Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ba694444-566a-4643-ab64-491712a1b999.roa
File:                     ba694444-566a-4643-ab64-491712a1b999.roa (raw, json)
Hash identifier:          cBEd5Bgz9WMi93w6EZvrtxO+47mXZxQhGuAAngplV1Y=
Subject key identifier:   CB:E7:E9:A7:5B:21:58:48:A1:38:FF:3B:70:62:08:80:96:0A:1C:A5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       58D2DD230E96A1AE8A70BF81F109860E3C485F0A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ba694444-566a-4643-ab64-491712a1b999.roa
Signing time:             Mon 04 Aug 2025 17:30:27 +0000
ROA not before:           Mon 04 Aug 2025 17:30:27 +0000
ROA not after:            Mon 08 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        40.39.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:d2:dd:23:0e:96:a1:ae:8a:70:bf:81:f1:09:86:0e:3c:48:5f:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  4 17:30:27 2025 GMT
            Not After : Sep  8 23:59:59 2025 GMT
        Subject: serialNumber=731a0eba8ae2d4e8b27116d4a752102b27ddc6fdc1dfb7be05001b0d54ef3c84, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:f4:c1:a1:ca:f7:d8:bb:57:f1:55:d6:9e:e1:
                    07:8a:40:1b:0b:0d:fd:44:c8:93:cf:3f:d9:ce:36:
                    e1:24:4f:63:5f:06:4d:c9:e8:3e:6b:24:6d:09:ae:
                    10:ce:79:b2:21:20:60:38:10:90:c5:d8:1f:28:95:
                    9b:fd:d9:35:5a:8a:90:b3:ed:4c:0a:a6:37:bc:b5:
                    84:67:76:20:f3:e1:31:e9:f9:9c:eb:8f:94:c5:74:
                    f1:e2:87:19:8f:f7:5d:12:df:fb:ff:c6:0e:b0:d5:
                    54:11:8a:09:6a:a3:61:66:d3:a9:d8:56:2c:a4:6a:
                    40:74:3e:1d:f4:c5:4e:13:57:2d:e5:b3:d4:12:23:
                    0b:3a:f3:0f:5e:d9:8c:bf:e6:94:68:d6:83:dd:aa:
                    3f:98:41:28:65:b4:cf:70:90:75:03:3b:d0:73:00:
                    07:16:1a:9a:da:3e:bd:21:0c:f1:cd:a6:45:3e:eb:
                    c6:50:29:fa:30:d5:78:3a:d8:ef:93:d5:7f:5d:9c:
                    f7:1d:46:1c:98:8e:fa:d1:23:51:df:ed:4a:90:80:
                    10:fa:49:a9:7a:8a:b7:a8:0d:d1:47:60:0c:21:62:
                    48:ec:a9:ec:c2:5e:5b:2b:c8:ae:bc:b0:ac:18:2b:
                    80:4e:1d:ee:04:6e:33:fd:6a:47:c5:f5:87:18:50:
                    0a:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:E7:E9:A7:5B:21:58:48:A1:38:FF:3B:70:62:08:80:96:0A:1C:A5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ba694444-566a-4643-ab64-491712a1b999.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  40.39.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         26:f2:64:b1:e1:6f:b9:ab:79:45:92:91:0f:24:ab:d2:7d:46:
         7f:80:c6:08:1e:2e:a3:87:9e:7f:f2:8b:75:45:06:76:fa:51:
         72:38:33:6d:40:f4:ef:c2:83:52:8b:5d:a0:c1:44:d5:3b:cd:
         66:c9:a7:32:82:ea:8c:d8:49:df:c4:7b:82:b8:5f:65:f6:5a:
         e1:8a:bc:20:dc:99:29:17:ae:d7:4f:d0:50:00:0c:15:94:e7:
         4b:3b:a3:dd:10:76:8e:21:1c:78:13:f3:76:b0:99:a1:c7:1a:
         24:b9:3b:c9:a7:af:f5:93:85:2a:42:a5:78:63:3e:0f:7b:10:
         cf:16:ad:c1:12:24:70:46:05:b8:3f:31:39:4f:08:39:5a:e1:
         d0:d8:c3:4a:e2:cc:64:ea:ae:18:bc:a1:13:3d:38:4f:31:c7:
         9e:ff:c6:00:42:1c:74:22:16:60:43:69:ac:28:09:6a:ec:09:
         3b:0b:1f:11:c6:f6:75:dc:52:1e:2b:ca:40:df:ec:59:0d:7f:
         a5:89:48:c2:18:70:8f:6a:50:dd:60:e8:d5:19:5b:e6:11:c7:
         f9:94:13:c6:40:65:c9:9e:87:63:65:a0:84:a1:04:33:d9:64:
         a9:aa:f7:ff:cb:c1:82:0f:34:c3:60:61:65:42:a7:26:56:31:
         63:8a:01:b4
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUWNLdIw6Woa6KcL+B8QmGDjxIXwowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA0MTczMDI3WhcNMjUwOTA4MjM1OTU5
WjB6MUkwRwYDVQQFE0A3MzFhMGViYThhZTJkNGU4YjI3MTE2ZDRhNzUyMTAyYjI3
ZGRjNmZkYzFkZmI3YmUwNTAwMWIwZDU0ZWYzYzg0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCe9MGhyvfYu1fxVdae4QeKQBsLDf1EyJPPP9nONuEkT2Nf
Bk3J6D5rJG0JrhDOebIhIGA4EJDF2B8olZv92TVaipCz7UwKpje8tYRndiDz4THp
+Zzrj5TFdPHihxmP910S3/v/xg6w1VQRiglqo2Fm06nYViykakB0Ph30xU4TVy3l
s9QSIws68w9e2Yy/5pRo1oPdqj+YQShltM9wkHUDO9BzAAcWGpraPr0hDPHNpkU+
68ZQKfow1Xg62O+T1X9dnPcdRhyYjvrRI1Hf7UqQgBD6Sal6ireoDdFHYAwhYkjs
qezCXlsryK68sKwYK4BOHe4EbjP9akfF9YcYUAprAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUy+fpp1shWEihOP87cGIIgJYKHKUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JhNjk0NDQ0LTU2NmEtNDY0My1hYjY0LTQ5MTcxMmExYjk5OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAoJzANBgkqhkiG9w0BAQsFAAOCAQEAJvJkseFvuat5RZKRDySr0n1Gf4DG
CB4uo4eef/KLdUUGdvpRcjgzbUD078KDUotdoMFE1TvNZsmnMoLqjNhJ38R7grhf
ZfZa4Yq8INyZKReu10/QUAAMFZTnSzuj3RB2jiEceBPzdrCZoccaJLk7yaev9ZOF
KkKleGM+D3sQzxatwRIkcEYFuD8xOU8IOVrh0NjDSuLMZOquGLyhEz04TzHHnv/G
AEIcdCIWYENprCgJauwJOwsfEcb2ddxSHivKQN/sWQ1/pYlIwhhwj2pQ3WDo1Rlb
5hHH+ZQTxkBlyZ6HY2WghKEEM9lkqar3/8vBgg80w2BhZUKnJlYxY4oBtA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:30:12 2025 by rpki-client