Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/079cc1e2-817f-4601-bbf9-167342dd67d8.roa
File:                     079cc1e2-817f-4601-bbf9-167342dd67d8.roa (raw, json)
Hash identifier:          QI7yk86eHcoffhJqdLb7w7kSzCrzDxSa2Mb64XfpWwo=
Subject key identifier:   24:DB:D7:61:B5:C8:F9:13:2F:2A:39:DC:7A:04:98:58:3A:12:FF:4C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       160FAB61176F5D09C73A0484D50633A10C33382C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/079cc1e2-817f-4601-bbf9-167342dd67d8.roa
Signing time:             Tue 21 Jan 2025 00:00:00 +0000
ROA not before:           Tue 21 Jan 2025 00:00:00 +0000
ROA not after:            Tue 25 Feb 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        168.185.4.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 12 Feb 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:0f:ab:61:17:6f:5d:09:c7:3a:04:84:d5:06:33:a1:0c:33:38:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 21 00:00:00 2025 GMT
            Not After : Feb 25 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:bc:a4:cd:20:08:b7:29:8c:82:bf:ea:7f:c8:
                    58:16:1a:cd:23:76:17:7e:30:76:72:83:66:2d:be:
                    26:90:c3:fa:6a:07:d9:f6:49:a6:5f:ec:f0:d2:cc:
                    51:e4:47:ca:ea:9d:35:7f:43:7a:59:a2:43:8b:05:
                    97:fa:8a:cb:f9:ac:0d:5b:74:11:8a:34:1b:e5:09:
                    b2:54:02:22:04:b3:d8:a2:d4:0b:cd:af:a6:60:14:
                    05:4c:79:46:3e:2c:4f:35:bb:a4:0a:d4:88:38:33:
                    64:9e:c0:5b:ed:7e:df:18:47:f1:75:af:8d:81:8f:
                    d0:d7:10:cd:fb:13:4a:4b:a7:51:62:ff:68:54:de:
                    4f:4c:72:58:68:ff:b4:aa:3a:93:b7:77:6b:73:78:
                    56:24:66:cd:c4:cf:86:ae:58:73:26:f1:2a:ce:65:
                    83:11:51:6c:8e:48:4a:0b:8f:13:b3:fa:b7:b6:c9:
                    97:c2:b1:b5:82:8e:90:c2:29:45:11:6c:03:8d:d1:
                    6b:8f:33:7c:72:6b:9a:8e:79:b9:20:14:01:2d:e0:
                    5b:22:ea:d7:34:ca:b4:a4:98:1d:b9:75:d8:b6:2e:
                    d7:e5:4d:2b:fa:17:f6:fd:49:b3:b8:bc:c4:42:bc:
                    d0:85:a3:e4:7a:b0:70:ec:d0:e3:5a:2b:3e:ee:9d:
                    49:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:DB:D7:61:B5:C8:F9:13:2F:2A:39:DC:7A:04:98:58:3A:12:FF:4C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/079cc1e2-817f-4601-bbf9-167342dd67d8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.185.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9b:72:ad:f9:27:24:d0:3c:ea:6c:6a:ef:f0:a5:b1:76:c9:4e:
         d3:c1:6a:94:43:9b:34:2b:d3:11:a2:38:bd:0c:38:c9:94:c7:
         ac:19:46:f3:0e:3b:e1:ec:7b:ea:71:77:5d:49:af:81:c4:43:
         b8:78:10:59:8d:4b:bb:71:79:6a:7c:91:da:81:e0:27:c0:79:
         44:16:29:0b:98:fc:db:fd:5b:15:19:d9:9a:67:34:6e:8c:11:
         3b:fe:4f:a7:79:f8:3b:79:01:e8:b5:df:0d:e0:28:35:52:64:
         3c:ba:14:f3:36:99:ee:8b:31:ee:7d:a3:38:b6:80:6b:ae:15:
         2f:92:a7:28:5a:00:e2:6f:41:80:d8:d3:c8:b0:6b:98:16:d5:
         fe:78:e1:86:6d:83:3c:57:5b:7b:4b:00:c9:89:01:6d:be:da:
         5c:f7:92:40:7f:ed:4e:65:89:f0:aa:35:0d:56:32:3d:95:08:
         a5:b1:ec:fb:45:bf:22:26:91:db:38:bf:56:03:3b:7c:56:0a:
         c7:9c:2a:e4:88:f6:8c:1d:b5:b5:b9:92:ad:d7:fe:e0:0f:e4:
         0d:6b:4a:cf:84:10:ae:9b:2f:86:31:41:fc:c7:01:14:79:d2:
         0f:38:d9:40:8a:e1:c2:c6:14:00:c9:c9:fc:5b:db:31:c8:5f:
         11:d2:d8:55
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFg+rYRdvXQnHOgSE1QYzoQwzOCwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTIxMDAwMDAwWhcNMjUwMjI1MjM1OTU5
WjB6MUkwRwYDVQQFE0BiY2Q1ZjU2YmM5ODQwMzNjYmY5NDExMzNmMGQ2YmVhYTQz
NzM5MTI2ZWI5MzEzYzM1OGU3MDFmMjJkZDQzOGFjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDrvKTNIAi3KYyCv+p/yFgWGs0jdhd+MHZyg2YtviaQw/pq
B9n2SaZf7PDSzFHkR8rqnTV/Q3pZokOLBZf6isv5rA1bdBGKNBvlCbJUAiIEs9ii
1AvNr6ZgFAVMeUY+LE81u6QK1Ig4M2SewFvtft8YR/F1r42Bj9DXEM37E0pLp1Fi
/2hU3k9Mclho/7SqOpO3d2tzeFYkZs3Ez4auWHMm8SrOZYMRUWyOSEoLjxOz+re2
yZfCsbWCjpDCKUURbAON0WuPM3xya5qOebkgFAEt4Fsi6tc0yrSkmB25ddi2Ltfl
TSv6F/b9SbO4vMRCvNCFo+R6sHDs0ONaKz7unUlZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUJNvXYbXI+RMvKjncegSYWDoS/0wwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzA3OWNjMWUyLTgxN2YtNDYwMS1iYmY5LTE2NzM0MmRkNjdkOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAKouQQwDQYJKoZIhvcNAQELBQADggEBAJtyrfknJNA86mxq7/ClsXbJTtPB
apRDmzQr0xGiOL0MOMmUx6wZRvMOO+Hse+pxd11Jr4HEQ7h4EFmNS7txeWp8kdqB
4CfAeUQWKQuY/Nv9WxUZ2ZpnNG6METv+T6d5+Dt5Aei13w3gKDVSZDy6FPM2me6L
Me59ozi2gGuuFS+SpyhaAOJvQYDY08iwa5gW1f544YZtgzxXW3tLAMmJAW2+2lz3
kkB/7U5lifCqNQ1WMj2VCKWx7PtFvyImkds4v1YDO3xWCsecKuSI9owdtbW5kq3X
/uAP5A1rSs+EEK6bL4YxQfzHARR50g842UCK4cLGFADJyfxb2zHIXxHS2FU=
-----END CERTIFICATE-----
Generated at Mon Feb 10 17:25:21 2025 by rpki-client