Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/05112af9-edc2-463f-88f6-9c849e7e66a0.roa
File:                     05112af9-edc2-463f-88f6-9c849e7e66a0.roa (raw, json)
Hash identifier:          /ids1a2IhfU/jjW4PFRB7j999J9QBdW2Q2KdXUDA6kI=
Subject key identifier:   9F:66:1C:D8:6A:B0:0A:02:27:39:BA:5A:B8:2A:8F:35:3F:20:17:9F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       659868D3BD8A4BC9B8D8EC9931A05F91580881BA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/05112af9-edc2-463f-88f6-9c849e7e66a0.roa
Signing time:             Fri 30 May 2025 00:22:37 +0000
ROA not before:           Fri 30 May 2025 00:22:37 +0000
ROA not after:            Fri 04 Jul 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        64.252.68.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:98:68:d3:bd:8a:4b:c9:b8:d8:ec:99:31:a0:5f:91:58:08:81:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 30 00:22:37 2025 GMT
            Not After : Jul  4 23:59:59 2025 GMT
        Subject: serialNumber=247e04ab9e532143869d46cac0f16f2998091c4311cf31b54ed4369ed1f1d679, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:f4:98:54:f1:a7:cf:56:41:c4:d3:09:1d:b1:
                    1e:d4:47:c9:41:fe:33:8b:6c:e3:65:16:d8:8d:6d:
                    ef:0c:08:68:b5:36:99:d6:7f:f3:de:03:01:af:23:
                    9b:09:c7:e0:89:ba:55:2c:94:82:55:46:67:2b:2c:
                    1a:71:c6:14:8c:b3:9d:49:99:1c:9f:c5:00:3f:e2:
                    3e:6f:c6:19:79:8b:69:8a:fb:27:b0:b0:ca:23:35:
                    d6:31:d9:bd:71:9c:8b:f1:37:ca:0e:63:37:37:2c:
                    e1:2a:c3:92:b4:6e:22:d2:9e:91:b9:2f:bd:55:e4:
                    ee:2f:46:f8:33:f1:ce:ad:27:a8:70:86:a4:a3:88:
                    32:27:dc:61:b1:3b:38:eb:16:9b:2b:fc:05:12:9a:
                    61:3b:b5:ae:03:a0:03:92:55:29:3a:51:d4:4d:cb:
                    ab:c3:f6:55:82:6b:30:c1:30:ac:92:57:1d:9a:fe:
                    82:98:04:18:89:ce:b8:66:83:6d:86:9f:40:12:3a:
                    dc:fc:58:27:1d:cb:75:17:a5:6d:97:fd:68:96:ed:
                    12:9d:a5:f3:8d:05:d4:c4:c0:33:ba:64:0e:33:7e:
                    e3:7b:b4:25:67:1e:43:b5:fe:32:72:6f:69:7b:c5:
                    c9:2e:75:21:13:70:bf:7d:ab:25:76:76:01:7e:a6:
                    f4:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:66:1C:D8:6A:B0:0A:02:27:39:BA:5A:B8:2A:8F:35:3F:20:17:9F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/05112af9-edc2-463f-88f6-9c849e7e66a0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.252.68.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a8:aa:0f:30:45:22:bf:85:db:e1:b7:10:fa:61:f4:84:a8:70:
         94:5f:c0:5b:42:e9:53:70:04:3e:a9:7a:23:ac:ec:8a:e7:9f:
         59:9b:07:d9:51:44:b8:26:60:e6:84:bf:36:e7:6f:1a:b5:0e:
         7b:01:d1:2d:c0:f7:44:7d:d4:6e:63:6f:1b:a6:92:43:e9:cf:
         fd:31:e4:a5:cb:90:2b:57:b1:cc:bf:f3:ff:a6:85:07:00:59:
         dc:e3:66:a5:c8:1c:e8:2e:73:1d:cd:50:7a:5d:94:22:dc:95:
         68:76:1d:f1:c4:65:18:f8:ae:4d:5b:25:84:56:c6:16:08:ac:
         99:cd:60:b6:29:b7:e9:fc:cb:27:c0:0b:61:3d:04:60:b8:df:
         d6:61:50:eb:94:b5:c9:5a:fa:50:c9:46:53:74:37:a9:9f:3d:
         fd:99:bb:a2:22:07:bb:51:e6:ed:90:e1:f6:5b:3f:9c:3b:1b:
         fb:53:6a:2d:c3:b0:34:8c:68:10:e9:6b:5f:fd:4d:fd:41:5a:
         f5:cd:96:a6:8d:b3:dd:a8:de:4d:e8:0b:84:f7:da:af:9b:00:
         db:9f:4a:18:0e:ca:5d:49:f6:b4:ac:fe:e9:db:e4:1e:a2:35:
         29:b6:97:bc:d2:3e:4a:cf:df:5f:41:93:d0:18:c0:0f:09:3b:
         58:a1:89:3a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUZZho072KS8m42OyZMaBfkVgIgbowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTMwMDAyMjM3WhcNMjUwNzA0MjM1OTU5
WjB6MUkwRwYDVQQFE0AyNDdlMDRhYjllNTMyMTQzODY5ZDQ2Y2FjMGYxNmYyOTk4
MDkxYzQzMTFjZjMxYjU0ZWQ0MzY5ZWQxZjFkNjc5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCw9JhU8afPVkHE0wkdsR7UR8lB/jOLbONlFtiNbe8MCGi1
NpnWf/PeAwGvI5sJx+CJulUslIJVRmcrLBpxxhSMs51JmRyfxQA/4j5vxhl5i2mK
+yewsMojNdYx2b1xnIvxN8oOYzc3LOEqw5K0biLSnpG5L71V5O4vRvgz8c6tJ6hw
hqSjiDIn3GGxOzjrFpsr/AUSmmE7ta4DoAOSVSk6UdRNy6vD9lWCazDBMKySVx2a
/oKYBBiJzrhmg22Gn0ASOtz8WCcdy3UXpW2X/WiW7RKdpfONBdTEwDO6ZA4zfuN7
tCVnHkO1/jJyb2l7xckudSETcL99qyV2dgF+pvShAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUn2Yc2GqwCgInObpauCqPNT8gF58wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzA1MTEyYWY5LWVkYzItNDYzZi04OGY2LTljODQ5ZTdlNjZhMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABA/EQwDQYJKoZIhvcNAQELBQADggEBAKiqDzBFIr+F2+G3EPph9ISocJRf
wFtC6VNwBD6peiOs7Irnn1mbB9lRRLgmYOaEvzbnbxq1DnsB0S3A90R91G5jbxum
kkPpz/0x5KXLkCtXscy/8/+mhQcAWdzjZqXIHOgucx3NUHpdlCLclWh2HfHEZRj4
rk1bJYRWxhYIrJnNYLYpt+n8yyfAC2E9BGC439ZhUOuUtcla+lDJRlN0N6mfPf2Z
u6IiB7tR5u2Q4fZbP5w7G/tTai3DsDSMaBDpa1/9Tf1BWvXNlqaNs92o3k3oC4T3
2q+bANufShgOyl1J9rSs/unb5B6iNSm2l7zSPkrP319Bk9AYwA8JO1ihiTo=
-----END CERTIFICATE-----
Generated at Sun Jun 1 04:25:57 2025 by rpki-client