Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4e70e795-db95-4e14-8829-14b3140bf926.roa
File:                     4e70e795-db95-4e14-8829-14b3140bf926.roa (raw, json)
Hash identifier:          /lWJ9CHZ0hi4/4avNGaiPbTydNCFGWUwLo9/BPwt8MM=
Subject key identifier:   07:1C:B6:DF:5D:6F:DE:5F:7D:5F:B0:3C:78:FD:B1:09:3C:8E:B3:92
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       18555879C9B49DF523F20CDC98DC37CD0A6C1383
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4e70e795-db95-4e14-8829-14b3140bf926.roa
Signing time:             Sat 12 Apr 2025 00:11:45 +0000
ROA not before:           Sat 12 Apr 2025 00:11:45 +0000
ROA not after:            Sat 17 May 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        44.215.76.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 27 Apr 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:55:58:79:c9:b4:9d:f5:23:f2:0c:dc:98:dc:37:cd:0a:6c:13:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 12 00:11:45 2025 GMT
            Not After : May 17 23:59:59 2025 GMT
        Subject: serialNumber=338536ab9fd05262cb6d8c9422dab8c71cb4342a865d84142de84a8ad99c2785, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:95:38:9c:2b:b8:2b:6b:d1:61:48:1c:9c:d9:
                    f5:49:63:96:4a:cc:04:a0:30:42:b5:c4:69:fd:86:
                    16:eb:df:ff:b0:58:16:82:0e:c8:be:cf:89:7a:72:
                    a6:9f:78:12:3f:cb:8a:57:7e:a1:2e:ae:46:f6:10:
                    b1:01:d4:0e:0a:e2:64:b1:9a:31:97:e6:f1:84:a0:
                    46:97:c8:f0:04:76:5e:14:2f:0e:d9:9c:51:f4:04:
                    b6:71:96:e3:47:29:1c:8c:e5:34:05:b6:e3:91:d9:
                    cb:78:ff:ed:e3:c2:ef:f5:e8:de:e4:81:06:2c:9b:
                    1d:86:1b:2b:f1:34:4f:0c:67:35:14:df:9b:c7:46:
                    4e:d0:ec:ed:fa:f9:b5:8f:98:b9:9e:cc:a8:cc:b3:
                    68:dc:59:74:61:64:10:2a:20:8b:b4:b5:32:ce:ea:
                    74:a8:ed:3d:db:bc:8e:ca:3d:b4:5e:90:d0:0c:84:
                    1d:05:37:39:ed:d9:be:ab:eb:75:1f:0d:2c:55:87:
                    29:48:32:a4:91:33:12:f7:57:ed:5f:e7:35:f6:53:
                    d1:80:41:70:79:67:de:42:e1:78:49:a2:6c:03:5d:
                    03:83:31:d3:35:02:e1:f3:a8:3f:c1:c2:ee:eb:e8:
                    1c:60:e5:71:65:ed:0f:2f:70:64:71:d5:3e:04:cb:
                    b2:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:1C:B6:DF:5D:6F:DE:5F:7D:5F:B0:3C:78:FD:B1:09:3C:8E:B3:92
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4e70e795-db95-4e14-8829-14b3140bf926.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  44.215.76.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:8e:95:e2:f4:e1:7c:84:7f:01:66:08:2f:c9:64:ae:fc:12:
         0b:19:36:62:67:a1:89:da:bf:b8:16:88:65:67:89:c2:27:3a:
         c6:8f:77:1a:a5:bb:4c:14:d2:00:bb:f8:32:e4:6d:0a:ac:91:
         04:ec:6c:a0:29:d4:f9:93:46:c7:d2:c3:55:c7:18:f8:51:97:
         95:cf:1f:41:0d:3e:80:68:ff:65:c8:cb:2d:64:68:d0:c6:aa:
         20:87:95:e5:8f:90:dc:37:ac:02:14:43:9b:cd:1d:e7:e0:15:
         32:0a:a7:a6:80:36:8c:e1:49:23:89:21:17:f4:b2:30:5b:79:
         1d:89:b9:22:c8:4e:22:30:ab:5f:e8:6c:0f:94:35:b8:b8:fb:
         c8:cf:27:bf:4f:13:e3:74:f4:7b:fb:23:34:75:f4:0d:8e:60:
         a7:34:aa:e3:5f:94:98:37:32:7a:a7:bf:e1:54:68:1b:3c:48:
         d7:f2:c0:f0:03:f4:94:be:1f:16:d2:08:4e:43:a3:a7:7d:ff:
         60:5f:35:c0:b1:5f:1d:fb:8a:d5:8f:80:0f:5b:00:f2:a2:d9:
         eb:f0:6a:d5:40:73:f8:cb:e9:6d:9a:c8:22:b9:e0:d2:e3:49:
         bd:aa:7e:a1:7e:f1:26:be:29:31:da:f6:d1:0b:96:fd:ee:8f:
         ef:a7:96:84
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUGFVYecm0nfUj8gzcmNw3zQpsE4MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDEyMDAxMTQ1WhcNMjUwNTE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AzMzg1MzZhYjlmZDA1MjYyY2I2ZDhjOTQyMmRhYjhjNzFj
YjQzNDJhODY1ZDg0MTQyZGU4NGE4YWQ5OWMyNzg1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvlTicK7gra9FhSByc2fVJY5ZKzASgMEK1xGn9hhbr3/+w
WBaCDsi+z4l6cqafeBI/y4pXfqEurkb2ELEB1A4K4mSxmjGX5vGEoEaXyPAEdl4U
Lw7ZnFH0BLZxluNHKRyM5TQFtuOR2ct4/+3jwu/16N7kgQYsmx2GGyvxNE8MZzUU
35vHRk7Q7O36+bWPmLmezKjMs2jcWXRhZBAqIIu0tTLO6nSo7T3bvI7KPbRekNAM
hB0FNznt2b6r63UfDSxVhylIMqSRMxL3V+1f5zX2U9GAQXB5Z95C4XhJomwDXQOD
MdM1AuHzqD/Bwu7r6Bxg5XFl7Q8vcGRx1T4Ey7KxAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUBxy2311v3l99X7A8eP2xCTyOs5IwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRlNzBlNzk1LWRiOTUtNGUxNC04ODI5LTE0YjMxNDBiZjkyNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAs10wwDQYJKoZIhvcNAQELBQADggEBAASOleL04XyEfwFmCC/JZK78EgsZ
NmJnoYnav7gWiGVnicInOsaPdxqlu0wU0gC7+DLkbQqskQTsbKAp1PmTRsfSw1XH
GPhRl5XPH0ENPoBo/2XIyy1kaNDGqiCHleWPkNw3rAIUQ5vNHefgFTIKp6aANozh
SSOJIRf0sjBbeR2JuSLITiIwq1/obA+UNbi4+8jPJ79PE+N09Hv7IzR19A2OYKc0
quNflJg3Mnqnv+FUaBs8SNfywPAD9JS+HxbSCE5Do6d9/2BfNcCxXx37itWPgA9b
APKi2evwatVAc/jL6W2ayCK54NLjSb2qfqF+8Sa+KTHa9tELlv3uj++nloQ=
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:30:34 2025 by rpki-client