Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5928830b-bdc0-40c2-82a8-029c15dbefb1.roa
File:                     5928830b-bdc0-40c2-82a8-029c15dbefb1.roa (raw, json)
Hash identifier:          ew4E9nQu/7Y8oCUzuJWEEsPSVaO+yKjztXjmGh9NJRo=
Subject key identifier:   72:D4:80:C5:FC:88:27:0F:D6:E4:1D:63:D5:7F:4E:C1:EC:96:CF:2D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       223EF133A2BCC0B179A4E9B1341A14F702C176DB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5928830b-bdc0-40c2-82a8-029c15dbefb1.roa
Signing time:             Wed 16 Apr 2025 00:10:13 +0000
ROA not before:           Wed 16 Apr 2025 00:10:13 +0000
ROA not after:            Wed 21 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        93.76.128.0/17 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 27 Apr 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:3e:f1:33:a2:bc:c0:b1:79:a4:e9:b1:34:1a:14:f7:02:c1:76:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 16 00:10:13 2025 GMT
            Not After : May 21 23:59:59 2025 GMT
        Subject: serialNumber=204fc480c73d21373fef2151f169bc2a2a460c0bcb5c9de9857c436c5e0123ac, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:f1:88:46:7d:aa:03:37:b4:ba:3a:e3:2b:2c:
                    c4:f0:39:94:b6:64:14:5a:4e:dc:56:88:00:0a:30:
                    79:03:d0:b6:8d:31:24:87:96:e9:17:e9:96:e2:59:
                    de:fd:cb:25:18:69:34:4d:e9:09:4a:89:24:23:74:
                    6f:8b:99:94:8c:8d:a4:d5:d2:45:10:22:2e:39:c9:
                    19:4f:14:f5:65:06:df:87:07:61:e4:b2:5f:7d:b8:
                    3f:06:34:51:36:bf:ca:94:15:27:44:88:6f:84:f5:
                    7b:b7:e1:9b:c2:77:51:8e:b8:47:8c:dc:98:04:ba:
                    d0:b7:30:ea:f2:0f:af:23:5c:37:2c:38:de:c7:5a:
                    e9:b8:81:13:55:10:96:68:49:28:6b:28:21:4f:66:
                    77:f0:09:50:20:d7:9f:be:78:7e:47:eb:f5:be:5e:
                    8d:72:ce:04:a6:43:d9:0a:a9:0e:18:93:bb:05:c3:
                    7c:85:42:fc:76:b7:5f:0f:81:ca:de:fc:bb:5b:c3:
                    ba:1d:79:de:8c:d8:46:a8:35:db:34:c4:ff:a2:55:
                    fa:9b:11:de:ff:f1:a7:db:9c:b0:e6:44:a7:02:c8:
                    71:2d:d2:96:1f:86:3c:c8:e8:6d:86:6d:b1:d6:30:
                    75:40:20:5c:22:b9:8b:58:47:fd:20:a6:50:3c:18:
                    a4:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:D4:80:C5:FC:88:27:0F:D6:E4:1D:63:D5:7F:4E:C1:EC:96:CF:2D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5928830b-bdc0-40c2-82a8-029c15dbefb1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.76.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         0c:b6:05:a5:08:44:59:b0:ca:58:90:82:03:d1:56:6a:76:b3:
         2d:07:69:f4:f8:4c:b3:b3:21:1f:cc:3e:0b:4f:d8:85:77:7d:
         be:8f:02:cc:ff:d8:0e:94:28:7a:e3:d9:43:8d:4a:1f:22:9b:
         c9:35:e0:90:10:01:91:e9:ed:fb:53:08:82:ec:83:de:2c:12:
         82:26:6e:1d:c7:9b:fe:3d:83:ca:77:43:98:09:05:f5:70:b3:
         7f:79:24:eb:4b:8b:a8:c6:c8:17:da:5a:c4:f9:26:a0:0c:9d:
         e8:6a:96:e5:de:71:bc:87:d8:d7:b9:e4:da:ed:fe:69:00:26:
         64:95:b7:d7:95:89:df:b6:21:99:31:43:08:99:80:92:a2:96:
         f3:d4:35:c6:c8:2d:fe:70:fb:78:2d:32:e8:c1:9a:be:8e:b5:
         46:e3:7e:ab:eb:1c:e5:09:75:a6:24:1b:1e:e3:a9:0b:f1:c0:
         6c:02:45:ca:8e:6c:f3:45:98:8d:f0:9a:ae:65:01:8d:18:14:
         07:36:3f:10:03:51:05:ed:c9:88:98:92:db:11:8b:a8:06:10:
         d4:2c:16:44:43:d1:51:5a:1a:33:40:65:f9:f7:d1:fe:0d:31:
         0e:4c:c2:33:63:e5:20:85:78:e9:68:36:79:7c:fb:fd:b9:a8:
         45:e1:7f:ad
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIj7xM6K8wLF5pOmxNBoU9wLBdtswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDE2MDAxMDEzWhcNMjUwNTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0AyMDRmYzQ4MGM3M2QyMTM3M2ZlZjIxNTFmMTY5YmMyYTJh
NDYwYzBiY2I1YzlkZTk4NTdjNDM2YzVlMDEyM2FjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDW8YhGfaoDN7S6OuMrLMTwOZS2ZBRaTtxWiAAKMHkD0LaN
MSSHlukX6ZbiWd79yyUYaTRN6QlKiSQjdG+LmZSMjaTV0kUQIi45yRlPFPVlBt+H
B2Hksl99uD8GNFE2v8qUFSdEiG+E9Xu34ZvCd1GOuEeM3JgEutC3MOryD68jXDcs
ON7HWum4gRNVEJZoSShrKCFPZnfwCVAg15++eH5H6/W+Xo1yzgSmQ9kKqQ4Yk7sF
w3yFQvx2t18Pgcre/Ltbw7oded6M2EaoNds0xP+iVfqbEd7/8afbnLDmRKcCyHEt
0pYfhjzI6G2GbbHWMHVAIFwiuYtYR/0gplA8GKQFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUctSAxfyIJw/W5B1j1X9OweyWzy0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzU5Mjg4MzBiLWJkYzAtNDBjMi04MmE4LTAyOWMxNWRiZWZiMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAddTIAwDQYJKoZIhvcNAQELBQADggEBAAy2BaUIRFmwyliQggPRVmp2sy0H
afT4TLOzIR/MPgtP2IV3fb6PAsz/2A6UKHrj2UONSh8im8k14JAQAZHp7ftTCILs
g94sEoImbh3Hm/49g8p3Q5gJBfVws395JOtLi6jGyBfaWsT5JqAMnehqluXecbyH
2Ne55Nrt/mkAJmSVt9eVid+2IZkxQwiZgJKilvPUNcbILf5w+3gtMujBmr6OtUbj
fqvrHOUJdaYkGx7jqQvxwGwCRcqObPNFmI3wmq5lAY0YFAc2PxADUQXtyYiYktsR
i6gGENQsFkRD0VFaGjNAZfn30f4NMQ5MwjNj5SCFeOloNnl8+/25qEXhf60=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:46:42 2025 by rpki-client