Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ba15b0da-3dcf-4a78-bae0-49536265a0a0.roa
File:                     ba15b0da-3dcf-4a78-bae0-49536265a0a0.roa (raw, json)
Hash identifier:          Pa+M6L5elT+9d2SCT6S6i7u+zE4qul3b+l6OW2JtHBU=
Subject key identifier:   47:2D:B1:A0:9F:15:D6:A5:8A:06:FB:AD:4F:C6:95:18:5A:66:EB:9D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2EDCFEE4E66EE0324216184ABEDD68869AE7D7CB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ba15b0da-3dcf-4a78-bae0-49536265a0a0.roa
Signing time:             Wed 19 Mar 2025 00:00:22 +0000
ROA not before:           Wed 19 Mar 2025 00:00:22 +0000
ROA not after:            Wed 23 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        136.18.138.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 06 Apr 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:dc:fe:e4:e6:6e:e0:32:42:16:18:4a:be:dd:68:86:9a:e7:d7:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:22 2025 GMT
            Not After : Apr 23 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:37:ce:6e:e5:e6:bd:4d:4b:43:62:80:15:fb:
                    1a:e6:ac:cc:ab:80:b8:97:1e:2b:4a:1d:be:07:15:
                    60:09:35:6c:cc:30:aa:4c:21:4b:67:1b:64:c4:67:
                    0c:dc:72:79:33:be:ce:89:26:fa:1b:11:94:95:79:
                    6d:bb:09:74:24:13:71:c5:4f:1a:74:cd:55:a8:66:
                    85:78:e6:35:56:da:67:2a:b3:2e:c8:e2:35:cb:f9:
                    be:4a:06:02:f8:9c:c0:3a:e8:78:54:5e:9e:57:b2:
                    4b:45:98:24:f5:84:96:5d:92:eb:e5:0b:2a:cb:2d:
                    e1:f2:88:e7:15:bf:06:a7:58:c5:d7:81:2b:35:26:
                    7a:e1:e2:9e:41:33:01:5d:fe:7b:59:ae:87:b0:5c:
                    b0:bc:fc:62:05:4b:87:88:5a:b4:f1:b7:22:fc:85:
                    b9:3f:64:47:d8:67:1e:da:f1:2b:f1:a6:41:e6:41:
                    6b:3c:6d:a5:4d:60:4d:65:88:09:09:7c:51:a9:f5:
                    06:5d:97:f4:04:c7:28:27:dd:c6:a1:f1:79:b7:62:
                    79:3b:c8:a4:f4:28:5c:92:33:d5:81:65:ef:60:fb:
                    4f:b1:0d:7f:46:b5:0c:ac:36:e0:96:4b:54:d7:fb:
                    4f:ee:65:a6:45:7b:69:8c:00:9f:46:11:69:83:aa:
                    2c:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:2D:B1:A0:9F:15:D6:A5:8A:06:FB:AD:4F:C6:95:18:5A:66:EB:9D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ba15b0da-3dcf-4a78-bae0-49536265a0a0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  136.18.138.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:fd:e3:97:b5:3f:40:c9:4f:f7:e4:68:be:cb:5f:71:e1:76:
         9f:06:15:7d:78:d1:ef:a1:a8:a1:e6:bd:03:b8:12:4e:39:d5:
         e3:9f:22:d9:dd:b5:f7:30:8e:5f:79:eb:61:38:ca:10:17:2f:
         86:54:26:0e:3e:33:69:31:07:e5:b8:67:51:d7:80:fd:16:e7:
         14:2b:9d:b4:0c:ea:4b:a1:29:a2:b7:d8:cc:2f:c7:c9:1a:23:
         21:ef:49:39:04:80:bf:3c:a0:d4:6a:c9:a7:8b:b4:a7:2e:77:
         53:f0:21:ec:81:d9:fe:d9:28:9f:e3:ee:00:ab:85:52:b1:70:
         02:36:95:a4:a1:65:74:cf:e0:94:39:b5:e4:5d:dd:ca:1a:9b:
         8c:ee:4b:c3:58:9c:75:e6:3d:a2:ea:ed:89:7d:45:d8:26:40:
         a6:e0:00:88:2c:5d:e9:8d:27:44:82:56:f5:fd:29:ab:7a:2b:
         d0:a7:af:ed:1c:e8:6f:43:2e:e2:a0:d6:0f:43:ae:4d:71:6c:
         a9:00:a2:92:99:d3:c7:6a:d5:0f:5d:46:3d:fb:ba:95:4c:cd:
         b1:6a:40:22:b6:63:45:ab:cd:8c:9b:46:41:51:01:7d:f9:bf:
         d7:40:a1:f0:e3:a0:f3:dc:c8:62:b7:b0:f0:0f:3a:45:f2:00:
         b6:72:1e:17
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULtz+5OZu4DJCFhhKvt1ohprn18swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzE5MDAwMDIyWhcNMjUwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BlMWNhOWZlOTc2OGY0YjIzYjY2ODNkZTM4NTgxZDA1NzU4
YzdkOTM1YjQyYzEzMTY3ODNiYzIxNjRkNWUyYTRlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDWN85u5ea9TUtDYoAV+xrmrMyrgLiXHitKHb4HFWAJNWzM
MKpMIUtnG2TEZwzccnkzvs6JJvobEZSVeW27CXQkE3HFTxp0zVWoZoV45jVW2mcq
sy7I4jXL+b5KBgL4nMA66HhUXp5XsktFmCT1hJZdkuvlCyrLLeHyiOcVvwanWMXX
gSs1Jnrh4p5BMwFd/ntZroewXLC8/GIFS4eIWrTxtyL8hbk/ZEfYZx7a8SvxpkHm
QWs8baVNYE1liAkJfFGp9QZdl/QExygn3cah8Xm3Ynk7yKT0KFySM9WBZe9g+0+x
DX9GtQysNuCWS1TX+0/uZaZFe2mMAJ9GEWmDqizVAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQURy2xoJ8V1qWKBvutT8aVGFpm650wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JhMTViMGRhLTNkY2YtNGE3OC1iYWUwLTQ5NTM2MjY1YTBhMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACIEoowDQYJKoZIhvcNAQELBQADggEBAH/945e1P0DJT/fkaL7LX3Hhdp8G
FX140e+hqKHmvQO4Ek451eOfItndtfcwjl9562E4yhAXL4ZUJg4+M2kxB+W4Z1HX
gP0W5xQrnbQM6kuhKaK32Mwvx8kaIyHvSTkEgL88oNRqyaeLtKcud1PwIeyB2f7Z
KJ/j7gCrhVKxcAI2laShZXTP4JQ5teRd3coam4zuS8NYnHXmPaLq7Yl9RdgmQKbg
AIgsXemNJ0SCVvX9Kat6K9Cnr+0c6G9DLuKg1g9Drk1xbKkAopKZ08dq1Q9dRj37
upVMzbFqQCK2Y0WrzYybRkFRAX35v9dAofDjoPPcyGK3sPAPOkXyALZyHhc=
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:22:43 2025 by rpki-client