Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e4274e13-b3eb-47ca-8f50-e130d402b187.roa
File:                     e4274e13-b3eb-47ca-8f50-e130d402b187.roa (raw, json)
Hash identifier:          ts/O794XOzTdwo699ybS2ZrTJNnKUfYMfeQbTxhHwi8=
Subject key identifier:   B9:4E:74:71:C0:4F:0F:68:A5:F9:12:46:AA:4F:54:6F:64:B9:6E:77
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0FEF924F820B800AF24969603C271D6316B3F5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e4274e13-b3eb-47ca-8f50-e130d402b187.roa
Signing time:             Fri 14 Mar 2025 00:31:16 +0000
ROA not before:           Fri 14 Mar 2025 00:31:16 +0000
ROA not after:            Fri 18 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.167.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 07 Apr 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:ef:92:4f:82:0b:80:0a:f2:49:69:60:3c:27:1d:63:16:b3:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 14 00:31:16 2025 GMT
            Not After : Apr 18 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:d1:01:fe:7d:e0:f6:7a:d2:8a:06:77:6a:d3:
                    08:d6:5d:74:3c:da:9b:b3:83:30:93:0a:f0:0c:25:
                    56:b9:a0:7f:02:54:2e:22:ec:88:df:53:c4:21:02:
                    b1:ee:10:bd:0a:38:3e:36:87:34:31:b1:6f:ae:b7:
                    a0:c5:e4:0d:43:4f:72:93:89:19:54:31:c0:ee:cb:
                    92:f3:b3:ca:b6:c2:bf:18:1c:c0:5b:70:4b:d4:2f:
                    a2:b0:e5:17:b6:db:07:35:8c:ac:bf:af:19:5d:0f:
                    39:e8:ee:d3:5e:3f:0d:f6:ed:ac:15:be:f5:30:68:
                    80:ba:f1:e2:ef:1e:e9:e0:18:8f:40:34:71:71:e1:
                    84:48:e2:48:e1:6a:a1:06:e7:80:c2:08:34:9a:b6:
                    d5:78:4a:2e:93:fc:6a:da:12:14:52:3c:56:ca:38:
                    4d:e5:6d:63:1d:55:f4:b7:95:cb:51:b9:cd:5d:c8:
                    45:99:4a:18:c5:f7:c5:4b:cd:d0:6c:51:32:5c:fc:
                    cb:92:09:5a:16:bc:b7:1c:90:c4:f2:11:b1:d3:68:
                    15:19:b9:5f:0e:cd:10:4e:39:87:e9:27:88:0c:a6:
                    f9:13:cb:cb:a6:f0:31:98:75:05:74:75:dc:36:50:
                    aa:72:1f:63:eb:40:a8:44:5b:e9:63:55:db:c4:8e:
                    0a:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:4E:74:71:C0:4F:0F:68:A5:F9:12:46:AA:4F:54:6F:64:B9:6E:77
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e4274e13-b3eb-47ca-8f50-e130d402b187.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.167.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         7d:18:d7:3c:50:88:f3:3b:9f:99:dd:c0:d6:ca:85:1d:3f:bf:
         ee:e8:16:7f:30:4f:66:5e:f3:6d:f0:f2:9d:c6:8b:87:39:93:
         a2:56:7b:8f:1e:f5:b6:63:b0:00:14:cf:e6:eb:8d:be:cd:d7:
