Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c0f72a14-71a9-47a1-ad9c-1f9129079bfb.roa
File:                     c0f72a14-71a9-47a1-ad9c-1f9129079bfb.roa (raw, json)
Hash identifier:          blhMtHspxRxb3DuHdoBcU/5UWkuj+TP4Uum0/dvlkHw=
Subject key identifier:   2F:C2:32:F2:A7:1D:E6:0D:5D:86:E6:C6:49:4C:58:47:80:B1:02:E3
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6F85E419EEA93AF0A4C6C0294309DF375D0E7E43
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c0f72a14-71a9-47a1-ad9c-1f9129079bfb.roa
Signing time:             Sat 12 Apr 2025 00:50:18 +0000
ROA not before:           Sat 12 Apr 2025 00:50:18 +0000
ROA not after:            Sat 17 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.89.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 27 Apr 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6f:85:e4:19:ee:a9:3a:f0:a4:c6:c0:29:43:09:df:37:5d:0e:7e:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 12 00:50:18 2025 GMT
            Not After : May 17 23:59:59 2025 GMT
        Subject: serialNumber=9d9211612a9a9d8341d81da513beeb16defd34d6c19fab99e6f5263447d76d35, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:33:3c:d0:c8:fe:75:63:2f:b0:77:cb:6d:ad:
                    32:09:ea:83:31:e4:30:1d:e3:66:2f:8d:5b:1d:f4:
                    e5:3e:5d:8c:30:82:34:f7:e5:b2:bd:81:2f:b2:05:
                    66:d0:83:45:41:1f:11:a7:d6:2b:2f:35:2a:e8:1e:
                    fa:85:00:df:30:aa:86:b4:49:bb:7b:ff:24:54:67:
                    d5:04:bc:f4:79:89:50:f1:13:3c:93:d8:14:b7:8a:
                    34:c2:77:80:94:b7:3f:4e:8d:f4:4d:84:a9:ed:e5:
                    61:03:3e:7e:83:04:71:ee:68:cd:d3:39:df:32:ca:
                    6c:57:71:38:fe:53:c5:ca:38:10:e6:1a:57:f8:d5:
                    5f:81:09:fc:7a:3f:ad:52:72:ac:00:d6:69:78:a0:
                    28:03:5a:af:f0:bd:1e:d6:da:bc:c7:6b:a4:9d:3f:
                    6c:2c:60:90:12:91:81:a9:d2:f5:7f:fd:eb:47:8a:
                    a0:4b:94:1b:0f:f3:12:28:78:2b:07:bc:2b:9a:26:
                    f9:7f:57:f2:43:45:75:1f:96:9b:76:dc:bf:64:80:
                    81:21:03:d2:25:c1:f7:0f:b6:34:b7:af:21:bd:4f:
                    10:51:dc:74:48:01:c7:6f:94:4a:9f:48:26:d5:ad:
                    05:ab:8c:d4:ee:21:b8:d7:55:eb:74:bf:41:38:7b:
                    d4:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:C2:32:F2:A7:1D:E6:0D:5D:86:E6:C6:49:4C:58:47:80:B1:02:E3
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c0f72a14-71a9-47a1-ad9c-1f9129079bfb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.89.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         b0:d4:89:75:4e:71:28:ae:bd:23:3f:16:7a:ce:e8:f7:92:93:
         b4:4c:53:49:c6:81:ff:40:5b:ae:95:12:98:4a:d6:53:54:ee:
         51:31:e3:b2:43:f7:dd:a4:b1:1d:02:44:bf:b8:f9:95:21:fd:
         b0:0b:38:7a:6c:e5:51:15:4c:a3:0a:5e:6c:a5:48:b8:3d:df:
         80:de:d6:01:9a:8e:b7:6f:88:2d:88:99:5a:03:59:ca:74:b1:
         0a:80:3b:fe:40:29:02:ef:6f:f0:cd:b4:d7:18:58:7f:c8:3d:
         35:e4:ff:ec:3d:1d:78:3f:73:4e:3d:20:ac:c0:4c:5a:0a:3b:
         33:2f:cb:d9:6c:99:6d:9a:ed:e6:8e:b4:61:03:d2:f9:cf:d9:
         cc:8b:cc:dd:53:61:e1:ff:02:74:10:ac:a6:b3:ea:f1:d8:46:
         52:fc:d6:61:10:6f:a7:2f:70:e7:87:e3:d3:f7:3d:69:d9:73:
         5f:98:44:bc:49:b8:7f:c8:69:66:cb:e2:ac:67:0b:82:e8:6b:
         6f:aa:7f:8c:8d:b6:0c:65:6f:c7:1e:de:f1:e4:fd:99:93:36:
         9f:5f:3f:92:ec:5e:07:5a:be:aa:94:f1:4e:06:3a:a0:0e:95:
         9c:cd:b3:12:c8:72:88:a3:34:87:df:dc:cf:2f:29:2f:64:c6:
         40:aa:66:3a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUb4XkGe6pOvCkxsApQwnfN10OfkMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDEyMDA1MDE4WhcNMjUwNTE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZDkyMTE2MTJhOWE5ZDgzNDFkODFkYTUxM2JlZWIxNmRl
ZmQzNGQ2YzE5ZmFiOTllNmY1MjYzNDQ3ZDc2ZDM1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCWMzzQyP51Yy+wd8ttrTIJ6oMx5DAd42YvjVsd9OU+XYww
gjT35bK9gS+yBWbQg0VBHxGn1isvNSroHvqFAN8wqoa0Sbt7/yRUZ9UEvPR5iVDx
EzyT2BS3ijTCd4CUtz9OjfRNhKnt5WEDPn6DBHHuaM3TOd8yymxXcTj+U8XKOBDm
Glf41V+BCfx6P61ScqwA1ml4oCgDWq/wvR7W2rzHa6SdP2wsYJASkYGp0vV//etH
iqBLlBsP8xIoeCsHvCuaJvl/V/JDRXUflpt23L9kgIEhA9IlwfcPtjS3ryG9TxBR
3HRIAcdvlEqfSCbVrQWrjNTuIbjXVet0v0E4e9TNAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUL8Iy8qcd5g1dhubGSUxYR4CxAuMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2MwZjcyYTE0LTcxYTktNDdhMS1hZDljLTFmOTEyOTA3OWJmYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4WTANBgkqhkiG9w0BAQsFAAOCAQEAsNSJdU5xKK69Iz8Wes7o95KTtExT
ScaB/0BbrpUSmErWU1TuUTHjskP33aSxHQJEv7j5lSH9sAs4emzlURVMowpebKVI
uD3fgN7WAZqOt2+ILYiZWgNZynSxCoA7/kApAu9v8M201xhYf8g9NeT/7D0deD9z
Tj0grMBMWgo7My/L2WyZbZrt5o60YQPS+c/ZzIvM3VNh4f8CdBCsprPq8dhGUvzW
YRBvpy9w54fj0/c9adlzX5hEvEm4f8hpZsvirGcLguhrb6p/jI22DGVvxx7e8eT9
mZM2n18/kuxeB1q+qpTxTgY6oA6VnM2zEshyiKM0h9/czy8pL2TGQKpmOg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:01:02 2025 by rpki-client