Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c519af15-33bf-4884-a6c5-459c9023ad53.roa
File:                     c519af15-33bf-4884-a6c5-459c9023ad53.roa (raw, json)
Hash identifier:          N5IUDbxFbsOYMwHEyED/udP4fzVMTkqLz62DoxQt2X0=
Subject key identifier:   34:88:30:BD:38:8C:26:53:B8:23:19:22:70:4E:C0:6E:61:C7:A7:76
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       49105707ACC2DFF2DD0377D466DACB7C9D1799BB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c519af15-33bf-4884-a6c5-459c9023ad53.roa
Signing time:             Mon 07 Apr 2025 15:21:06 +0000
ROA not before:           Mon 07 Apr 2025 15:21:06 +0000
ROA not after:            Mon 12 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        199.61.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 27 Apr 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:10:57:07:ac:c2:df:f2:dd:03:77:d4:66:da:cb:7c:9d:17:99:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr  7 15:21:06 2025 GMT
            Not After : May 12 23:59:59 2025 GMT
        Subject: serialNumber=13f4a29d7a0b3358b4eaca431997e12078f9bde1cdea63f9851d55673103db18, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:ad:c8:32:67:80:db:89:3e:70:8d:ef:42:a5:
                    9f:5a:67:fc:4b:4d:19:60:c6:b9:12:20:57:9d:ee:
                    d8:8d:63:ca:84:cc:31:36:f3:29:90:ab:e4:1d:81:
                    8d:2d:10:1a:d2:82:2a:6d:cf:a8:ec:ef:3b:0e:c6:
                    f4:46:88:55:2a:a1:df:76:b9:d5:24:47:9e:64:73:
                    04:63:c1:c6:a2:6c:ea:df:cd:6e:49:65:cf:79:45:
                    35:25:a0:bd:6b:59:b4:4c:88:e6:6d:35:11:52:ca:
                    07:a5:6e:9f:d0:7d:48:e6:c0:f4:4d:c6:39:46:3c:
                    cb:be:99:57:21:33:3f:ab:5b:a5:a9:05:eb:47:5d:
                    eb:18:25:32:53:86:03:b6:d8:96:4a:22:42:ee:af:
                    87:74:30:5a:3d:3e:29:84:11:af:7d:2e:13:34:93:
                    db:94:29:4a:14:9a:16:3e:84:3a:c6:36:f3:24:04:
                    8b:6c:e4:54:bc:14:e4:28:5a:11:f0:63:55:0d:9b:
                    a4:18:6f:e7:e8:c1:39:2a:b5:21:58:21:13:e4:13:
                    6b:d7:2d:94:60:e5:db:58:50:33:b5:ca:4e:d2:f3:
                    24:65:68:42:ce:ff:77:03:a0:a1:fa:c4:d7:51:1f:
                    f4:69:d1:02:72:fd:f7:b8:65:55:25:b6:12:f0:ee:
                    ec:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:88:30:BD:38:8C:26:53:B8:23:19:22:70:4E:C0:6E:61:C7:A7:76
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c519af15-33bf-4884-a6c5-459c9023ad53.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.61.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         b8:e1:56:36:b3:44:4c:28:d7:f1:98:a9:ad:75:90:40:65:d9:
         ec:b0:57:e2:c7:5d:29:a5:25:e1:6a:99:ab:cd:0e:f7:75:70:
         d6:86:8e:1d:00:e3:38:81:83:6d:a5:25:0d:54:0c:e9:d8:37:
         ac:4e:1d:ab:fb:a0:6b:8e:91:b5:3e:40:f3:06:86:c6:8b:cb:
         fb:30:71:aa:5b:1f:67:f2:91:11:3d:d9:ec:b2:a3:0a:13:43:
         81:0c:63:ff:94:18:4c:68:4d:d6:0f:db:a2:a0:4f:d4:a7:64:
         69:4f:94:ca:51:0c:bf:31:5f:c3:3e:a7:17:8e:01:65:8a:9b:
         1f:e5:9d:c0:77:f4:33:1b:0e:ed:14:e8:30:14:9e:90:50:18:
         2e:7b:f1:2f:e6:2d:9a:fb:e7:87:4e:62:f6:ca:cc:ad:40:c6:
         1d:92:01:3c:24:60:48:02:13:94:f1:3a:b9:e0:c5:63:70:96:
         59:30:28:ad:44:0d:9e:f8:ea:96:61:f8:ce:48:9e:7d:74:18:
         83:73:47:20:49:03:49:3b:f3:51:f9:fb:d9:ee:7a:88:ea:ed:
         53:68:71:e8:e9:9d:c5:f1:51:dc:9f:e3:d5:6c:da:1a:05:0c:
         93:14:4e:34:1d:3e:e2:12:ec:fa:27:91:62:d0:ea:41:ba:2a:
         b8:f9:1d:b1
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUSRBXB6zC3/LdA3fUZtrLfJ0XmbswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDA3MTUyMTA2WhcNMjUwNTEyMjM1OTU5
WjB6MUkwRwYDVQQFE0AxM2Y0YTI5ZDdhMGIzMzU4YjRlYWNhNDMxOTk3ZTEyMDc4
ZjliZGUxY2RlYTYzZjk4NTFkNTU2NzMxMDNkYjE4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzrcgyZ4DbiT5wje9CpZ9aZ/xLTRlgxrkSIFed7tiNY8qE
zDE28ymQq+QdgY0tEBrSgiptz6js7zsOxvRGiFUqod92udUkR55kcwRjwcaibOrf
zW5JZc95RTUloL1rWbRMiOZtNRFSygelbp/QfUjmwPRNxjlGPMu+mVchMz+rW6Wp
BetHXesYJTJThgO22JZKIkLur4d0MFo9PimEEa99LhM0k9uUKUoUmhY+hDrGNvMk
BIts5FS8FOQoWhHwY1UNm6QYb+fowTkqtSFYIRPkE2vXLZRg5dtYUDO1yk7S8yRl
aELO/3cDoKH6xNdRH/Rp0QJy/fe4ZVUlthLw7uz5AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUNIgwvTiMJlO4IxkicE7AbmHHp3YwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M1MTlhZjE1LTMzYmYtNDg4NC1hNmM1LTQ1OWM5MDIzYWQ1My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwDHPTANBgkqhkiG9w0BAQsFAAOCAQEAuOFWNrNETCjX8ZiprXWQQGXZ7LBX
4sddKaUl4WqZq80O93Vw1oaOHQDjOIGDbaUlDVQM6dg3rE4dq/uga46RtT5A8waG
xovL+zBxqlsfZ/KRET3Z7LKjChNDgQxj/5QYTGhN1g/boqBP1KdkaU+UylEMvzFf
wz6nF44BZYqbH+WdwHf0MxsO7RToMBSekFAYLnvxL+Ytmvvnh05i9srMrUDGHZIB
PCRgSAITlPE6ueDFY3CWWTAorUQNnvjqlmH4zkiefXQYg3NHIEkDSTvzUfn72e56
iOrtU2hx6OmdxfFR3J/j1WzaGgUMkxRONB0+4hLs+ieRYtDqQboquPkdsQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:55:34 2025 by rpki-client