Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c425c799-15f2-4001-afeb-0ec060306310.roa
File:                     c425c799-15f2-4001-afeb-0ec060306310.roa (raw, json)
Hash identifier:          I3aYhFjLovBHIT4PJcoB+5DeZ+FSDuR+wirfb1vnNgA=
Subject key identifier:   AF:A1:6F:F9:66:39:77:A5:86:A3:98:6F:7C:6C:23:24:15:78:74:75
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       46857DE3B77B11926658C3180F6D36E00B402C5C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c425c799-15f2-4001-afeb-0ec060306310.roa
Signing time:             Tue 22 Apr 2025 17:40:14 +0000
ROA not before:           Tue 22 Apr 2025 17:40:14 +0000
ROA not after:            Tue 27 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        85.150.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 27 Apr 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:85:7d:e3:b7:7b:11:92:66:58:c3:18:0f:6d:36:e0:0b:40:2c:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 22 17:40:14 2025 GMT
            Not After : May 27 23:59:59 2025 GMT
        Subject: serialNumber=db7f0a31dd97e899a832e90ab5ab247aac850fe3fe5b27f48457b30312d2d858, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:7f:3d:7a:9f:4e:90:39:a6:2f:11:5c:18:fb:
                    47:82:39:22:94:13:98:e8:00:f8:1b:4d:b1:ff:fb:
                    d6:26:bf:3a:0e:22:82:d2:e6:19:c8:a1:3a:f3:39:
                    6f:5f:f6:3b:02:aa:99:6a:3c:71:21:11:c1:ca:40:
                    e1:95:1f:1c:44:6b:d4:90:5a:4c:e3:ca:69:7e:1c:
                    91:19:8d:4c:08:22:8d:dc:ca:c5:81:0f:0b:16:43:
                    d6:5d:06:25:81:f1:47:16:37:cc:ca:56:5b:34:0c:
                    43:5b:fc:74:14:76:59:a6:cc:0a:8e:fd:2c:87:81:
                    75:0e:80:e8:a3:e1:fb:97:4a:32:53:ea:e1:2f:9f:
                    3d:f7:43:fc:18:73:9d:0a:fc:80:e5:59:4b:aa:f9:
                    7f:56:49:e4:b3:84:3f:64:0e:a9:4b:16:f2:dc:03:
                    1b:f8:42:d3:47:76:cb:12:3c:40:89:06:fc:1e:0a:
                    43:6d:d9:d9:35:92:17:e3:96:32:a1:6d:e8:00:30:
                    e4:e3:34:80:82:5b:0e:9c:3e:48:34:b9:a5:d9:05:
                    f5:a6:b9:8a:30:4e:ad:45:93:e8:ad:3b:2c:77:e7:
                    b9:58:b0:12:23:b6:20:0d:f6:e2:e6:ed:82:e8:2b:
                    88:16:1f:f1:68:39:81:2f:06:ac:f3:00:16:2e:9e:
                    f1:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:A1:6F:F9:66:39:77:A5:86:A3:98:6F:7C:6C:23:24:15:78:74:75
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c425c799-15f2-4001-afeb-0ec060306310.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.150.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         1b:cc:d2:a7:aa:d0:5b:14:93:e3:e2:65:75:bd:48:11:bd:23:
         98:16:90:1b:86:e2:45:f5:34:ec:ec:76:11:6e:dc:20:df:4c:
         f2:42:a3:98:a4:2f:cc:93:51:dd:7e:e1:a7:73:2a:5c:9a:09:
         8c:b9:b9:fb:1d:ad:2c:19:f5:1a:8f:dd:67:cb:42:6a:fb:ee:
         4f:9a:c3:e6:a3:fd:b8:7b:3d:ed:bd:86:a7:50:31:98:79:3b:
         05:79:c4:5d:21:c2:9b:5c:bd:c6:46:f2:12:0f:3d:4f:52:b1:
         fb:1b:95:45:f8:b0:59:f4:e4:b2:88:14:b1:fc:f6:43:29:83:
         d8:a0:52:e9:69:e9:2d:0b:a4:51:cf:e8:da:91:88:05:af:83:
         b4:dd:92:32:0b:00:da:17:de:fb:af:d9:d9:2d:f5:4b:7b:4b:
         30:74:49:2a:3d:5e:0e:91:5d:a9:3b:2f:d2:3d:f9:5f:93:a0:
         8d:2a:ba:ed:29:0f:38:1b:6f:7e:3c:e2:6d:6d:9b:0a:66:8c:
         b4:b8:3d:dc:3c:44:39:6b:fc:cf:ef:7c:78:10:bb:86:6e:c3:
         5f:22:a7:e5:38:fc:b6:26:50:30:52:99:3d:63:8d:e2:a9:80:
         c8:82:10:00:14:70:6c:e1:96:6c:b7:71:8d:ed:a2:a9:e7:4a:
         15:f6:5f:4e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIURoV947d7EZJmWMMYD2024AtALFwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDIyMTc0MDE0WhcNMjUwNTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BkYjdmMGEzMWRkOTdlODk5YTgzMmU5MGFiNWFiMjQ3YWFj
ODUwZmUzZmU1YjI3ZjQ4NDU3YjMwMzEyZDJkODU4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQClfz16n06QOaYvEVwY+0eCOSKUE5joAPgbTbH/+9YmvzoO
IoLS5hnIoTrzOW9f9jsCqplqPHEhEcHKQOGVHxxEa9SQWkzjyml+HJEZjUwIIo3c
ysWBDwsWQ9ZdBiWB8UcWN8zKVls0DENb/HQUdlmmzAqO/SyHgXUOgOij4fuXSjJT
6uEvnz33Q/wYc50K/IDlWUuq+X9WSeSzhD9kDqlLFvLcAxv4QtNHdssSPECJBvwe
CkNt2dk1khfjljKhbegAMOTjNICCWw6cPkg0uaXZBfWmuYowTq1Fk+itOyx357lY
sBIjtiAN9uLm7YLoK4gWH/FoOYEvBqzzABYunvHvAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUr6Fv+WY5d6WGo5hvfGwjJBV4dHUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M0MjVjNzk5LTE1ZjItNDAwMS1hZmViLTBlYzA2MDMwNjMxMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBVljANBgkqhkiG9w0BAQsFAAOCAQEAG8zSp6rQWxST4+Jldb1IEb0jmBaQ
G4biRfU07Ox2EW7cIN9M8kKjmKQvzJNR3X7hp3MqXJoJjLm5+x2tLBn1Go/dZ8tC
avvuT5rD5qP9uHs97b2Gp1AxmHk7BXnEXSHCm1y9xkbyEg89T1Kx+xuVRfiwWfTk
sogUsfz2QymD2KBS6WnpLQukUc/o2pGIBa+DtN2SMgsA2hfe+6/Z2S31S3tLMHRJ
Kj1eDpFdqTsv0j35X5OgjSq67SkPOBtvfjzibW2bCmaMtLg93DxEOWv8z+98eBC7
hm7DXyKn5Tj8tiZQMFKZPWON4qmAyIIQABRwbOGWbLdxje2iqedKFfZfTg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:54:33 2025 by rpki-client