Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3f5100a1-9182-409a-aacd-de6217f098f6.roa
File:                     3f5100a1-9182-409a-aacd-de6217f098f6.roa (raw, json)
Hash identifier:          XfhZTG24I/cd0h+T70nBL/rwjrvBVyFdhityEqdzOes=
Subject key identifier:   2B:70:9E:B4:5D:E9:48:F6:6C:37:78:67:4D:C8:78:BB:D0:CF:53:7B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       020DC784EAFA9DF1FB133D3AB81FF77F7222160E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3f5100a1-9182-409a-aacd-de6217f098f6.roa
Signing time:             Fri 07 Feb 2025 00:00:00 +0000
ROA not before:           Fri 07 Feb 2025 00:00:00 +0000
ROA not after:            Fri 14 Mar 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        182.30.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 11 Feb 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:0d:c7:84:ea:fa:9d:f1:fb:13:3d:3a:b8:1f:f7:7f:72:22:16:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb  7 00:00:00 2025 GMT
            Not After : Mar 14 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:49:f2:39:37:48:25:ee:07:e8:9d:54:9c:d2:
                    b3:16:47:f8:c5:0a:05:53:bb:18:29:78:d6:b4:9a:
                    3e:86:2a:40:15:94:90:b6:97:94:c1:cf:8a:c8:cb:
                    16:78:7d:02:44:e7:8f:21:e4:49:44:a4:c8:57:a9:
                    6a:0d:9b:31:20:76:20:64:83:03:1d:ae:1d:3f:21:
                    89:14:94:f9:02:15:2c:cc:d1:31:c6:af:6e:ee:e4:
                    c6:96:98:0a:62:7b:a3:df:3b:83:57:ee:f9:cc:96:
                    ed:b8:bf:f1:76:9d:f9:70:26:b3:74:68:b9:58:05:
                    90:ed:cf:7b:83:86:6a:8b:76:8a:5a:e0:8c:d4:63:
                    41:77:66:69:cf:35:ac:84:fe:ac:88:f3:1e:aa:a4:
                    ab:1d:05:32:9b:ad:20:a5:cf:a5:7e:ee:ff:c9:11:
                    ab:f5:3f:4b:b3:38:9f:50:f0:1c:31:70:cd:7a:57:
                    fb:51:f1:bd:56:af:e7:a6:b2:34:34:be:5f:d1:27:
                    7b:04:f8:ce:6d:13:90:bc:35:40:84:af:9b:6f:ba:
                    cd:a1:82:b5:40:b2:d4:87:51:6c:fc:d3:6f:dc:c4:
                    dd:ae:e2:1a:9e:cd:a5:09:15:4b:e7:92:7d:cd:94:
                    da:5a:8b:21:9a:f8:56:93:07:5f:09:22:cc:64:1c:
                    83:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:70:9E:B4:5D:E9:48:F6:6C:37:78:67:4D:C8:78:BB:D0:CF:53:7B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3f5100a1-9182-409a-aacd-de6217f098f6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.30.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         91:79:d9:17:3a:37:c8:81:5b:44:86:81:fd:b1:7d:d7:bd:31:
         ac:2b:27:bb:99:f5:1b:58:44:8c:f6:53:c8:0b:ad:11:26:87:
         07:1b:01:ac:77:13:b1:1e:05:99:de:91:f9:7f:21:7d:b4:2d:
         d0:07:5e:96:7a:8c:11:9c:f3:d8:1b:73:dc:56:90:c3:0d:b6:
         78:c5:a8:1a:43:fe:38:f6:21:df:d3:d5:38:eb:f5:70:b3:94:
         59:6c:a1:33:46:17:03:4e:bd:2c:e8:89:a9:1c:e9:61:4e:78:
         22:c5:47:d3:12:17:5d:89:ab:e0:31:13:fb:c2:cb:e0:54:4c:
         56:04:79:d9:a9:3d:5b:67:2f:5f:bf:17:35:a0:cf:77:65:ae:
         ba:77:6a:60:1c:96:48:92:18:be:25:87:75:5c:c6:53:17:31:
         ac:7d:52:99:73:ca:95:1a:e9:72:04:93:df:9f:56:f8:5b:76:
         a4:d4:0b:10:80:6d:73:5b:11:24:b9:23:77:d7:e8:78:5e:4a:
         07:d5:b4:80:79:a3:8a:db:e3:c9:7b:de:c6:eb:e2:8d:58:2a:
         2f:e5:91:42:a3:56:5a:80:09:31:4d:9a:16:c7:ff:cc:37:e7:
         49:2e:7f:32:bf:d5:e7:4d:f2:75:91:12:da:4f:1a:d9:5e:fe:
         1f:5e:5b:eb
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUAg3HhOr6nfH7Ez06uB/3f3IiFg4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMjA3MDAwMDAwWhcNMjUwMzE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BmNmM5NjYxMDQyMWYyOTQzZWEyYWNjYjFjN2M4ZjAwYjlj
NjRlY2IzMTM4ZmQ2YWJiOTYzY2E4MmI4MDM0NTYwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDISfI5N0gl7gfonVSc0rMWR/jFCgVTuxgpeNa0mj6GKkAV
lJC2l5TBz4rIyxZ4fQJE548h5ElEpMhXqWoNmzEgdiBkgwMdrh0/IYkUlPkCFSzM
0THGr27u5MaWmApie6PfO4NX7vnMlu24v/F2nflwJrN0aLlYBZDtz3uDhmqLdopa
4IzUY0F3ZmnPNayE/qyI8x6qpKsdBTKbrSClz6V+7v/JEav1P0uzOJ9Q8BwxcM16
V/tR8b1Wr+emsjQ0vl/RJ3sE+M5tE5C8NUCEr5tvus2hgrVAstSHUWz802/cxN2u
4hqezaUJFUvnkn3NlNpaiyGa+FaTB18JIsxkHIMxAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUK3CetF3pSPZsN3hnTch4u9DPU3swHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNmNTEwMGExLTkxODItNDA5YS1hYWNkLWRlNjIxN2YwOThmNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwC2HjANBgkqhkiG9w0BAQsFAAOCAQEAkXnZFzo3yIFbRIaB/bF9170xrCsn
u5n1G1hEjPZTyAutESaHBxsBrHcTsR4Fmd6R+X8hfbQt0AdelnqMEZzz2Btz3FaQ
ww22eMWoGkP+OPYh39PVOOv1cLOUWWyhM0YXA069LOiJqRzpYU54IsVH0xIXXYmr
4DET+8LL4FRMVgR52ak9W2cvX78XNaDPd2WuundqYByWSJIYviWHdVzGUxcxrH1S
mXPKlRrpcgST359W+Ft2pNQLEIBtc1sRJLkjd9foeF5KB9W0gHmjitvjyXvexuvi
jVgqL+WRQqNWWoAJMU2aFsf/zDfnSS5/Mr/V503ydZES2k8a2V7+H15b6w==
-----END CERTIFICATE-----
Generated at Mon Feb 10 15:45:53 2025 by rpki-client