Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cb48584d-19e8-48c5-bd15-8a33b9dc6d49.roa
File:                     cb48584d-19e8-48c5-bd15-8a33b9dc6d49.roa (raw, json)
Hash identifier:          OMfdc0qiKLL7fD2T1pvyDO7v1NQgBP8snXHrBPrUTjE=
Subject key identifier:   28:87:69:8C:F2:6F:7C:96:8C:B3:B9:99:DB:92:E6:BE:A1:4B:0B:33
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       71A6180AFD21C9C8FB964C9F0EE9ECF6792FDDF3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cb48584d-19e8-48c5-bd15-8a33b9dc6d49.roa
Signing time:             Fri 25 Apr 2025 15:00:14 +0000
ROA not before:           Fri 25 Apr 2025 15:00:14 +0000
ROA not after:            Fri 30 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.73.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 27 Apr 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:a6:18:0a:fd:21:c9:c8:fb:96:4c:9f:0e:e9:ec:f6:79:2f:dd:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 25 15:00:14 2025 GMT
            Not After : May 30 23:59:59 2025 GMT
        Subject: serialNumber=6d4b2e830deca5ffe85a3088f6f0e25f6ed5f991aad0beda5729d9d632de4eca, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:cf:e1:7e:c1:69:29:98:d5:80:67:41:be:d8:
                    d0:2e:58:a5:7e:d3:41:eb:11:00:f6:6d:c1:3e:59:
                    65:e4:cd:21:bb:29:32:b7:87:45:6f:e1:98:38:5f:
                    3b:a5:28:dc:f4:32:83:cc:00:8a:74:52:6b:53:f5:
                    98:c3:c6:c8:be:fc:de:3c:4c:d2:09:7e:2e:a2:dd:
                    10:8b:72:b1:03:d6:38:a8:03:08:a9:47:d1:0e:39:
                    f3:5a:b6:59:4a:0d:4b:95:a7:7f:f9:15:fa:10:7e:
                    b7:8e:95:3c:38:dc:13:6a:b5:df:b6:28:6a:75:71:
                    28:24:7c:ef:77:f6:3d:f0:eb:88:0c:04:ec:9e:08:
                    f8:9f:d7:3b:bc:29:68:4c:11:8e:68:af:a7:50:f7:
                    79:d7:7c:a4:c6:08:cb:30:bf:9e:f8:55:d1:b7:1e:
                    92:4f:46:8f:1c:16:26:51:74:1f:15:59:38:86:ce:
                    62:7f:b8:99:6d:ff:55:80:c0:19:31:21:2f:a1:c9:
                    1e:10:58:51:0e:be:91:27:68:fc:1e:09:12:cb:81:
                    68:c0:85:6f:09:28:cb:45:15:dd:67:13:78:5c:a5:
                    e5:d1:18:13:2a:d6:82:04:23:af:53:0e:20:fe:2e:
                    31:86:3d:e8:97:52:fe:99:e4:b3:04:59:1f:96:ef:
                    56:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:87:69:8C:F2:6F:7C:96:8C:B3:B9:99:DB:92:E6:BE:A1:4B:0B:33
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cb48584d-19e8-48c5-bd15-8a33b9dc6d49.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.73.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         5b:50:e7:2b:11:a1:bd:7f:39:e2:c2:1d:2c:f6:71:fd:61:c3:
         25:27:14:ac:7e:cb:d2:9a:38:34:65:2b:f5:65:a1:73:40:6f:
         c1:f2:d1:08:e9:0b:3a:45:4c:7e:a1:e9:60:b4:a2:8a:a3:5c:
         2b:d0:23:07:23:b2:17:2d:3b:bc:f7:19:68:7b:b5:b0:18:11:
         59:fe:69:f2:2e:49:25:2b:c3:82:51:02:8f:ad:ec:13:df:75:
         81:14:89:1c:1c:81:3f:e6:d5:cc:f4:5b:68:b5:5d:bd:73:1f:
         07:6c:9a:7b:a6:61:f7:93:6a:5c:fb:01:1f:fd:17:9a:ee:5d:
         09:81:6e:8e:c3:16:c9:37:be:79:ed:99:23:0e:93:88:55:7b:
         aa:31:81:9e:c4:56:fc:60:e4:6c:77:bc:50:bb:30:13:54:a6:
         6c:15:40:83:6f:a3:f3:f7:88:76:f0:b4:74:df:11:2b:9b:4f:
         ac:e3:c0:2d:5a:cf:9d:48:a7:04:33:f1:6b:6b:15:6c:0d:4d:
         c3:60:43:f4:8c:ac:4e:d4:be:f4:b9:50:dc:1c:8e:7d:06:fa:
         84:57:b1:db:47:64:a7:f7:f7:0e:ae:45:2c:e2:fd:f2:45:6d:
         34:f4:15:69:df:b6:80:4d:93:d4:30:fa:ac:a9:6f:57:b1:3a:
         51:36:91:18
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUcaYYCv0hycj7lkyfDuns9nkv3fMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDI1MTUwMDE0WhcNMjUwNTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0A2ZDRiMmU4MzBkZWNhNWZmZTg1YTMwODhmNmYwZTI1ZjZl
ZDVmOTkxYWFkMGJlZGE1NzI5ZDlkNjMyZGU0ZWNhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3z+F+wWkpmNWAZ0G+2NAuWKV+00HrEQD2bcE+WWXkzSG7
KTK3h0Vv4Zg4XzulKNz0MoPMAIp0UmtT9ZjDxsi+/N48TNIJfi6i3RCLcrED1jio
AwipR9EOOfNatllKDUuVp3/5FfoQfreOlTw43BNqtd+2KGp1cSgkfO939j3w64gM
BOyeCPif1zu8KWhMEY5or6dQ93nXfKTGCMswv574VdG3HpJPRo8cFiZRdB8VWTiG
zmJ/uJlt/1WAwBkxIS+hyR4QWFEOvpEnaPweCRLLgWjAhW8JKMtFFd1nE3hcpeXR
GBMq1oIEI69TDiD+LjGGPeiXUv6Z5LMEWR+W71aBAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUKIdpjPJvfJaMs7mZ25LmvqFLCzMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NiNDg1ODRkLTE5ZTgtNDhjNS1iZDE1LThhMzNiOWRjNmQ0OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4STANBgkqhkiG9w0BAQsFAAOCAQEAW1DnKxGhvX854sIdLPZx/WHDJScU
rH7L0po4NGUr9WWhc0BvwfLRCOkLOkVMfqHpYLSiiqNcK9AjByOyFy07vPcZaHu1
sBgRWf5p8i5JJSvDglECj63sE991gRSJHByBP+bVzPRbaLVdvXMfB2yae6Zh95Nq
XPsBH/0Xmu5dCYFujsMWyTe+ee2ZIw6TiFV7qjGBnsRW/GDkbHe8ULswE1SmbBVA
g2+j8/eIdvC0dN8RK5tPrOPALVrPnUinBDPxa2sVbA1Nw2BD9IysTtS+9LlQ3ByO
fQb6hFex20dkp/f3Dq5FLOL98kVtNPQVad+2gE2T1DD6rKlvV7E6UTaRGA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:53:50 2025 by rpki-client