Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9f5cdf3e-e28d-4b15-b4de-7265437592d0.roa
File:                     9f5cdf3e-e28d-4b15-b4de-7265437592d0.roa (raw, json)
Hash identifier:          teb826qZcdIKvy/oONnyZdNFaod1fUAoufmNBiGeb7E=
Subject key identifier:   DA:BD:A9:8A:9E:0B:47:F2:72:13:52:54:92:07:1F:7E:D9:2E:7D:51
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2961C5C0B36DB7621ADEDEC9C29A4CDAF1500633
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9f5cdf3e-e28d-4b15-b4de-7265437592d0.roa
Signing time:             Fri 15 Aug 2025 00:31:18 +0000
ROA not before:           Fri 15 Aug 2025 00:31:18 +0000
ROA not after:            Fri 19 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.147.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:61:c5:c0:b3:6d:b7:62:1a:de:de:c9:c2:9a:4c:da:f1:50:06:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 15 00:31:18 2025 GMT
            Not After : Sep 19 23:59:59 2025 GMT
        Subject: serialNumber=efe75fe41831030c78201f454c4028ad4a136662cdba972c63a43f1036575dad, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:7d:40:6c:3e:67:cf:f7:45:36:be:56:09:65:
                    93:91:7d:08:2d:1a:bd:35:dc:80:92:a4:1f:e3:0c:
                    78:d7:87:e0:d9:98:5c:a8:8f:b9:12:ab:5e:63:be:
                    38:f4:e8:f7:7d:41:65:b3:83:05:8a:ed:e6:3e:8b:
                    57:51:67:97:75:6f:24:4d:0e:4f:e0:e1:54:84:9c:
                    37:de:02:7f:08:fc:93:41:46:0c:ac:cf:01:f5:ab:
                    92:e5:dc:6e:49:96:06:01:0c:80:15:53:8e:0f:fa:
                    83:37:39:f4:ac:78:e9:b1:d3:26:f8:9f:7e:09:9b:
                    21:8a:4e:c4:eb:9e:85:6d:a6:59:d8:3f:db:40:be:
                    7b:dc:e2:36:90:f6:89:73:87:d6:fd:d9:20:ab:13:
                    f4:5d:73:20:f2:b2:37:26:00:76:de:58:e0:fc:9e:
                    fc:aa:19:9a:53:83:36:e9:6c:78:dd:93:29:6a:08:
                    4a:76:b2:ea:16:bb:65:3a:c1:ff:86:74:59:8e:2c:
                    d8:f3:12:98:ad:70:d9:15:e8:68:d9:07:2d:d1:2a:
                    66:c4:02:bd:e9:f5:a9:f6:07:aa:c0:06:1b:0d:2e:
                    eb:72:89:be:4c:72:31:93:82:71:a4:b0:e2:3c:5b:
                    d6:5c:b3:cd:56:d3:a1:c5:ca:7c:0f:a0:69:84:72:
                    cf:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:BD:A9:8A:9E:0B:47:F2:72:13:52:54:92:07:1F:7E:D9:2E:7D:51
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9f5cdf3e-e28d-4b15-b4de-7265437592d0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.147.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         d2:1c:e3:b7:b0:db:a0:48:ae:17:11:40:a2:0d:c2:60:ac:8a:
         8f:86:e6:8e:f4:89:53:6f:4d:af:7e:57:8b:2e:c8:68:65:ae:
         2b:99:52:61:1d:8e:fc:8d:d3:d1:db:12:86:e2:5e:a4:df:a1:
         21:05:f7:87:a9:ca:c1:e9:1f:83:87:10:18:32:69:0f:65:d7:
         f5:fb:14:2f:a5:6f:38:6d:c5:4b:04:70:66:09:2c:a5:b9:a8:
         50:85:6a:eb:80:de:74:1a:5e:ff:eb:ea:a0:4d:49:68:05:c6:
         8d:8b:82:df:20:e1:f9:92:79:20:69:42:74:33:76:30:c0:d8:
         82:2f:24:3f:e7:f6:df:bd:ba:98:3d:d9:b8:6f:04:00:42:45:
         89:e8:48:6d:eb:5b:0d:1f:b9:92:71:e3:e0:d1:fa:d0:26:1a:
         84:35:36:8b:5b:53:66:66:05:4b:ad:a6:b7:63:dc:f6:11:bc:
         49:00:4c:6e:a0:c2:aa:30:b2:46:31:57:a7:2e:5d:f3:f7:f9:
         44:8d:37:ae:a4:79:a0:12:0e:30:31:cd:56:02:ea:59:94:31:
         a1:7c:b0:7a:e1:c3:4f:8d:9b:cb:35:f1:ea:67:a7:ff:2d:35:
         b0:60:87:db:b6:b8:2a:7d:78:19:80:02:39:3e:8e:eb:31:ec:
         4d:21:2d:01
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUKWHFwLNtt2Ia3t7JwppM2vFQBjMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODE1MDAzMTE4WhcNMjUwOTE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BlZmU3NWZlNDE4MzEwMzBjNzgyMDFmNDU0YzQwMjhhZDRh
MTM2NjYyY2RiYTk3MmM2M2E0M2YxMDM2NTc1ZGFkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCffUBsPmfP90U2vlYJZZORfQgtGr013ICSpB/jDHjXh+DZ
mFyoj7kSq15jvjj06Pd9QWWzgwWK7eY+i1dRZ5d1byRNDk/g4VSEnDfeAn8I/JNB
RgyszwH1q5Ll3G5JlgYBDIAVU44P+oM3OfSseOmx0yb4n34JmyGKTsTrnoVtplnY
P9tAvnvc4jaQ9olzh9b92SCrE/RdcyDysjcmAHbeWOD8nvyqGZpTgzbpbHjdkylq
CEp2suoWu2U6wf+GdFmOLNjzEpitcNkV6GjZBy3RKmbEAr3p9an2B6rABhsNLuty
ib5McjGTgnGksOI8W9Zcs81W06HFynwPoGmEcs8dAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU2r2pip4LR/JyE1JUkgcfftkufVEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzlmNWNkZjNlLWUyOGQtNGIxNS1iNGRlLTcyNjU0Mzc1OTJkMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQkzANBgkqhkiG9w0BAQsFAAOCAQEA0hzjt7DboEiuFxFAog3CYKyKj4bm
jvSJU29Nr35Xiy7IaGWuK5lSYR2O/I3T0dsShuJepN+hIQX3h6nKwekfg4cQGDJp
D2XX9fsUL6VvOG3FSwRwZgkspbmoUIVq64DedBpe/+vqoE1JaAXGjYuC3yDh+ZJ5
IGlCdDN2MMDYgi8kP+f23726mD3ZuG8EAEJFiehIbetbDR+5knHj4NH60CYahDU2
i1tTZmYFS62mt2Pc9hG8SQBMbqDCqjCyRjFXpy5d8/f5RI03rqR5oBIOMDHNVgLq
WZQxoXyweuHDT42byzXx6men/y01sGCH27a4Kn14GYACOT6O6zHsTSEtAQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:15:34 2025 by rpki-client