         5a:87:86:84:3a:90:06:a3:c7:e0:b1:84:95:26:73:e4:5e:6c:
         8b:35:d8:62:64:2d:6d:c6:ce:43:64:51:82:3b:f8:62:e5:8f:
         2d:4f:5c:d6:b8:54:ea:4e:03:95:93:5e:e2:f8:94:a9:d0:af:
         a5:da:4c:5d:2d:75:4a:21:de:42:0c:d5:a0:96:f4:08:db:d0:
         a3:a1:d8:59:4a:9a:1f:af:ef:3e:c8:72:cb:c4:ca:a3:97:25:
         a3:bd:10:b8:c8:5f:40:45:65:ce:d6:13:26:0e:4a:5a:a2:18:
         3a:4a:b1:93:a5:f9:30:4c:a0:b8:f9:9e:36:24:ed:a1:e3:50:
         bb:8f:4d:ff:94:bd:46:fe:4a:69:23:d2:b3:27:e4:bc:c1:5d:
         99:fa:c4:61:9f:65:12:7e:69:db:84:a1:95:ec:61:03:67:66:
         f7:a4:2b:cc:f6:53:58:2b:c1:bf:0c:b9:f6:e6:b6:c8:61:37:
         4c:3f:b1:fd:a4:58:1e:bd:ca:65:f7:45:1e:9f:56:59:67:1d:
         28:f6:51:81
-----BEGIN CERTIFICATE-----
MIIF9jCCBN6gAwIBAgITD++ST4ILgArySWlgPCcdYxaz9TANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzI2ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAxOGQ0MmJlMzU4ZWIz
NzEwN2RiZThjYjcxZDBhNzAeFw0yNTAzMTQwMDMxMTZaFw0yNTA0MTgyMzU5NTla
MHoxSTBHBgNVBAUTQDVmYzMzYTIzZWY4YTBhYzQ5ZmJlOTQ2Mjg0YjEyYjA0NWRi
NDkyNjA2NjhhNjIwMDBlNzUwNGQ3YjkxZjVlZGQxLTArBgNVBAMTJGIyNWM5NzBm
LWQ4MTMtNDQ1Yy1iZmUyLTYyNjY4NTE4Yzg3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALzRAf594PZ60ooGd2rTCNZddDzam7ODMJMK8AwlVrmgfwJU
LiLsiN9TxCECse4QvQo4PjaHNDGxb663oMXkDUNPcpOJGVQxwO7LkvOzyrbCvxgc
wFtwS9QvorDlF7bbBzWMrL+vGV0POeju014/DfbtrBW+9TBogLrx4u8e6eAYj0A0
cXHhhEjiSOFqoQbngMIINJq21XhKLpP8atoSFFI8Vso4TeVtYx1V9LeVy1G5zV3I
RZlKGMX3xUvN0GxRMlz8y5IJWha8txyQxPIRsdNoFRm5Xw7NEE45h+kniAym+RPL
y6bwMZh1BXR13DZQqnIfY+tAqERb6WNV28SOCksCAwEAAaOCArAwggKsMB0GA1Ud
DgQWBBS5TnRxwE8PaKX5EkaqT1RvZLludzAfBgNVHSMEGDAWgBQQXdeNVXhAq0Nd
vRUhII8p+kk/rjAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzFiYTMwMmI4LThk
YWItNDkxZC1iOWVkLWQ3YzkyZDAzMGQ4Mi82ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAx
OGQ0MmJlMzU4ZWIzNzEwN2RiZThjYjcxZDBhNy5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8yMGFhMzI5Yi1mYzUyLTRjNjEtYmY1My0wOTcy
NWMwNDI5NDIvZTQyNzRlMTMtYjNlYi00N2NhLThmNTAtZTEzMGQ0MDJiMTg3LnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMt
MDk3MjVjMDQyOTQyL19xeDNSSjhCalVLLU5ZNnpjUWZiNk10eDBLYy5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEw
BQMDADinMA0GCSqGSIb3DQEBCwUAA4IBAQB9GNc8UIjzO5+Z3cDWyoUdP7/u6BZ/
ME9mXvNt8PKdxouHOZOiVnuPHvW2Y7AAFM/m642+zddah4aEOpAGo8fgsYSVJnPk
XmyLNdhiZC1txs5DZFGCO/hi5Y8tT1zWuFTqTgOVk17i+JSp0K+l2kxdLXVKId5C
DNWglvQI29CjodhZSpofr+8+yHLLxMqjlyWjvRC4yF9ARWXO1hMmDkpaohg6SrGT
pfkwTKC4+Z42JO2h41C7j03/lL1G/kppI9KzJ+S8wV2Z+sRhn2USfmnbhKGV7GED
Z2b3pCvM9lNYK8G/DLn25rbIYTdMP7H9pFgevcpl90Uen1ZZZx0o9lGB
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:51:40 2025 by rpki-client