Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3c111160-e552-4bd8-8699-d470ac394499.roa
File:                     3c111160-e552-4bd8-8699-d470ac394499.roa (raw, json)
Hash identifier:          3q4zREGlduTeq5DCYY6MOjzBbIUV8tjmMZWWLoJHLDs=
Subject key identifier:   B7:48:4A:83:35:07:13:AA:83:C1:2B:10:E4:61:92:C0:82:E2:D7:1F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       49C57FE053CF88683A2F3B2162E5FD8611D70E8F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3c111160-e552-4bd8-8699-d470ac394499.roa
Signing time:             Tue 18 Mar 2025 00:21:15 +0000
ROA not before:           Tue 18 Mar 2025 00:21:15 +0000
ROA not after:            Tue 22 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        44.216.200.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 06 Apr 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:c5:7f:e0:53:cf:88:68:3a:2f:3b:21:62:e5:fd:86:11:d7:0e:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 18 00:21:15 2025 GMT
            Not After : Apr 22 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:fd:d6:f3:6b:d9:1d:ee:ae:32:35:b9:6e:19:
                    11:f6:1c:02:ca:70:d1:42:6e:cd:b3:7b:a2:ba:00:
                    8c:8c:1c:26:f1:b5:a6:ca:40:f3:56:2c:4b:5d:2b:
                    c4:52:ca:18:03:94:53:b6:47:91:d5:6b:d2:bb:44:
                    e1:cc:8d:45:c9:fe:13:18:88:45:ef:df:89:38:21:
                    be:24:3e:22:4b:9a:b6:26:c9:e2:0f:f8:69:48:22:
                    75:2b:ef:1c:80:c4:8b:f8:04:9d:ee:77:83:0b:96:
                    f0:40:c1:b2:94:58:8f:4d:fc:09:97:0e:58:bf:f6:
                    86:3d:c3:85:31:2c:1e:87:2e:54:d0:a9:2f:ae:37:
                    83:a6:5e:35:e4:ec:60:7d:03:c0:d7:3f:08:e4:0a:
                    7b:09:5f:32:a2:8a:08:9b:a6:83:fa:37:b4:67:d8:
                    a1:8e:9f:96:21:25:40:ae:6b:9b:af:8f:5a:9c:46:
                    75:ed:70:cb:61:34:0f:fd:73:2e:7e:7b:ba:f3:e5:
                    70:87:bd:49:42:56:ec:4f:c0:87:d5:b4:8b:b0:56:
                    b7:93:4b:d3:2a:cb:5e:fe:fb:dd:e9:ef:4c:f9:39:
                    bd:30:0f:83:da:c7:22:bd:60:d5:e0:ec:e5:6c:1b:
                    99:b2:e6:63:57:6a:f6:d4:d1:fc:74:8c:3b:64:47:
                    8d:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:48:4A:83:35:07:13:AA:83:C1:2B:10:E4:61:92:C0:82:E2:D7:1F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3c111160-e552-4bd8-8699-d470ac394499.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  44.216.200.0/22

    Signature Algorithm: sha256WithRSAEncryption
         81:b5:c6:4b:6c:6b:76:32:eb:df:21:cd:0c:e7:e8:16:bd:18:
         88:53:30:75:43:47:c7:c9:ce:5b:27:41:59:62:27:fe:fc:d3:
         16:38:57:28:88:42:c0:0e:79:05:9d:51:fd:c0:33:cd:3a:30:
         0b:bc:e7:5d:2f:a7:b4:6a:78:6c:3e:94:d1:9a:7b:af:2c:84:
         38:f8:d2:74:ca:b0:90:cb:cd:88:ad:27:4b:9c:d9:5f:2f:3d:
         1d:95:b7:6f:08:7c:da:44:b2:9d:94:87:f2:fb:a0:d1:7b:7e:
         ac:02:f5:bd:cc:3f:4a:e7:2b:16:7a:2e:9f:96:1b:42:0b:e4:
         75:4c:e8:df:42:2a:f6:e1:9f:f2:ee:49:e4:42:c4:a6:95:ac:
         9c:89:ac:21:86:6c:a0:74:34:14:34:60:47:34:1e:7b:92:75:
         04:1c:8d:28:87:e8:e5:dc:c7:61:43:2d:f8:80:ec:b7:2e:c4:
         78:25:85:22:3a:b3:e6:c3:28:62:f4:da:1b:6d:87:b7:af:bf:
         ae:2b:6b:f6:97:ee:05:8a:63:f5:01:4c:ca:82:ca:27:9f:cd:
         fe:ae:56:c5:e7:e5:37:cc:d7:40:08:01:30:4c:d0:16:e1:52:
         13:b1:57:05:2b:98:bf:2e:55:d4:9e:07:68:7b:f9:0e:6a:5f:
         17:41:c8:9d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUScV/4FPPiGg6LzshYuX9hhHXDo8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzE4MDAyMTE1WhcNMjUwNDIyMjM1OTU5
WjB6MUkwRwYDVQQFE0BhMWVmMzgzYTE2MjJiMjY2YTJhODVjMmZjMzI3YzhlNmEw
MDY4ZTAwZDIxZmViZDQyMWU5YzI5ZTNkMDFhZGQ0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCi/dbza9kd7q4yNbluGRH2HALKcNFCbs2ze6K6AIyMHCbx
tabKQPNWLEtdK8RSyhgDlFO2R5HVa9K7ROHMjUXJ/hMYiEXv34k4Ib4kPiJLmrYm
yeIP+GlIInUr7xyAxIv4BJ3ud4MLlvBAwbKUWI9N/AmXDli/9oY9w4UxLB6HLlTQ
qS+uN4OmXjXk7GB9A8DXPwjkCnsJXzKiigibpoP6N7Rn2KGOn5YhJUCua5uvj1qc
RnXtcMthNA/9cy5+e7rz5XCHvUlCVuxPwIfVtIuwVreTS9Mqy17++93p70z5Ob0w
D4PaxyK9YNXg7OVsG5my5mNXavbU0fx0jDtkR43rAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUt0hKgzUHE6qDwSsQ5GGSwILi1x8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNjMTExMTYwLWU1NTItNGJkOC04Njk5LWQ0NzBhYzM5NDQ5OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIs2MgwDQYJKoZIhvcNAQELBQADggEBAIG1xktsa3Yy698hzQzn6Ba9GIhT
MHVDR8fJzlsnQVliJ/780xY4VyiIQsAOeQWdUf3AM806MAu8510vp7RqeGw+lNGa
e68shDj40nTKsJDLzYitJ0uc2V8vPR2Vt28IfNpEsp2Uh/L7oNF7fqwC9b3MP0rn
KxZ6Lp+WG0IL5HVM6N9CKvbhn/LuSeRCxKaVrJyJrCGGbKB0NBQ0YEc0HnuSdQQc
jSiH6OXcx2FDLfiA7LcuxHglhSI6s+bDKGL02htth7evv64ra/aX7gWKY/UBTMqC
yiefzf6uVsXn5TfM10AIATBM0BbhUhOxVwUrmL8uVdSeB2h7+Q5qXxdByJ0=
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:45:22 2025 by rpki-client