Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/315cda05-f16d-43f1-83d5-40e86c38635c.roa
File:                     315cda05-f16d-43f1-83d5-40e86c38635c.roa (raw, json)
Hash identifier:          hZ9mD54d0arK/E+yb4jFAzGZOqAkLFx/HsbvjAbyz9A=
Subject key identifier:   05:D8:30:4F:0C:D3:18:1F:91:EB:98:F1:A2:0A:1E:60:F7:9B:1E:95
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3F46126951F2332FFE7FDAA6808E97430482B6A0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/315cda05-f16d-43f1-83d5-40e86c38635c.roa
Signing time:             Tue 21 Jan 2025 00:00:00 +0000
ROA not before:           Tue 21 Jan 2025 00:00:00 +0000
ROA not after:            Tue 25 Feb 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        32.144.0.0/12 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:46:12:69:51:f2:33:2f:fe:7f:da:a6:80:8e:97:43:04:82:b6:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 21 00:00:00 2025 GMT
            Not After : Feb 25 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:cd:7a:0f:46:0b:ae:47:89:f2:64:dc:ac:28:
                    86:0d:4e:43:2a:e3:51:7a:7f:71:25:a1:30:e9:a4:
                    b5:f9:a0:88:d3:f3:c8:59:41:dd:d5:b6:e3:6a:c9:
                    bb:61:37:44:44:95:3d:32:8c:2b:ed:28:dd:a6:f8:
                    c2:49:f2:4a:58:86:fa:d2:6a:98:23:11:67:de:01:
                    68:dd:58:5d:92:f5:31:d9:2c:9e:aa:16:6e:2c:c2:
                    68:be:ef:dc:0a:80:fc:af:59:4e:56:f3:75:41:da:
                    3b:33:df:bd:22:5a:b6:64:9f:e5:9b:c2:9f:34:67:
                    f5:82:13:c5:e2:93:8a:1f:7e:b1:fc:9a:c9:22:24:
                    b8:4c:03:95:32:21:6d:59:54:0c:36:88:ee:bf:dc:
                    91:77:3e:0b:51:5b:99:ca:11:1e:93:dc:00:17:5c:
                    e9:6c:cc:4f:21:eb:90:4d:d9:aa:ce:88:76:48:76:
                    b8:41:73:58:93:8b:31:e9:94:7d:73:45:ad:37:b3:
                    b9:30:b2:46:55:ec:fd:1f:67:30:bb:b6:94:89:09:
                    8d:7a:8e:7e:2c:aa:0f:b1:27:b5:72:c9:18:99:78:
                    59:0f:34:0a:54:90:c5:b1:dd:f7:aa:25:6c:5b:0d:
                    17:9a:f1:7b:d2:2c:3b:0d:5c:4a:53:87:94:3f:01:
                    a7:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:D8:30:4F:0C:D3:18:1F:91:EB:98:F1:A2:0A:1E:60:F7:9B:1E:95
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/315cda05-f16d-43f1-83d5-40e86c38635c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  32.144.0.0/12

    Signature Algorithm: sha256WithRSAEncryption
         06:33:5a:b1:69:f0:ed:fe:3c:03:5e:75:c4:61:4c:0c:c8:20:
         a2:fd:73:92:b7:15:d4:79:b1:f0:92:63:9f:2c:ef:d0:07:12:
         f7:bb:68:4b:ba:83:f3:77:77:4b:5e:11:55:e7:17:b9:07:c4:
         a1:72:3b:63:e2:39:45:49:ab:da:84:13:f5:e2:b0:8e:1c:55:
         7e:61:f7:38:29:30:d0:76:1b:f1:a0:e6:1e:42:7c:46:ee:59:
         3c:ac:f7:8b:ed:23:f7:18:a0:86:19:49:52:ba:93:bd:c0:92:
         93:d4:1a:22:83:87:93:38:04:29:43:1a:12:be:76:dc:df:77:
         c8:3d:16:b2:42:11:72:9c:4b:b0:22:25:a0:d5:83:a3:e3:4f:
         62:4a:e3:72:64:46:98:bb:3e:6b:bf:d9:ff:1c:75:cc:33:95:
         75:9a:a5:02:45:34:90:a3:5b:d7:e4:01:8d:aa:63:d4:e4:1d:
         29:e8:31:05:30:1f:21:f8:c8:83:20:34:56:88:d7:0a:33:73:
         91:b3:24:03:37:b2:95:0c:6b:37:48:96:a8:7f:40:b3:e2:49:
         37:0d:49:cf:c2:96:ff:9c:d4:f6:6e:cd:6b:98:64:5c:cb:3d:
         91:80:96:5a:40:04:da:97:b4:e8:9f:21:4e:c3:b1:dd:bf:53:
         76:c5:9f:03
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUP0YSaVHyMy/+f9qmgI6XQwSCtqAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTIxMDAwMDAwWhcNMjUwMjI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A3ODZlNzE0MDc1NmU3NmUwZTRlM2U4MDJmY2NkZjliOTU5
NWU3NTExZjdkMGM3YjJlNzY4YTVkZDc2YTA4NjcyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCuzXoPRguuR4nyZNysKIYNTkMq41F6f3EloTDppLX5oIjT
88hZQd3VtuNqybthN0RElT0yjCvtKN2m+MJJ8kpYhvrSapgjEWfeAWjdWF2S9THZ
LJ6qFm4swmi+79wKgPyvWU5W83VB2jsz370iWrZkn+Wbwp80Z/WCE8Xik4offrH8
mskiJLhMA5UyIW1ZVAw2iO6/3JF3PgtRW5nKER6T3AAXXOlszE8h65BN2arOiHZI
drhBc1iTizHplH1zRa03s7kwskZV7P0fZzC7tpSJCY16jn4sqg+xJ7VyyRiZeFkP
NApUkMWx3feqJWxbDRea8XvSLDsNXEpTh5Q/AacBAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUBdgwTwzTGB+R65jxogoeYPebHpUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzMxNWNkYTA1LWYxNmQtNDNmMS04M2Q1LTQwZTg2YzM4NjM1Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwQgkDANBgkqhkiG9w0BAQsFAAOCAQEABjNasWnw7f48A151xGFMDMggov1z
krcV1Hmx8JJjnyzv0AcS97toS7qD83d3S14RVecXuQfEoXI7Y+I5RUmr2oQT9eKw
jhxVfmH3OCkw0HYb8aDmHkJ8Ru5ZPKz3i+0j9xighhlJUrqTvcCSk9QaIoOHkzgE
KUMaEr523N93yD0WskIRcpxLsCIloNWDo+NPYkrjcmRGmLs+a7/Z/xx1zDOVdZql
AkU0kKNb1+QBjapj1OQdKegxBTAfIfjIgyA0VojXCjNzkbMkAzeylQxrN0iWqH9A
s+JJNw1Jz8KW/5zU9m7Na5hkXMs9kYCWWkAE2pe06J8hTsOx3b9TdsWfAw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 06:36:55 2025 by rpki-client