Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/18b90430-ec8d-405b-a438-dcdab8639f31.roa
File:                     18b90430-ec8d-405b-a438-dcdab8639f31.roa (raw, json)
Hash identifier:          aedLLDbsbD63rJfXfmIcgW9fUmbVIAOqWiYucxH3izU=
Subject key identifier:   A9:32:31:36:D4:54:D2:C0:F4:FB:5F:5B:4E:E8:49:BD:DF:F9:E2:AB
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       A3114A3B301F3AE07A759033353E9B4A39CB8B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/18b90430-ec8d-405b-a438-dcdab8639f31.roa
Signing time:             Mon 14 Apr 2025 15:11:18 +0000
ROA not before:           Mon 14 Apr 2025 15:11:18 +0000
ROA not after:            Mon 19 May 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        16.15.176.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 17 Apr 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            a3:11:4a:3b:30:1f:3a:e0:7a:75:90:33:35:3e:9b:4a:39:cb:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 14 15:11:18 2025 GMT
            Not After : May 19 23:59:59 2025 GMT
        Subject: serialNumber=b843b355594fa6f3aac306b120898e81cff7f39e1ddf943a13c43b709d43d472, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:5c:0f:2b:13:bd:70:79:ee:27:f4:42:aa:09:
                    b9:ad:e9:fa:61:b8:01:e1:c6:82:d5:d7:58:28:4d:
                    c8:ce:54:aa:1b:f6:13:5f:e5:5c:76:00:de:e3:17:
                    b0:88:bc:fa:09:72:23:fc:da:ee:e1:35:5d:f2:bf:
                    de:11:8e:92:e2:47:15:09:4b:ef:28:99:cb:e7:da:
                    15:d7:17:14:3f:6a:c5:f9:cc:56:24:0e:91:d1:b0:
                    62:33:22:dd:d1:40:bc:13:45:be:9b:fc:13:bc:0b:
                    a8:58:01:fd:b4:5b:44:82:61:63:5a:a5:aa:e9:5b:
                    fe:14:65:5a:3f:97:9a:f7:70:86:b1:15:39:f0:d8:
                    16:39:74:92:ad:c1:2d:d1:a0:37:d1:d5:33:0c:a7:
                    44:35:5d:0a:2d:55:48:d6:8e:e9:83:d2:65:3f:7f:
                    2f:8c:a3:90:d3:ae:57:04:ca:be:6e:21:6f:79:39:
                    4a:ec:cd:e0:1b:46:8e:7d:09:fe:c7:02:b5:fe:17:
                    5d:61:9c:21:b6:38:67:b0:6e:bd:d3:75:e8:4b:59:
                    8d:3a:e4:f3:0d:eb:17:ca:96:4e:fe:21:8f:c8:cd:
                    af:b1:b2:f5:52:45:24:13:5c:dd:a2:3a:13:7a:5c:
                    cb:6c:3d:e7:fe:5d:a9:f8:d2:04:98:bd:bf:5c:3c:
                    5b:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:32:31:36:D4:54:D2:C0:F4:FB:5F:5B:4E:E8:49:BD:DF:F9:E2:AB
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/18b90430-ec8d-405b-a438-dcdab8639f31.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.15.176.0/20

    Signature Algorithm: sha256WithRSAEncryption
         6c:e2:b8:9a:d4:15:bf:c4:96:2c:78:48:e2:33:9d:db:ec:bf:
         09:87:05:0d:a0:08:51:13:46:ee:46:66:1f:27:76:a4:d6:27:
         b9:88:0f:0c:d7:28:2a:03:34:c1:98:62:8e:d5:3c:a8:8a:44:
         50:f5:b1:dd:5e:a8:fb:4c:4a:95:f1:67:da:7a:86:bd:54:d5:
         a2:62:ef:c4:06:39:bd:7a:07:28:af:59:25:ba:dc:4c:04:a2:
         f6:27:99:08:07:2e:5a:09:c0:58:ee:68:2e:5c:98:79:c7:75:
         d6:c5:57:d9:51:74:68:78:65:15:78:b8:44:29:a5:87:b8:31:
         a3:7b:41:53:b0:eb:b2:cd:6f:a4:57:f7:60:5f:4a:37:b2:f4:
         88:09:84:ca:64:c2:93:5c:9f:3e:3b:e6:fe:53:16:a8:11:29:
         3c:0c:a6:f7:47:1e:d5:86:75:3f:00:9f:1f:c2:75:9e:62:c9:
         e2:12:5c:09:f1:ff:c3:48:19:9e:40:73:76:23:da:8d:40:78:
         d1:b6:57:2b:55:8e:ae:48:88:d1:4c:37:35:68:f1:f5:0f:61:
         a3:bc:91:a0:07:f4:06:b1:8c:d9:81:c2:b9:59:39:f3:66:16:
         e3:b7:69:33:e1:df:8f:40:3f:c3:ec:4a:23:64:70:a3:6c:a6:
         8d:0d:91:77
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAKMRSjswHzrgenWQMzU+m0o5y4swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDE0MTUxMTE4WhcNMjUwNTE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BiODQzYjM1NTU5NGZhNmYzYWFjMzA2YjEyMDg5OGU4MWNm
ZjdmMzllMWRkZjk0M2ExM2M0M2I3MDlkNDNkNDcyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1XA8rE71wee4n9EKqCbmt6fphuAHhxoLV11goTcjOVKob
9hNf5Vx2AN7jF7CIvPoJciP82u7hNV3yv94RjpLiRxUJS+8omcvn2hXXFxQ/asX5
zFYkDpHRsGIzIt3RQLwTRb6b/BO8C6hYAf20W0SCYWNaparpW/4UZVo/l5r3cIax
FTnw2BY5dJKtwS3RoDfR1TMMp0Q1XQotVUjWjumD0mU/fy+Mo5DTrlcEyr5uIW95
OUrszeAbRo59Cf7HArX+F11hnCG2OGewbr3TdehLWY065PMN6xfKlk7+IY/Iza+x
svVSRSQTXN2iOhN6XMtsPef+Xan40gSYvb9cPFvTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUqTIxNtRU0sD0+19bTuhJvd/54qswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE4YjkwNDMwLWVjOGQtNDA1Yi1hNDM4LWRjZGFiODYzOWYzMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQQD7AwDQYJKoZIhvcNAQELBQADggEBAGziuJrUFb/Elix4SOIzndvsvwmH
BQ2gCFETRu5GZh8ndqTWJ7mIDwzXKCoDNMGYYo7VPKiKRFD1sd1eqPtMSpXxZ9p6
hr1U1aJi78QGOb16ByivWSW63EwEovYnmQgHLloJwFjuaC5cmHnHddbFV9lRdGh4
ZRV4uEQppYe4MaN7QVOw67LNb6RX92BfSjey9IgJhMpkwpNcnz475v5TFqgRKTwM
pvdHHtWGdT8Anx/CdZ5iyeISXAnx/8NIGZ5Ac3Yj2o1AeNG2VytVjq5IiNFMNzVo
8fUPYaO8kaAH9AaxjNmBwrlZOfNmFuO3aTPh349AP8PsSiNkcKNspo0NkXc=
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:00:34 2025 by rpki-client