Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3550ed23-56cb-4039-b3db-d2d82f35e363.roa
File:                     3550ed23-56cb-4039-b3db-d2d82f35e363.roa (raw, json)
Hash identifier:          twcxc9CGNIX1hycQHDOLz0lwkOKegoaPLeLyaM547wE=
Subject key identifier:   83:38:61:E7:F8:8F:67:80:E1:D7:D1:33:17:48:90:94:E6:1C:DF:4B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       616D202A13526BBDA263DFEBCD875B2B1DCCE97F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3550ed23-56cb-4039-b3db-d2d82f35e363.roa
Signing time:             Tue 22 Apr 2025 00:00:30 +0000
ROA not before:           Tue 22 Apr 2025 00:00:30 +0000
ROA not after:            Tue 27 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        15.225.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 28 Apr 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:6d:20:2a:13:52:6b:bd:a2:63:df:eb:cd:87:5b:2b:1d:cc:e9:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 22 00:00:30 2025 GMT
            Not After : May 27 23:59:59 2025 GMT
        Subject: serialNumber=eef2da480f0d2f39a44c34c12d1e82510d7e1c4f5ccfc6e1b38fd4e6a8e59c61, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:a8:0c:a1:4b:02:42:bb:c9:36:42:77:ed:57:
                    78:32:01:43:6c:8a:dd:3a:32:c7:f1:fa:82:4d:c4:
                    ab:28:d4:89:73:27:2d:e7:0d:c0:dd:9b:91:a0:9d:
                    a5:b6:da:c0:d2:50:9f:cd:eb:7e:d5:05:30:bd:d8:
                    3b:12:73:5a:7e:5f:a3:41:3e:af:92:b3:33:9d:b5:
                    09:0d:e1:a2:ad:cb:eb:42:e6:97:69:9a:7c:d0:44:
                    05:02:5a:ac:c6:bb:84:fc:cc:2b:1d:ae:be:e5:e9:
                    4c:8b:85:f8:c1:be:9d:18:63:d0:96:b8:ac:38:2a:
                    36:b8:86:4c:f6:f8:ce:70:48:38:d7:d9:c8:01:08:
                    5e:29:da:e4:93:dc:b1:30:37:ae:5e:76:ec:6e:1a:
                    dc:1d:18:10:95:87:a5:7f:1c:bc:45:be:ff:b6:0d:
                    91:79:7d:f2:04:a8:0f:52:48:05:23:51:b7:e4:7a:
                    c4:7b:3c:17:b6:cf:72:98:1d:f9:d2:bb:ef:a1:9b:
                    ee:cf:3a:b7:ec:86:c0:fa:d7:11:fe:1d:f3:a9:3f:
                    07:5d:55:8a:44:29:5b:02:b9:61:92:0d:9b:52:2e:
                    7d:ac:4c:44:17:54:a7:f7:6e:be:19:75:2c:c5:94:
                    b0:9c:07:64:55:f4:2b:76:7c:30:7e:2a:9b:55:f1:
                    a6:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:38:61:E7:F8:8F:67:80:E1:D7:D1:33:17:48:90:94:E6:1C:DF:4B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3550ed23-56cb-4039-b3db-d2d82f35e363.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.225.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         29:24:db:2a:93:75:b3:02:92:2d:0d:06:57:aa:f8:5c:3c:21:
         d0:7a:37:ff:8b:52:56:cd:e8:a8:49:98:36:74:b2:c5:62:72:
         42:ef:ba:9e:14:f0:7c:0c:db:78:1c:9f:b4:d0:d7:cf:74:46:
         bd:b7:50:43:3f:03:5d:10:a3:c8:71:ed:24:d7:3e:a7:01:79:
         8e:c2:7e:fd:59:23:4e:56:fc:b6:17:0b:da:a4:6f:eb:f3:24:
         73:0c:52:38:47:37:28:61:07:5d:55:b8:e4:69:75:25:5d:1b:
         af:50:ce:f9:cb:8b:51:73:69:71:6a:60:72:8d:2c:db:e0:f1:
         53:e8:99:f9:df:e8:7c:a4:6d:c6:89:e2:e3:45:f4:a0:90:20:
         82:a5:67:42:a0:a3:28:98:7d:7e:e5:4e:84:19:f9:d2:59:d3:
         d1:83:4d:d8:9c:f5:c8:0a:a5:03:d4:eb:85:dd:8d:b1:f6:1b:
         5c:48:d3:95:a1:87:97:a4:ba:e5:4e:ab:f9:3b:83:88:70:1b:
         41:9b:cc:70:b5:aa:09:eb:7b:c2:8f:19:2f:32:f0:90:be:97:
         fc:a0:66:98:58:d0:12:7c:8f:d9:38:01:4d:29:79:ed:86:38:
         a0:28:b7:c0:3d:f8:be:b5:3d:eb:a4:9d:d3:08:c3:e6:ad:35:
         fc:1a:2c:0b
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUYW0gKhNSa72iY9/rzYdbKx3M6X8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDIyMDAwMDMwWhcNMjUwNTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BlZWYyZGE0ODBmMGQyZjM5YTQ0YzM0YzEyZDFlODI1MTBk
N2UxYzRmNWNjZmM2ZTFiMzhmZDRlNmE4ZTU5YzYxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCuqAyhSwJCu8k2QnftV3gyAUNsit06Msfx+oJNxKso1Ilz
Jy3nDcDdm5GgnaW22sDSUJ/N637VBTC92DsSc1p+X6NBPq+SszOdtQkN4aKty+tC
5pdpmnzQRAUCWqzGu4T8zCsdrr7l6UyLhfjBvp0YY9CWuKw4Kja4hkz2+M5wSDjX
2cgBCF4p2uST3LEwN65eduxuGtwdGBCVh6V/HLxFvv+2DZF5ffIEqA9SSAUjUbfk
esR7PBe2z3KYHfnSu++hm+7POrfshsD61xH+HfOpPwddVYpEKVsCuWGSDZtSLn2s
TEQXVKf3br4ZdSzFlLCcB2RV9Ct2fDB+KptV8aalAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUgzhh5/iPZ4Dh19EzF0iQlOYc30swHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM1NTBlZDIzLTU2Y2ItNDAzOS1iM2RiLWQyZDgyZjM1ZTM2My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAP4TANBgkqhkiG9w0BAQsFAAOCAQEAKSTbKpN1swKSLQ0GV6r4XDwh0Ho3
/4tSVs3oqEmYNnSyxWJyQu+6nhTwfAzbeByftNDXz3RGvbdQQz8DXRCjyHHtJNc+
pwF5jsJ+/VkjTlb8thcL2qRv6/MkcwxSOEc3KGEHXVW45Gl1JV0br1DO+cuLUXNp
cWpgco0s2+DxU+iZ+d/ofKRtxoni40X0oJAggqVnQqCjKJh9fuVOhBn50lnT0YNN
2Jz1yAqlA9Trhd2NsfYbXEjTlaGHl6S65U6r+TuDiHAbQZvMcLWqCet7wo8ZLzLw
kL6X/KBmmFjQEnyP2TgBTSl57YY4oCi3wD34vrU966Sd0wjD5q01/BosCw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 20:52:11 2025 by rpki-client