Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c1fbefe5-52ac-4e22-b5a1-6db2d0501be8.roa
File:                     c1fbefe5-52ac-4e22-b5a1-6db2d0501be8.roa (raw, json)
Hash identifier:          7hIrh2RrexcEI04rGNf6XKNjwE2ZX+qG/9mV5oEeexc=
Subject key identifier:   DC:A4:EB:69:52:CF:1E:9A:7C:F6:43:CF:49:73:4C:64:99:95:8F:C5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       604CE636F8B3753445EC8450986D3C98AEFC02A0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c1fbefe5-52ac-4e22-b5a1-6db2d0501be8.roa
Signing time:             Mon 24 Mar 2025 15:40:12 +0000
ROA not before:           Mon 24 Mar 2025 15:40:12 +0000
ROA not after:            Mon 28 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        216.198.88.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 06 Apr 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:4c:e6:36:f8:b3:75:34:45:ec:84:50:98:6d:3c:98:ae:fc:02:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 24 15:40:12 2025 GMT
            Not After : Apr 28 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:0c:92:16:aa:67:75:08:99:48:54:fd:9e:fb:
                    3d:14:58:4e:3f:0f:b3:55:a8:67:e5:c4:7d:67:76:
                    19:83:8b:4d:a9:31:d4:42:f1:3d:a8:e6:52:dd:b5:
                    af:e5:e3:3b:4b:93:04:2d:60:f7:4a:44:a0:c7:fc:
                    82:e5:7c:aa:61:a8:a6:90:73:9c:03:0d:be:52:73:
                    16:b8:e5:83:3e:fa:a5:f1:79:b3:64:5a:16:92:c8:
                    7c:1c:4c:58:c8:be:51:f6:bb:01:74:cd:11:7e:56:
                    81:85:1b:48:0b:17:00:9b:d1:69:a4:a3:f1:28:23:
                    30:aa:58:73:42:e1:50:c0:b7:ca:d9:30:54:ca:e2:
                    18:6e:66:06:72:ac:13:99:34:60:77:89:ae:46:30:
                    8f:6e:b9:b4:86:0f:05:9b:82:7b:b9:bc:0f:3c:df:
                    81:df:90:63:75:ce:11:bf:dc:0d:d1:d3:7e:c5:06:
                    6b:b4:7b:48:58:70:12:e1:be:0f:51:83:57:1a:7a:
                    e2:d0:a5:75:4a:89:d0:26:71:fc:56:9f:3d:62:8d:
                    0b:5c:3f:bd:71:60:63:d5:95:b1:fc:90:9e:1a:1a:
                    af:5a:36:57:c0:e2:35:ba:7a:52:00:fc:2e:6d:d1:
                    c8:5c:a4:da:0f:86:f3:c9:25:a0:f5:7c:1c:4f:7b:
                    f6:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:A4:EB:69:52:CF:1E:9A:7C:F6:43:CF:49:73:4C:64:99:95:8F:C5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c1fbefe5-52ac-4e22-b5a1-6db2d0501be8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.198.88.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:e3:1c:d1:45:ef:57:04:6e:15:88:e6:69:91:d4:ef:f7:8d:
         b6:2a:9b:6b:a7:69:6b:92:38:bd:37:25:50:d1:1d:20:ca:34:
         4e:ff:85:5f:b5:00:d2:31:c2:6a:e5:e8:66:95:7e:19:a9:61:
         ad:f4:d8:56:d9:06:7e:62:d5:76:cd:40:e5:fd:d7:08:54:13:
         e1:da:b5:28:1e:55:40:96:54:f8:54:49:5f:e0:0b:da:bd:50:
         f4:f8:48:58:5c:e8:69:be:64:e4:87:ef:ef:90:cd:9b:d1:63:
         95:ee:af:64:ca:34:d7:2e:f5:b4:bf:19:5a:70:ac:59:24:62:
         12:5b:f3:93:85:4b:22:8d:cb:8d:6e:81:72:e9:0e:c8:2b:3d:
         26:e4:2e:9b:45:8b:f1:1e:45:8d:80:5e:fb:fa:83:b7:8a:91:
         38:39:2e:64:ea:6c:29:fd:45:3a:38:7b:31:eb:66:83:95:e0:
         a2:69:90:72:e7:ed:45:63:25:3a:df:c3:75:54:26:91:9a:ad:
         8b:4e:0c:f2:31:fc:08:c7:ff:c3:62:18:26:4f:ab:b6:73:f6:
         2e:49:3b:07:9b:ce:50:e3:ed:c8:79:bf:aa:a1:55:87:ea:b1:
         34:b3:5b:d6:c3:a6:56:8a:32:48:9e:e2:2f:d9:38:63:1f:88:
         65:49:9a:c8
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYEzmNvizdTRF7IRQmG08mK78AqAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzI0MTU0MDEyWhcNMjUwNDI4MjM1OTU5
WjB6MUkwRwYDVQQFE0A0OWRhZDJkZTMxNWRkM2QwY2M5MmM1ZGVmNWM0MjU0OWU5
N2VjNWViMTNkMjQ4YTNhMzg5OWRhOTRjM2M0Y2ZiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDGDJIWqmd1CJlIVP2e+z0UWE4/D7NVqGflxH1ndhmDi02p
MdRC8T2o5lLdta/l4ztLkwQtYPdKRKDH/ILlfKphqKaQc5wDDb5Scxa45YM++qXx
ebNkWhaSyHwcTFjIvlH2uwF0zRF+VoGFG0gLFwCb0Wmko/EoIzCqWHNC4VDAt8rZ
MFTK4hhuZgZyrBOZNGB3ia5GMI9uubSGDwWbgnu5vA8834HfkGN1zhG/3A3R037F
Bmu0e0hYcBLhvg9Rg1caeuLQpXVKidAmcfxWnz1ijQtcP71xYGPVlbH8kJ4aGq9a
NlfA4jW6elIA/C5t0chcpNoPhvPJJaD1fBxPe/YnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU3KTraVLPHpp89kPPSXNMZJmVj8UwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2MxZmJlZmU1LTUyYWMtNGUyMi1iNWExLTZkYjJkMDUwMWJlOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADYxlgwDQYJKoZIhvcNAQELBQADggEBAEjjHNFF71cEbhWI5mmR1O/3jbYq
m2unaWuSOL03JVDRHSDKNE7/hV+1ANIxwmrl6GaVfhmpYa302FbZBn5i1XbNQOX9
1whUE+HatSgeVUCWVPhUSV/gC9q9UPT4SFhc6Gm+ZOSH7++QzZvRY5Xur2TKNNcu
9bS/GVpwrFkkYhJb85OFSyKNy41ugXLpDsgrPSbkLptFi/EeRY2AXvv6g7eKkTg5
LmTqbCn9RTo4ezHrZoOV4KJpkHLn7UVjJTrfw3VUJpGarYtODPIx/AjH/8NiGCZP
q7Zz9i5JOwebzlDj7ch5v6qhVYfqsTSzW9bDplaKMkie4i/ZOGMfiGVJmsg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:16:55 2025 by rpki-client