Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0bd38cb3-a515-4ab0-a345-33cb83acf28d.roa
File:                     0bd38cb3-a515-4ab0-a345-33cb83acf28d.roa (raw, json)
Hash identifier:          m0wgGGFUyale5XAf8CvWK09Hecyi2nljTSSdm8mwXnc=
Subject key identifier:   1F:CC:40:6D:34:37:C7:8E:63:BA:DD:2F:44:7F:5D:38:6D:11:0E:B0
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       32CD64D360CB99C08C99D981EBBA96F51B85F771
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0bd38cb3-a515-4ab0-a345-33cb83acf28d.roa
Signing time:             Fri 07 Feb 2025 00:00:00 +0000
ROA not before:           Fri 07 Feb 2025 00:00:00 +0000
ROA not after:            Fri 14 Mar 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        56.136.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 11 Feb 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:cd:64:d3:60:cb:99:c0:8c:99:d9:81:eb:ba:96:f5:1b:85:f7:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb  7 00:00:00 2025 GMT
            Not After : Mar 14 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:4a:84:09:5e:58:0f:07:49:9d:17:99:e7:89:
                    c3:e7:1e:5c:a4:19:5f:23:c4:75:75:08:71:07:b8:
                    f5:1b:f8:b9:31:d1:67:f0:fa:60:b9:b6:8b:cd:8d:
                    4e:8d:13:f3:24:f3:6e:28:f4:da:bc:c8:f8:22:30:
                    c9:94:6e:b9:f4:9f:80:5b:c0:07:f6:e1:e8:48:b9:
                    e2:a2:3f:10:3f:96:68:77:b4:6b:a0:84:0a:0f:97:
                    9a:c7:4b:95:91:6f:ca:7c:ca:a9:8f:99:37:d1:72:
                    3a:2f:21:2c:3f:46:bd:63:f5:92:5a:36:2a:7f:be:
                    77:95:2e:ed:43:b8:a4:c1:3c:24:ef:9e:f7:27:e2:
                    4c:90:b3:10:47:e3:e5:7b:76:0a:8b:b6:d8:85:1c:
                    b2:80:e4:8d:a5:6d:c1:f3:83:5d:99:e7:e3:52:d0:
                    c3:29:0c:03:dd:b4:43:69:63:0c:4f:6b:a4:ab:68:
                    5b:ca:77:48:1a:cf:46:18:5b:78:ec:80:9b:29:1d:
                    2f:13:ab:76:0b:d0:63:68:11:fe:cb:ef:a3:ab:a2:
                    5f:ff:d0:d4:59:f8:15:ea:49:37:d7:1f:99:6c:3f:
                    68:67:2b:b0:b2:53:c3:77:c1:14:22:f2:a0:41:73:
                    59:c5:78:7d:7d:62:cb:6d:fc:13:34:8d:67:a4:ac:
                    96:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:CC:40:6D:34:37:C7:8E:63:BA:DD:2F:44:7F:5D:38:6D:11:0E:B0
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0bd38cb3-a515-4ab0-a345-33cb83acf28d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.136.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         8e:23:83:df:61:80:bc:76:e9:3e:0c:de:84:ac:72:55:58:37:
         64:8b:4f:1a:1b:de:9c:54:0a:38:43:25:ed:4f:ee:34:5d:39:
         f1:fc:f6:dd:ef:49:cd:0c:95:d6:37:c7:1a:da:a3:88:90:f4:
         0b:81:55:88:4d:7d:fd:e9:97:8b:db:64:f5:88:c8:61:ca:93:
         d6:bc:d8:e2:2b:30:4a:2e:78:5d:ee:fc:47:5c:ab:ca:8b:eb:
         1a:ad:bf:3d:61:19:2f:9e:5c:7b:29:86:9a:50:49:6e:6a:db:
         8b:ff:c5:66:87:89:b9:e6:e1:b2:ef:07:17:12:8d:b3:1a:a3:
         a1:e5:dd:68:46:49:6f:ac:cd:2d:25:c0:9e:1b:aa:fb:dc:aa:
         7a:76:07:2c:9e:89:97:43:61:46:46:39:8c:e0:d4:2f:c4:9b:
         af:49:85:82:41:a9:f7:88:16:b8:bd:92:26:a7:0d:cf:64:14:
         70:00:d7:25:bd:28:7e:d9:13:0d:84:46:8a:20:8e:fa:79:f9:
         e3:79:e1:6c:7e:e0:05:4b:68:78:7e:4a:06:eb:b5:4c:07:db:
         5b:8b:95:1d:48:e9:17:d4:5d:dc:6e:35:71:5b:58:7f:d1:61:
         b3:95:c1:e9:ac:f1:52:bf:70:14:88:21:69:0c:2a:ff:ff:5f:
         6b:d9:19:62
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUMs1k02DLmcCMmdmB67qW9RuF93EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMjA3MDAwMDAwWhcNMjUwMzE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AyZGI1YjlkZWE4MmU4N2VkODJkNjY1YWYxYTE1YjQ5Zjg4
YjdmZDk3MGU4YmFkODQyNDlmY2JkM2ZiN2I2MGFiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFSoQJXlgPB0mdF5nnicPnHlykGV8jxHV1CHEHuPUb+Lkx
0Wfw+mC5tovNjU6NE/Mk824o9Nq8yPgiMMmUbrn0n4BbwAf24ehIueKiPxA/lmh3
tGughAoPl5rHS5WRb8p8yqmPmTfRcjovISw/Rr1j9ZJaNip/vneVLu1DuKTBPCTv
nvcn4kyQsxBH4+V7dgqLttiFHLKA5I2lbcHzg12Z5+NS0MMpDAPdtENpYwxPa6Sr
aFvKd0gaz0YYW3jsgJspHS8Tq3YL0GNoEf7L76Orol//0NRZ+BXqSTfXH5lsP2hn
K7CyU8N3wRQi8qBBc1nFeH19Ystt/BM0jWekrJZlAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUH8xAbTQ3x45jut0vRH9dOG0RDrAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzBiZDM4Y2IzLWE1MTUtNGFiMC1hMzQ1LTMzY2I4M2FjZjI4ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4iDANBgkqhkiG9w0BAQsFAAOCAQEAjiOD32GAvHbpPgzehKxyVVg3ZItP
GhvenFQKOEMl7U/uNF058fz23e9JzQyV1jfHGtqjiJD0C4FViE19/emXi9tk9YjI
YcqT1rzY4iswSi54Xe78R1yryovrGq2/PWEZL55ceymGmlBJbmrbi//FZoeJuebh
su8HFxKNsxqjoeXdaEZJb6zNLSXAnhuq+9yqenYHLJ6Jl0NhRkY5jODUL8Sbr0mF
gkGp94gWuL2SJqcNz2QUcADXJb0oftkTDYRGiiCO+nn543nhbH7gBUtoeH5KBuu1
TAfbW4uVHUjpF9Rd3G41cVtYf9Fhs5XB6azxUr9wFIghaQwq//9fa9kZYg==
-----END CERTIFICATE-----
Generated at Mon Feb 10 15:41:15 2025 by rpki-client