Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0cb0ac6a-ca60-4958-a561-37454c1f561b.roa
File:                     0cb0ac6a-ca60-4958-a561-37454c1f561b.roa (raw, json)
Hash identifier:          Aa9dRcujfp8ytflGR9ZA4X3bToHbDFSd4MG305w824w=
Subject key identifier:   4D:48:F2:17:AB:17:B5:27:4B:DB:13:D0:5A:43:85:81:45:B0:ED:A3
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3E0BC0F626D803C4ABCFC90EA1375949D4B05B8D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0cb0ac6a-ca60-4958-a561-37454c1f561b.roa
Signing time:             Fri 25 Apr 2025 22:37:06 +0000
ROA not before:           Fri 25 Apr 2025 22:37:06 +0000
ROA not after:            Fri 30 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.193.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 27 Apr 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:0b:c0:f6:26:d8:03:c4:ab:cf:c9:0e:a1:37:59:49:d4:b0:5b:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 25 22:37:06 2025 GMT
            Not After : May 30 23:59:59 2025 GMT
        Subject: serialNumber=90f62cdc36b98cd97a92513c52763fff48605a4432893bf8ea944f01672860f4, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:ca:2b:d1:f4:45:69:c6:47:12:97:bb:ef:c8:
                    13:a0:8e:8d:94:7a:d1:5d:0b:a2:23:cb:43:58:e9:
                    49:9f:1a:dd:cb:99:92:17:03:97:e2:a2:d9:f6:69:
                    98:59:3a:b3:b8:df:31:ed:e5:7d:73:7e:eb:63:fb:
                    e5:eb:f3:6d:e7:b8:1a:6c:25:2d:d0:a5:51:27:41:
                    75:dd:71:14:df:63:8a:ba:05:8a:54:25:85:25:9b:
                    bf:e5:21:b1:a6:73:63:97:7d:49:0d:34:14:76:4e:
                    5a:22:60:7e:64:3d:a0:3a:89:1c:5e:04:49:a2:81:
                    f1:9c:4a:04:1c:09:78:c7:16:3e:32:fd:ec:13:c8:
                    13:83:76:12:86:7b:a0:1e:51:99:2e:99:4c:8a:5d:
                    f2:7b:8e:57:6e:55:9c:5d:04:eb:2d:4c:1f:ed:93:
                    e4:ed:29:16:0c:3c:1d:6b:ae:7b:db:4d:87:49:bf:
                    86:57:4b:32:b2:5a:46:9a:21:00:db:39:d9:9f:2d:
                    ed:b6:dc:cb:91:40:c9:1c:59:e7:d6:b5:59:19:99:
                    72:65:5b:c3:3c:e8:09:63:4b:f9:d4:c4:91:6b:34:
                    ef:10:79:3c:7d:e4:8a:7f:69:0c:37:69:42:35:49:
                    fe:b5:2e:7c:b1:21:bc:0a:ae:56:c5:a5:af:ec:0b:
                    74:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:48:F2:17:AB:17:B5:27:4B:DB:13:D0:5A:43:85:81:45:B0:ED:A3
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0cb0ac6a-ca60-4958-a561-37454c1f561b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.193.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         22:31:f0:4f:15:a2:9f:6e:dd:81:9c:f2:9b:86:5b:69:73:80:
         7e:bb:37:11:b8:bd:11:b8:8f:3e:ae:69:f3:3a:89:cd:41:17:
         59:8b:73:95:7c:64:9c:5a:63:09:5b:4b:e0:8d:cf:22:42:cb:
         5a:45:ca:3a:39:44:f1:1f:c6:a8:dc:81:7a:3e:a1:0a:e8:54:
         57:f0:ed:07:5e:83:0d:ec:c0:a7:2f:62:3d:c0:16:fa:0e:8c:
         f8:cd:49:8b:91:34:d4:22:01:9a:83:26:f8:50:ff:09:58:81:
         99:1b:71:86:29:f8:6c:b1:0c:9d:de:29:d5:e6:53:9e:4e:f4:
         0b:18:1f:c2:db:53:e1:71:2a:47:82:28:a8:96:3e:e9:fe:df:
         0f:00:75:fc:11:d3:6f:68:28:f8:25:ca:0c:b7:99:67:5c:37:
         2c:63:bb:7c:d0:c5:49:3c:17:9f:3c:f9:c2:8a:90:25:d2:c4:
         95:bc:4e:43:36:4e:12:94:91:23:26:7e:bd:ff:f1:99:b5:62:
         b2:67:e4:c3:be:c4:35:37:4b:94:d6:c1:10:0a:9f:f7:91:1f:
         9a:87:7b:08:78:ae:7b:0b:ec:4d:c6:53:a3:12:5a:82:fc:0e:
         76:5a:4e:b8:ef:5c:74:59:37:4e:59:76:9a:3e:0a:52:08:59:
         af:d5:23:6a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUPgvA9ibYA8Srz8kOoTdZSdSwW40wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDI1MjIzNzA2WhcNMjUwNTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0A5MGY2MmNkYzM2Yjk4Y2Q5N2E5MjUxM2M1Mjc2M2ZmZjQ4
NjA1YTQ0MzI4OTNiZjhlYTk0NGYwMTY3Mjg2MGY0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCOyivR9EVpxkcSl7vvyBOgjo2UetFdC6Ijy0NY6UmfGt3L
mZIXA5fiotn2aZhZOrO43zHt5X1zfutj++Xr823nuBpsJS3QpVEnQXXdcRTfY4q6
BYpUJYUlm7/lIbGmc2OXfUkNNBR2TloiYH5kPaA6iRxeBEmigfGcSgQcCXjHFj4y
/ewTyBODdhKGe6AeUZkumUyKXfJ7jlduVZxdBOstTB/tk+TtKRYMPB1rrnvbTYdJ
v4ZXSzKyWkaaIQDbOdmfLe223MuRQMkcWefWtVkZmXJlW8M86AljS/nUxJFrNO8Q
eTx95Ip/aQw3aUI1Sf61LnyxIbwKrlbFpa/sC3RNAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUTUjyF6sXtSdL2xPQWkOFgUWw7aMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzBjYjBhYzZhLWNhNjAtNDk1OC1hNTYxLTM3NDU0YzFmNTYxYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4wTANBgkqhkiG9w0BAQsFAAOCAQEAIjHwTxWin27dgZzym4ZbaXOAfrs3
Ebi9EbiPPq5p8zqJzUEXWYtzlXxknFpjCVtL4I3PIkLLWkXKOjlE8R/GqNyBej6h
CuhUV/DtB16DDezApy9iPcAW+g6M+M1Ji5E01CIBmoMm+FD/CViBmRtxhin4bLEM
nd4p1eZTnk70CxgfwttT4XEqR4IoqJY+6f7fDwB1/BHTb2go+CXKDLeZZ1w3LGO7
fNDFSTwXnzz5woqQJdLElbxOQzZOEpSRIyZ+vf/xmbVismfkw77ENTdLlNbBEAqf
95Efmod7CHiuewvsTcZToxJagvwOdlpOuO9cdFk3Tll2mj4KUghZr9Ujag==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:46:38 2025 by rpki-client