6:b0:bc:
                    4e:a4:73:38:16:f6:bb:0c:ab:78:5e:02:d2:7a:b4:
                    0e:a6:5e:3c:be:2e:08:df:25:d6:a6:f6:d4:52:ef:
                    fb:28:76:9b:29:f6:ab:ad:0a:17:c6:34:42:ee:cb:
                    7f:dc:77:11:ad:f3:8f:2b:53:0e:83:f1:01:39:59:
                    6e:d2:5f:03:88:c0:29:41:70:a0:92:a4:58:8c:d7:
                    30:5c:0d:61:54:3b:a1:ea:2a:d8:4f:02:7e:0a:91:
                    11:fc:1d:1d:db:4c:a4:3e:f1:82:a3:6e:f0:41:ab:
                    49:5c:f3:0f:a5:05:1e:69:6a:1d:a0:cd:ef:74:04:
                    ee:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:38:41:99:A5:FA:E8:1A:32:EC:3A:E0:CD:07:F5:49:FB:C7:2C:25
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6f4424f1-a154-4dc3-838e-553cde0d6d3a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.11.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         a6:eb:21:77:88:1a:9d:88:b5:d6:d2:9c:37:17:cf:73:57:88:
         6e:11:75:50:6e:ca:54:0f:4c:dd:6f:29:0e:20:20:9a:6c:d8:
         ee:6f:10:e3:3e:33:ed:8a:42:99:f3:21:cd:2d:c5:e5:6a:47:
         0a:1a:a7:a6:8d:8d:20:6e:7f:7d:75:55:b4:f5:73:61:b3:4f:
         d2:5e:ff:1d:17:01:cc:f0:d6:84:8b:22:81:20:01:af:57:ed:
         e7:14:90:02:d9:4e:4f:75:2f:e4:82:d3:69:b1:5d:92:55:26:
         c2:91:e7:1f:1d:e4:e7:7d:50:a8:ec:25:1e:a7:58:ac:16:16:
         9d:dd:7e:7e:77:94:18:eb:40:aa:54:4c:e6:9a:6a:f3:c2:57:
         d6:c3:e7:e2:eb:20:ef:b0:cc:13:07:6b:80:f9:2e:a4:f0:4e:
         eb:60:5f:4d:6f:56:0b:78:95:a3:94:cc:6e:ce:ee:bb:63:94:
         cb:07:64:fc:93:35:a0:65:fd:85:6f:27:34:15:62:14:a1:e2:
         4c:d9:9e:b9:82:35:93:6f:0e:eb:46:2f:0d:f2:eb:6e:b6:f9:
         f1:84:17:05:05:74:f7:0c:30:cb:58:86:ce:fe:97:0d:62:08:
         38:d1:a3:76:2d:9d:13:93:e3:5a:03:4a:fb:85:83:0b:fa:3b:
         b7:54:c8:87
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUaPScrWARvSCCCQW6AqdEe15NSJMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA4MDAwMDMyWhcNMjUwOTEyMjM1OTU5
WjB6MUkwRwYDVQQFE0A2NzU3MzAwMmE3MGNhZjhhNzE3ZGY2YTg2YTZlZTQ0OWNm
NGRjYTI2NmRlYmZhZTMwYTU3NTlkZGJmMjk4ODUyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCrZ5qBecpP+hYwVH4yGmbNi0HPse35dk+GeSh7lJpIk9nj
PwLIloMNEwKXaPsrc+MUyLSkofxa1/jcBQjVl8TVJQhwF9/zdxjko7WSW+BWZik8
uuX3bafAmrzTfScYhaRZrZOX5TSs2iEDWF2WAPWrfs0rAOGSUXedYSzD1E59IDew
pMawvE6kczgW9rsMq3heAtJ6tA6mXjy+LgjfJdam9tRS7/sodpsp9qutChfGNELu
y3/cdxGt848rUw6D8QE5WW7SXwOIwClBcKCSpFiM1zBcDWFUO6HqKthPAn4KkRH8
HR3bTKQ+8YKjbvBBq0lc8w+lBR5pah2gze90BO5ZAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQULThBmaX66Boy7DrgzQf1SfvHLCUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZmNDQyNGYxLWExNTQtNGRjMy04MzhlLTU1M2NkZTBkNmQzYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQCzANBgkqhkiG9w0BAQsFAAOCAQEApushd4ganYi11tKcNxfPc1eIbhF1
UG7KVA9M3W8pDiAgmmzY7m8Q4z4z7YpCmfMhzS3F5WpHChqnpo2NIG5/fXVVtPVz
YbNP0l7/HRcBzPDWhIsigSABr1ft5xSQAtlOT3Uv5ILTabFdklUmwpHnHx3k531Q
qOwlHqdYrBYWnd1+fneUGOtAqlRM5ppq88JX1sPn4usg77DMEwdrgPkupPBO62Bf
TW9WC3iVo5TMbs7uu2OUywdk/JM1oGX9hW8nNBViFKHiTNmeuYI1k28O60YvDfLr
brb58YQXBQV09wwwy1iGzv6XDWIIONGjdi2dE5PjWgNK+4WDC/o7t1TIhw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:10:13 2025 by rpki-client