Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6205efa3-adeb-4c79-a841-af02822a7d3f.roa
File:                     6205efa3-adeb-4c79-a841-af02822a7d3f.roa (raw, json)
Hash identifier:          ghJvR4OJwQ3TYEAjT8cn+V7zfnDoC57hKkWQi174hJs=
Subject key identifier:   49:09:DC:A6:69:CD:75:F4:FE:09:9D:04:1B:39:9F:83:A4:A4:89:65
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       57346902CF97393120F72958B4B5D124C5C9FED3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6205efa3-adeb-4c79-a841-af02822a7d3f.roa
Signing time:             Tue 15 Apr 2025 00:20:23 +0000
ROA not before:           Tue 15 Apr 2025 00:20:23 +0000
ROA not after:            Tue 20 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        66.152.0.0/18 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 28 Apr 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:34:69:02:cf:97:39:31:20:f7:29:58:b4:b5:d1:24:c5:c9:fe:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 15 00:20:23 2025 GMT
            Not After : May 20 23:59:59 2025 GMT
        Subject: serialNumber=b3782f2438d92d4d91a2415e84e7b53cc753e5f39d1374ccb8e869072ecd0742, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:44:b2:4c:62:75:12:0f:4b:30:4b:4f:1f:78:
                    6b:cb:a7:f4:5d:c1:cf:07:c8:72:ee:83:25:b3:25:
                    6c:95:e6:a8:a7:5e:79:65:cf:d5:5f:a3:54:ff:16:
                    f8:e2:6a:80:ce:37:38:30:34:e5:f0:c0:bf:02:ac:
                    ed:7e:b4:d9:6b:79:dd:68:e4:e7:21:c2:75:7f:ab:
                    4a:97:01:96:26:8e:a6:03:27:1d:77:51:e2:76:aa:
                    2e:00:e4:a2:92:04:d7:02:f0:b8:77:bd:e5:74:e8:
                    8c:85:cf:ac:43:c7:c5:56:65:dc:b5:c2:d9:87:12:
                    a8:c4:16:20:f1:f3:60:6c:ce:4c:1d:e1:80:03:4f:
                    58:36:22:18:3d:ea:20:9b:3f:01:a6:d2:35:cf:9c:
                    09:f8:06:cc:b9:16:35:27:6e:cc:ae:61:35:92:68:
                    f0:24:b7:78:2c:e9:c2:fe:80:64:14:f9:a6:97:78:
                    f0:cf:21:6e:d6:cb:c2:53:c9:01:bb:f7:bd:aa:c5:
                    97:6a:38:f2:73:95:44:b4:f2:56:bd:47:d5:ce:6d:
                    1e:6f:e8:50:d8:8d:59:af:ab:52:79:19:a0:88:15:
                    46:1b:81:03:5a:2b:8f:84:79:b2:02:4e:bf:f8:96:
                    58:05:34:18:e2:e6:35:1e:41:fc:7e:0d:19:85:a3:
                    5b:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:09:DC:A6:69:CD:75:F4:FE:09:9D:04:1B:39:9F:83:A4:A4:89:65
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6205efa3-adeb-4c79-a841-af02822a7d3f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.152.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         94:11:2b:2e:bc:4a:c1:54:b8:dc:a6:b4:41:37:9f:3c:f5:8b:
         2a:07:5c:62:95:7e:ee:25:31:2a:ce:a7:d2:1a:2a:03:a8:07:
         01:0d:46:a3:5d:22:0b:7c:d0:c0:f6:ed:cd:a4:21:5b:10:a3:
         32:46:20:61:6e:65:77:df:bf:b7:27:f9:61:9a:a8:f0:51:51:
         f0:9f:66:7f:6d:f7:26:a4:da:98:65:13:6c:58:9b:7d:e8:14:
         51:67:8b:ed:cf:09:dd:c4:9a:cd:db:0e:8c:e9:c9:93:2a:4f:
         a1:de:45:9d:0d:a3:49:af:b3:ae:9d:a8:cf:54:63:00:f2:09:
         48:67:8b:32:2f:3e:30:8c:67:2d:7e:2f:c5:4c:09:e7:9c:ad:
         d4:e6:70:7d:d4:d1:a3:99:87:ae:82:b8:5f:66:2d:03:c7:41:
         ef:f3:26:5d:72:86:fd:c8:fd:8a:cd:80:7e:f9:8c:df:3e:61:
         35:ff:46:0d:eb:d7:f2:f2:a1:cb:a6:88:c4:04:18:dc:0e:e1:
         f9:c8:97:61:aa:eb:86:24:d6:56:da:74:7d:06:ba:fe:64:1e:
         b0:69:4a:0e:dc:21:9d:0d:c9:6d:8b:92:45:96:8b:6c:14:83:
         3e:54:56:41:52:29:5e:a7:6d:bd:80:18:10:48:35:78:57:fe:
         b1:77:35:b6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVzRpAs+XOTEg9ylYtLXRJMXJ/tMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDE1MDAyMDIzWhcNMjUwNTIwMjM1OTU5
WjB6MUkwRwYDVQQFE0BiMzc4MmYyNDM4ZDkyZDRkOTFhMjQxNWU4NGU3YjUzY2M3
NTNlNWYzOWQxMzc0Y2NiOGU4NjkwNzJlY2QwNzQyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC5RLJMYnUSD0swS08feGvLp/Rdwc8HyHLugyWzJWyV5qin
Xnllz9Vfo1T/FvjiaoDONzgwNOXwwL8CrO1+tNlred1o5OchwnV/q0qXAZYmjqYD
Jx13UeJ2qi4A5KKSBNcC8Lh3veV06IyFz6xDx8VWZdy1wtmHEqjEFiDx82Bszkwd
4YADT1g2Ihg96iCbPwGm0jXPnAn4Bsy5FjUnbsyuYTWSaPAkt3gs6cL+gGQU+aaX
ePDPIW7Wy8JTyQG7972qxZdqOPJzlUS08la9R9XObR5v6FDYjVmvq1J5GaCIFUYb
gQNaK4+EebICTr/4llgFNBji5jUeQfx+DRmFo1sXAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUSQncpmnNdfT+CZ0EGzmfg6SkiWUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzYyMDVlZmEzLWFkZWItNGM3OS1hODQxLWFmMDI4MjJhN2QzZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZCmAAwDQYJKoZIhvcNAQELBQADggEBAJQRKy68SsFUuNymtEE3nzz1iyoH
XGKVfu4lMSrOp9IaKgOoBwENRqNdIgt80MD27c2kIVsQozJGIGFuZXffv7cn+WGa
qPBRUfCfZn9t9yak2phlE2xYm33oFFFni+3PCd3Ems3bDozpyZMqT6HeRZ0No0mv
s66dqM9UYwDyCUhnizIvPjCMZy1+L8VMCeecrdTmcH3U0aOZh66CuF9mLQPHQe/z
Jl1yhv3I/YrNgH75jN8+YTX/Rg3r1/LyocumiMQEGNwO4fnIl2Gq64Yk1lbadH0G
uv5kHrBpSg7cIZ0NyW2LkkWWi2wUgz5UVkFSKV6nbb2AGBBINXhX/rF3NbY=
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:20:08 2025 by rpki-client