Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/25b41a4c-7a8b-41e6-8d0c-2dc7cee8afd0.roa
File:                     25b41a4c-7a8b-41e6-8d0c-2dc7cee8afd0.roa (raw, json)
Hash identifier:          n9J2hSw+jst+j0nHTWpQJ7U0ePW7hFJ8dR/OH0JXNc0=
Subject key identifier:   D8:4F:83:AC:87:BC:88:23:BA:21:84:C4:66:F9:F5:43:14:BB:02:3E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       290733524F7E86F30E992BF3FAE5226428629CD1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/25b41a4c-7a8b-41e6-8d0c-2dc7cee8afd0.roa
Signing time:             Tue 20 May 2025 15:20:25 +0000
ROA not before:           Tue 20 May 2025 15:20:25 +0000
ROA not after:            Tue 24 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        78.12.0.0/15 maxlen: 15
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:07:33:52:4f:7e:86:f3:0e:99:2b:f3:fa:e5:22:64:28:62:9c:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 20 15:20:25 2025 GMT
            Not After : Jun 24 23:59:59 2025 GMT
        Subject: serialNumber=913851b117db3b9c9cd499dbe5854659f945b517e6590841c0782a3d6f8f3773, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:89:a0:11:d8:f6:c1:71:59:c8:97:63:ba:48:
                    2d:24:a1:5b:41:04:0e:32:c5:0b:cb:b5:44:ed:dc:
                    b4:47:1c:1a:91:77:17:9d:96:05:03:f1:61:20:49:
                    23:33:9e:24:73:ae:b4:55:0b:16:fb:01:32:12:10:
                    26:ae:36:24:49:3e:ac:26:8d:49:50:cf:f9:ab:99:
                    ff:ca:6b:de:60:29:ca:f7:b5:44:bb:7e:80:40:49:
                    b2:4c:84:51:74:3a:78:44:b1:1e:b6:f1:3e:9e:f2:
                    87:a6:ad:04:71:0f:61:25:89:60:8d:f5:55:d4:e0:
                    ba:03:ef:a5:34:a6:9d:89:e6:12:56:29:00:9e:e2:
                    a1:d3:05:1a:2f:23:b9:34:88:b1:e7:b4:0e:f6:69:
                    8a:c2:46:e5:33:3e:3a:df:9d:f8:ca:04:1a:2e:9c:
                    59:88:95:a2:a4:f7:b8:3a:92:19:64:1e:72:50:a9:
                    e4:2b:d3:8f:01:18:e6:a6:5a:74:36:d3:ae:7b:a3:
                    83:16:c7:66:b3:49:02:1f:6e:0c:80:37:2a:9d:1f:
                    7f:53:43:10:f0:30:47:ea:37:56:e1:8d:fa:1a:da:
                    51:cd:c3:e0:91:ee:41:e6:25:f0:5a:ed:15:97:7c:
                    e1:14:23:53:e1:dc:26:ee:6f:c4:81:dd:89:a8:e7:
                    3a:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:4F:83:AC:87:BC:88:23:BA:21:84:C4:66:F9:F5:43:14:BB:02:3E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/25b41a4c-7a8b-41e6-8d0c-2dc7cee8afd0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.12.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         69:8d:44:2f:92:aa:88:b5:83:3c:11:f8:70:a2:74:2d:56:34:
         55:e2:f2:5b:46:de:cf:39:0d:59:ff:6e:0a:85:47:05:de:7c:
         3c:de:e8:3f:f1:ec:ee:61:ed:3b:40:45:39:24:d8:60:71:ae:
         6c:86:20:0a:cf:92:d4:ee:06:f6:2e:fc:9f:6b:97:3b:e0:1a:
         f5:83:c6:dd:ea:f0:6a:d6:bc:3d:e9:42:96:e5:9f:d6:3e:af:
         d7:11:e3:88:da:87:78:33:11:8e:63:a1:30:c4:53:97:61:83:
         b7:c5:f3:91:96:f5:33:cc:fe:47:ac:40:70:24:7b:20:cf:23:
         76:52:3d:e9:83:49:9c:f8:cd:39:7d:99:15:32:67:f4:9e:2b:
         bb:4d:11:b5:6d:1a:bd:c3:32:2c:5b:dc:bc:41:8a:df:f5:f5:
         87:d6:5e:f8:ef:a8:0c:a2:fa:6c:72:a2:5a:db:2d:46:b2:06:
         dd:5b:c4:69:70:93:68:79:1c:38:58:3c:0a:a9:9f:ba:97:aa:
         74:36:a5:a4:21:cb:45:65:dd:81:04:27:d9:6d:e0:cd:ab:84:
         56:c4:5d:4a:3c:3c:e1:76:d3:d6:97:cc:ae:80:8d:b4:c6:e8:
         6c:fd:72:8e:23:19:e8:c4:a4:8e:c3:04:c5:ab:1b:c9:52:c1:
         e2:dc:4e:52
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUKQczUk9+hvMOmSvz+uUiZChinNEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTIwMTUyMDI1WhcNMjUwNjI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A5MTM4NTFiMTE3ZGIzYjljOWNkNDk5ZGJlNTg1NDY1OWY5
NDViNTE3ZTY1OTA4NDFjMDc4MmEzZDZmOGYzNzczMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCWiaAR2PbBcVnIl2O6SC0koVtBBA4yxQvLtUTt3LRHHBqR
dxedlgUD8WEgSSMzniRzrrRVCxb7ATISECauNiRJPqwmjUlQz/mrmf/Ka95gKcr3
tUS7foBASbJMhFF0OnhEsR628T6e8oemrQRxD2EliWCN9VXU4LoD76U0pp2J5hJW
KQCe4qHTBRovI7k0iLHntA72aYrCRuUzPjrfnfjKBBounFmIlaKk97g6khlkHnJQ
qeQr048BGOamWnQ20657o4MWx2azSQIfbgyANyqdH39TQxDwMEfqN1bhjfoa2lHN
w+CR7kHmJfBa7RWXfOEUI1Ph3Cbub8SB3Ymo5zqtAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU2E+DrIe8iCO6IYTEZvn1QxS7Aj4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI1YjQxYTRjLTdhOGItNDFlNi04ZDBjLTJkYzdjZWU4YWZkMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwFODDANBgkqhkiG9w0BAQsFAAOCAQEAaY1EL5KqiLWDPBH4cKJ0LVY0VeLy
W0bezzkNWf9uCoVHBd58PN7oP/Hs7mHtO0BFOSTYYHGubIYgCs+S1O4G9i78n2uX
O+Aa9YPG3erwata8PelCluWf1j6v1xHjiNqHeDMRjmOhMMRTl2GDt8XzkZb1M8z+
R6xAcCR7IM8jdlI96YNJnPjNOX2ZFTJn9J4ru00RtW0avcMyLFvcvEGK3/X1h9Ze
+O+oDKL6bHKiWtstRrIG3VvEaXCTaHkcOFg8CqmfupeqdDalpCHLRWXdgQQn2W3g
zauEVsRdSjw84XbT1pfMroCNtMbobP1yjiMZ6MSkjsMExasbyVLB4txOUg==
-----END CERTIFICATE-----
Generated at Sun Jun 1 04:22:38 2025 by rpki-client