Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/75d9fcf4-4228-49d5-bd7b-d0439141fb46.roa
File:                     75d9fcf4-4228-49d5-bd7b-d0439141fb46.roa (raw, json)
Hash identifier:          RktfEIBisAYIi+mXCE/tYnEZTF1t7vmDOfB2nLLo1Kw=
Subject key identifier:   62:D1:26:85:7D:F1:45:7E:F2:06:05:11:06:70:ED:47:18:F5:B2:F9
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       39787B6FF0966199861E9832290ABFA961076630
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/75d9fcf4-4228-49d5-bd7b-d0439141fb46.roa
Signing time:             Tue 12 Aug 2025 00:00:19 +0000
ROA not before:           Tue 12 Aug 2025 00:00:19 +0000
ROA not after:            Tue 16 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        204.15.72.0/21 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:78:7b:6f:f0:96:61:99:86:1e:98:32:29:0a:bf:a9:61:07:66:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 12 00:00:19 2025 GMT
            Not After : Sep 16 23:59:59 2025 GMT
        Subject: serialNumber=855fcd5a127ca950b835a3c4e4873087f9ee1aaf979e86a110065651603fe73d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:50:8d:b9:a2:8e:38:d2:a5:38:d6:58:ee:52:
                    57:0f:74:a4:9b:83:9e:c4:38:b0:82:b9:08:52:02:
                    ef:cc:71:2f:ec:0c:d0:29:92:50:f2:47:b4:aa:ae:
                    d2:1c:94:a3:48:ce:74:9d:33:62:41:3f:a3:92:29:
                    70:d3:39:26:ee:fc:2f:8a:7e:17:4b:a1:91:8a:46:
                    24:9d:dc:40:25:76:c3:79:07:3a:25:39:5f:c5:8b:
                    83:d2:0f:16:0d:cc:b1:44:4f:79:a9:37:61:49:7d:
                    11:ab:26:e6:9e:b7:cf:24:5a:a7:4b:ab:e6:42:2a:
                    f6:61:8c:66:38:19:01:53:5c:a1:88:b8:43:09:aa:
                    61:13:a3:34:d7:e9:4a:66:d0:ab:76:3a:0a:78:7e:
                    7b:34:cc:05:ed:39:3a:22:a6:63:1f:d7:ae:1a:7d:
                    7a:89:f0:73:2d:0b:8f:7f:c1:aa:50:36:0f:c6:4e:
                    ae:6c:b5:43:1a:10:55:58:2d:b2:52:bf:8c:92:a3:
                    71:a8:d0:ad:b5:ec:12:6c:37:ab:db:ca:b4:d9:88:
                    d5:28:6e:b2:65:85:74:16:aa:db:a1:8d:62:ab:f4:
                    d7:ae:ae:3e:be:7f:08:a1:b2:3f:cd:ee:d2:a4:4d:
                    bd:73:71:a7:1a:01:3c:7a:54:76:cd:50:91:92:8f:
                    7b:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:D1:26:85:7D:F1:45:7E:F2:06:05:11:06:70:ED:47:18:F5:B2:F9
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/75d9fcf4-4228-49d5-bd7b-d0439141fb46.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  204.15.72.0/21

    Signature Algorithm: sha256WithRSAEncryption
         c0:38:8e:3c:90:c9:b6:eb:9e:7c:05:5b:70:c7:ed:3d:5c:4a:
         20:89:b6:c5:71:23:4d:f0:28:bd:d0:63:36:d9:59:c7:87:a4:
         7f:0f:ce:8c:b9:c1:c5:b2:1d:6a:5d:9f:0b:72:c3:79:fe:c6:
         45:c8:c5:82:cd:99:40:75:cc:b6:cd:ee:51:aa:da:ff:b2:d8:
         07:a3:5c:5e:cc:14:9b:98:fe:58:8c:cc:f3:b5:b2:bc:57:b1:
         23:32:a6:7e:08:bc:b4:23:c0:82:87:8f:23:3c:14:3b:cf:c4:
         93:b3:dd:1c:ee:e8:28:bc:70:10:f4:5e:51:e8:5d:4e:53:39:
         29:de:16:3d:c0:42:78:60:d5:37:2d:65:61:d3:f9:1e:81:9d:
         c8:24:a4:e1:cc:75:08:36:9f:92:60:a9:91:5c:d7:bc:4b:b6:
         3b:34:1a:de:20:f0:03:32:7a:02:52:9a:da:ac:21:35:13:f8:
         f0:6e:6b:dc:ca:99:39:d0:45:03:57:84:45:10:ad:58:da:be:
         fd:7c:80:49:a0:9d:38:74:fd:12:45:46:6c:a8:05:16:72:7b:
         fb:61:57:5e:12:74:25:eb:4b:20:20:a0:c9:c8:fb:68:2d:f2:
         ab:65:1a:06:34:a9:68:ec:16:ca:da:a2:db:5b:21:48:cd:85:
         b8:fb:6c:31
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUOXh7b/CWYZmGHpgyKQq/qWEHZjAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODEyMDAwMDE5WhcNMjUwOTE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A4NTVmY2Q1YTEyN2NhOTUwYjgzNWEzYzRlNDg3MzA4N2Y5
ZWUxYWFmOTc5ZTg2YTExMDA2NTY1MTYwM2ZlNzNkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4UI25oo440qU41ljuUlcPdKSbg57EOLCCuQhSAu/McS/s
DNApklDyR7SqrtIclKNIznSdM2JBP6OSKXDTOSbu/C+KfhdLoZGKRiSd3EAldsN5
BzolOV/Fi4PSDxYNzLFET3mpN2FJfRGrJuaet88kWqdLq+ZCKvZhjGY4GQFTXKGI
uEMJqmETozTX6Upm0Kt2Ogp4fns0zAXtOToipmMf164afXqJ8HMtC49/wapQNg/G
Tq5stUMaEFVYLbJSv4ySo3Go0K217BJsN6vbyrTZiNUobrJlhXQWqtuhjWKr9Neu
rj6+fwihsj/N7tKkTb1zcacaATx6VHbNUJGSj3tfAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUYtEmhX3xRX7yBgURBnDtRxj1svkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc1ZDlmY2Y0LTQyMjgtNDlkNS1iZDdiLWQwNDM5MTQxZmI0Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAPMD0gwDQYJKoZIhvcNAQELBQADggEBAMA4jjyQybbrnnwFW3DH7T1cSiCJ
tsVxI03wKL3QYzbZWceHpH8Pzoy5wcWyHWpdnwtyw3n+xkXIxYLNmUB1zLbN7lGq
2v+y2AejXF7MFJuY/liMzPO1srxXsSMypn4IvLQjwIKHjyM8FDvPxJOz3Rzu6Ci8
cBD0XlHoXU5TOSneFj3AQnhg1TctZWHT+R6BncgkpOHMdQg2n5JgqZFc17xLtjs0
Gt4g8AMyegJSmtqsITUT+PBua9zKmTnQRQNXhEUQrVjavv18gEmgnTh0/RJFRmyo
BRZye/thV14SdCXrSyAgoMnI+2gt8qtlGgY0qWjsFsraottbIUjNhbj7bDE=
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:22:11 2025 by rpki-client