Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c4b42247-f61c-4e66-8e1f-eec8fefcd322.roa
File:                     c4b42247-f61c-4e66-8e1f-eec8fefcd322.roa (raw, json)
Hash identifier:          YHL2tf8tqT/wd7aDGsZpTX/IUfmUPYDoE2obMHCDECk=
Subject key identifier:   45:F9:58:7D:AD:61:83:D9:4E:D1:11:2E:10:99:1A:6B:F7:45:BF:5D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       33663CCD60269ACC77F23DAE4300305DBA7E90C1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c4b42247-f61c-4e66-8e1f-eec8fefcd322.roa
Signing time:             Mon 24 Mar 2025 15:40:16 +0000
ROA not before:           Mon 24 Mar 2025 15:40:16 +0000
ROA not after:            Mon 28 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        216.230.70.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 06 Apr 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            33:66:3c:cd:60:26:9a:cc:77:f2:3d:ae:43:00:30:5d:ba:7e:90:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 24 15:40:16 2025 GMT
            Not After : Apr 28 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:13:04:1e:f8:95:c6:f5:8b:27:23:f6:47:9e:
                    c9:f7:43:3e:d7:9b:cc:fd:ef:4d:fa:2c:51:b4:b5:
                    00:68:b4:b9:c4:a3:46:a3:1f:ae:75:03:3c:c3:a6:
                    be:2d:ef:97:34:d5:9d:f5:53:70:c1:71:c5:a9:cf:
                    82:d9:31:4b:b5:94:41:15:52:ed:f3:64:f6:71:51:
                    ce:1b:fa:d3:ce:04:da:ee:cf:a1:42:13:bd:cd:a9:
                    09:cd:c9:cd:40:98:8e:a7:7f:0d:1e:3f:85:dd:2d:
                    07:20:f9:82:3c:05:1d:b6:58:6c:c1:d1:ff:dc:38:
                    66:84:5a:11:b0:e8:4c:85:d6:7a:4d:8b:74:16:38:
                    a1:d7:4f:b9:75:eb:a6:47:e0:8f:07:fb:3d:4a:ff:
                    d1:47:5d:c6:01:75:91:09:d6:ea:0b:b2:2f:6e:06:
                    8e:94:e3:71:1d:bb:b8:34:85:76:a6:9f:6c:d4:7b:
                    b3:08:0d:44:11:69:7a:19:8e:6c:d8:8c:47:4e:b2:
                    77:12:1c:c3:17:e4:d1:11:fa:fd:b7:d9:bd:0b:55:
                    41:e6:92:c8:fc:3a:af:94:5e:2d:fc:d6:d7:71:0e:
                    c9:a1:e0:5f:c2:99:5d:24:2a:20:4e:20:ce:1f:3d:
                    cc:f2:fb:13:64:03:df:ab:59:2f:78:53:f4:07:8a:
                    a3:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:F9:58:7D:AD:61:83:D9:4E:D1:11:2E:10:99:1A:6B:F7:45:BF:5D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c4b42247-f61c-4e66-8e1f-eec8fefcd322.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.230.70.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:36:41:7f:77:78:e7:47:91:88:d7:53:8c:f6:26:79:61:7f:
         ee:34:b1:f2:38:63:30:c5:a9:7a:83:c8:5a:cf:99:5d:c5:2c:
         97:f8:dc:c4:1a:99:d0:c6:15:af:e4:da:9e:b2:9a:c8:15:be:
         f7:10:d4:ae:ce:54:37:f2:65:67:97:bf:c1:6f:b8:6f:82:b5:
         86:af:95:14:c4:9e:06:d8:ca:e8:fb:d0:34:e0:e3:b0:da:c6:
         21:f4:b9:6d:28:6c:7c:a7:42:13:27:f8:31:04:91:f4:f5:fc:
         de:68:8c:87:6d:e6:b0:b3:cd:1f:ab:3e:4f:29:9d:aa:a1:06:
         9c:88:e5:6f:ef:95:80:8c:68:3c:c9:b8:45:5a:38:da:8b:3b:
         e8:f7:d5:ed:6d:20:84:bc:8c:34:d2:96:ba:d5:eb:76:14:e6:
         3d:af:67:d1:77:21:e2:c4:ce:d4:9e:b6:ff:63:9c:2a:51:0b:
         8e:a6:44:09:ff:73:0d:5b:dd:e2:87:29:d3:57:c1:2b:70:9e:
         81:cd:6b:34:b5:0a:0e:fc:73:58:3a:99:69:66:37:c4:20:fd:
         23:4c:52:d5:de:56:90:a9:ad:9e:e5:0d:88:d8:1a:f9:f4:65:
         c5:05:c9:36:f8:3e:60:f9:13:0e:d2:a8:81:86:81:79:d2:d9:
         96:b1:a7:49
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUM2Y8zWAmmsx38j2uQwAwXbp+kMEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzI0MTU0MDE2WhcNMjUwNDI4MjM1OTU5
WjB6MUkwRwYDVQQFE0AwNmY0YTQwNjczMTVlZTUxMmQ5NjFkNDViZDhhNmEyYzJj
NjRiYjY2YzcyOTkyNjdlNzdlZWNiZGIzZDlhMTJmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0EwQe+JXG9YsnI/ZHnsn3Qz7Xm8z97036LFG0tQBotLnE
o0ajH651AzzDpr4t75c01Z31U3DBccWpz4LZMUu1lEEVUu3zZPZxUc4b+tPOBNru
z6FCE73NqQnNyc1AmI6nfw0eP4XdLQcg+YI8BR22WGzB0f/cOGaEWhGw6EyF1npN
i3QWOKHXT7l166ZH4I8H+z1K/9FHXcYBdZEJ1uoLsi9uBo6U43Edu7g0hXamn2zU
e7MIDUQRaXoZjmzYjEdOsncSHMMX5NER+v232b0LVUHmksj8Oq+UXi381tdxDsmh
4F/CmV0kKiBOIM4fPczy+xNkA9+rWS94U/QHiqOTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQURflYfa1hg9lO0REuEJkaa/dFv10wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M0YjQyMjQ3LWY2MWMtNGU2Ni04ZTFmLWVlYzhmZWZjZDMyMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADY5kYwDQYJKoZIhvcNAQELBQADggEBAJs2QX93eOdHkYjXU4z2Jnlhf+40
sfI4YzDFqXqDyFrPmV3FLJf43MQamdDGFa/k2p6ymsgVvvcQ1K7OVDfyZWeXv8Fv
uG+CtYavlRTEngbYyuj70DTg47DaxiH0uW0obHynQhMn+DEEkfT1/N5ojIdt5rCz
zR+rPk8pnaqhBpyI5W/vlYCMaDzJuEVaONqLO+j31e1tIIS8jDTSlrrV63YU5j2v
Z9F3IeLEztSetv9jnCpRC46mRAn/cw1b3eKHKdNXwStwnoHNazS1Cg78c1g6mWlm
N8Qg/SNMUtXeVpCprZ7lDYjYGvn0ZcUFyTb4PmD5Ew7SqIGGgXnS2Zaxp0k=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:10:12 2025 by rpki-client