Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ddc963e2-4b9c-4ede-ba23-8ab86fef5ed0.roa
File:                     ddc963e2-4b9c-4ede-ba23-8ab86fef5ed0.roa (raw, json)
Hash identifier:          mhWr3k0NwOFN2yRJ6rEX1vjUOPKxuqrVpOOsYt1dbBQ=
Subject key identifier:   02:07:23:AE:5E:CC:5E:AA:73:4A:69:A9:6D:F2:D0:06:F4:E4:0A:8D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       060F6424509E898DCDD5FF72FB4D2B9070A630B0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ddc963e2-4b9c-4ede-ba23-8ab86fef5ed0.roa
Signing time:             Wed 13 Aug 2025 00:00:27 +0000
ROA not before:           Wed 13 Aug 2025 00:00:27 +0000
ROA not after:            Wed 17 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        130.176.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:0f:64:24:50:9e:89:8d:cd:d5:ff:72:fb:4d:2b:90:70:a6:30:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 13 00:00:27 2025 GMT
            Not After : Sep 17 23:59:59 2025 GMT
        Subject: serialNumber=2612d4ed25d0a0fee07e6943b7c64ec62d40927eb97e7ffbe49cbfdf8780da73, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:f2:d8:56:3e:13:b7:23:10:5f:33:5a:19:91:
                    5d:7f:79:65:0b:73:51:61:f3:46:f8:6c:22:ee:01:
                    f9:3b:0d:20:2b:a5:ac:51:5f:0c:8b:79:2b:f0:38:
                    f7:0a:d0:fc:f5:75:88:a8:83:a6:cc:e8:1e:67:89:
                    32:46:c6:d2:52:33:41:f7:93:aa:88:f6:e1:79:93:
                    d6:e0:2e:42:1a:0a:a9:41:27:08:03:56:d2:46:4b:
                    32:29:76:ee:a5:81:af:f8:65:7e:dd:f5:80:46:7b:
                    21:c7:2b:2d:d5:3b:7a:16:e2:d0:bd:1b:40:cf:9f:
                    0c:1d:0e:97:a5:b5:4b:db:53:72:f7:cb:5c:2d:2e:
                    e7:4c:2b:2b:c3:ca:aa:4b:5d:34:26:79:d2:1b:fa:
                    3b:24:57:0a:cb:2d:f4:a8:4d:9f:84:33:66:e0:29:
                    2d:80:01:60:8d:50:1a:df:c9:ba:5b:8c:6f:67:33:
                    6f:ff:e0:7e:62:d6:ca:d3:9d:b3:7c:aa:01:7e:05:
                    be:cd:0e:3c:9c:84:fa:66:00:02:ce:b0:d4:00:92:
                    f4:61:da:f0:c9:e3:c8:2a:ab:cf:23:a5:9e:02:ed:
                    6d:21:70:8c:ff:d0:a8:7b:7e:d6:97:e8:9e:70:29:
                    80:9e:0b:83:ea:10:7c:86:df:3e:6e:3d:c9:69:88:
                    b0:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:07:23:AE:5E:CC:5E:AA:73:4A:69:A9:6D:F2:D0:06:F4:E4:0A:8D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ddc963e2-4b9c-4ede-ba23-8ab86fef5ed0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  130.176.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         2f:94:58:0b:c5:a1:64:13:38:98:8d:75:fc:70:0b:81:85:70:
         fe:a6:99:ce:14:51:0c:c4:18:3f:f1:d7:fd:97:f4:ce:01:54:
         e1:1d:8e:c8:35:ee:98:62:9b:6d:77:b6:ac:7f:37:b1:02:20:
         59:6b:b0:82:1e:20:6d:2c:69:94:a5:ee:63:34:78:76:71:91:
         08:81:2a:c4:e7:f8:87:ed:2f:fa:19:b6:e7:c2:c9:fa:f9:e2:
         ae:c2:01:33:ed:37:7d:cd:e7:87:eb:d4:fe:b0:8b:fe:14:e8:
         ea:1c:ab:d8:15:66:04:e8:f4:f9:c2:28:ff:e4:85:9f:a5:89:
         e3:74:04:8a:ea:58:99:7c:34:8f:6d:66:71:d9:24:9e:d4:bc:
         aa:de:7a:9b:56:c2:56:e0:2b:82:e8:87:1f:a0:12:fe:4f:5b:
         79:93:a5:8a:9d:30:7d:f6:7f:90:06:0d:a5:f2:30:9f:ad:59:
         d1:38:3e:a0:8b:54:a7:90:b5:71:41:1b:44:4e:02:f5:b4:ba:
         1e:9c:82:09:ba:07:63:c5:df:9e:c9:50:74:93:af:3b:57:f5:
         26:21:e4:fb:c6:4a:51:53:ef:4c:f3:29:4a:37:1a:ef:17:47:
         2d:ba:cb:be:a3:57:a1:f4:b9:47:c5:c4:a7:25:65:c4:46:26:
         a1:6e:58:27
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUBg9kJFCeiY3N1f9y+00rkHCmMLAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODEzMDAwMDI3WhcNMjUwOTE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AyNjEyZDRlZDI1ZDBhMGZlZTA3ZTY5NDNiN2M2NGVjNjJk
NDA5MjdlYjk3ZTdmZmJlNDljYmZkZjg3ODBkYTczMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCe8thWPhO3IxBfM1oZkV1/eWULc1Fh80b4bCLuAfk7DSAr
paxRXwyLeSvwOPcK0Pz1dYiog6bM6B5niTJGxtJSM0H3k6qI9uF5k9bgLkIaCqlB
JwgDVtJGSzIpdu6lga/4ZX7d9YBGeyHHKy3VO3oW4tC9G0DPnwwdDpeltUvbU3L3
y1wtLudMKyvDyqpLXTQmedIb+jskVwrLLfSoTZ+EM2bgKS2AAWCNUBrfybpbjG9n
M2//4H5i1srTnbN8qgF+Bb7NDjychPpmAALOsNQAkvRh2vDJ48gqq88jpZ4C7W0h
cIz/0Kh7ftaX6J5wKYCeC4PqEHyG3z5uPclpiLBrAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUAgcjrl7MXqpzSmmpbfLQBvTkCo0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2RkYzk2M2UyLTRiOWMtNGVkZS1iYTIzLThhYjg2ZmVmNWVkMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCCsDANBgkqhkiG9w0BAQsFAAOCAQEAL5RYC8WhZBM4mI11/HALgYVw/qaZ
zhRRDMQYP/HX/Zf0zgFU4R2OyDXumGKbbXe2rH83sQIgWWuwgh4gbSxplKXuYzR4
dnGRCIEqxOf4h+0v+hm258LJ+vnirsIBM+03fc3nh+vU/rCL/hTo6hyr2BVmBOj0
+cIo/+SFn6WJ43QEiupYmXw0j21mcdkkntS8qt56m1bCVuArguiHH6AS/k9beZOl
ip0wffZ/kAYNpfIwn61Z0Tg+oItUp5C1cUEbRE4C9bS6HpyCCboHY8XfnslQdJOv
O1f1JiHk+8ZKUVPvTPMpSjca7xdHLbrLvqNXofS5R8XEpyVlxEYmoW5YJw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:01:49 2025 by rpki-client