Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4d9499c0-c507-4e26-9055-7e0de6b69d27.roa
File:                     4d9499c0-c507-4e26-9055-7e0de6b69d27.roa (raw, json)
Hash identifier:          FQ2RG4LVVOd52T29aejgQ0s72saBCPP/v3M5/GGqIyY=
Subject key identifier:   A7:AA:16:45:A8:35:B1:73:13:03:CB:55:1F:2A:C7:35:7D:4C:0D:0F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       50833DF4C06CFF37E1A1FD032829EF1018168E6D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4d9499c0-c507-4e26-9055-7e0de6b69d27.roa
Signing time:             Fri 23 May 2025 00:30:21 +0000
ROA not before:           Fri 23 May 2025 00:30:21 +0000
ROA not after:            Fri 27 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        64.252.102.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:83:3d:f4:c0:6c:ff:37:e1:a1:fd:03:28:29:ef:10:18:16:8e:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 23 00:30:21 2025 GMT
            Not After : Jun 27 23:59:59 2025 GMT
        Subject: serialNumber=2120f2e41fb8c02c8058cbc7a87ce4105fd669897fbfde3647a639ffb7c150de, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:d5:f8:6c:fd:a3:93:5e:be:6c:30:6b:59:fd:
                    2d:64:26:45:cd:e2:8b:f9:43:9b:b5:8e:ba:ee:67:
                    1d:a6:c5:48:a3:1c:4f:d6:b7:0c:96:8e:6f:1b:af:
                    2b:d0:10:78:e4:e7:8c:5f:01:f9:bd:8e:5c:be:ad:
                    b7:1b:06:bd:dd:09:b4:79:fd:99:6f:bf:f3:f5:3a:
                    05:7a:ba:86:20:18:31:64:a2:35:82:13:d9:fd:a6:
                    af:05:f2:aa:12:9a:fe:94:a6:b5:ee:65:6c:f4:ab:
                    7c:92:b3:cd:9d:4f:c2:92:86:e7:0a:8f:e0:75:91:
                    9a:5c:49:93:ad:97:a0:dc:2b:a2:34:35:43:15:87:
                    9e:8a:2d:fc:98:c4:b7:f9:72:db:77:98:ab:a4:df:
                    a4:85:3f:5b:db:93:27:53:44:b4:09:5a:02:bf:65:
                    f8:46:6b:49:42:aa:47:8f:eb:28:be:5e:15:5b:6d:
                    1c:25:b1:06:4a:ef:d1:f2:16:68:51:55:75:ee:b1:
                    67:71:17:86:e7:92:c4:52:c6:d1:fc:30:fa:bb:42:
                    58:d3:e0:fe:62:af:5c:da:b0:26:75:d0:43:5c:89:
                    a3:2e:91:20:cf:cd:8c:70:35:2e:79:b1:af:b0:04:
                    6f:d6:27:5f:75:ca:40:f4:76:c2:6a:87:58:8e:7d:
                    00:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:AA:16:45:A8:35:B1:73:13:03:CB:55:1F:2A:C7:35:7D:4C:0D:0F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4d9499c0-c507-4e26-9055-7e0de6b69d27.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.252.102.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bd:21:03:c0:f8:b4:57:32:cc:fc:e6:43:75:a4:3a:04:be:f0:
         f5:71:5b:93:17:69:36:e8:db:f3:12:68:51:c2:ed:34:33:c1:
         a6:38:d5:39:e6:65:b7:ae:13:ef:50:db:7c:61:00:d3:f6:a9:
         8c:b9:72:40:76:9e:46:2f:51:c6:86:7a:62:1f:f2:36:84:f6:
         52:1f:73:f3:c8:aa:c2:86:f9:04:4c:4b:c9:ea:d6:c1:fc:ed:
         20:3b:70:75:d9:b8:d5:b3:ab:e6:84:14:5b:59:a0:e9:e8:04:
         cc:08:76:9d:39:f8:26:36:d5:9c:80:c1:4b:5c:74:23:fc:94:
         77:b4:61:ac:81:5c:fd:68:59:7c:99:da:4a:89:8b:b8:cc:40:
         41:4c:51:9c:8a:75:e7:30:8c:ff:56:ca:cd:6d:7b:ff:4d:14:
         d2:b6:85:19:a4:2e:cd:ac:04:c4:07:cb:22:42:6f:10:67:de:
         b7:a7:14:4a:0e:7f:30:e2:0e:da:f7:06:00:1c:09:23:64:74:
         b1:00:c6:e1:10:bb:c1:41:bd:90:d3:2f:6b:85:e6:88:8e:7c:
         d4:df:8c:b9:d5:19:f2:0f:0c:f8:19:fc:db:6e:c7:ec:fd:29:
         30:06:8c:a8:fb:fb:ca:99:ed:e5:de:91:bd:e0:87:04:a0:49:
         a7:42:5c:0e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUIM99MBs/zfhof0DKCnvEBgWjm0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTIzMDAzMDIxWhcNMjUwNjI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AyMTIwZjJlNDFmYjhjMDJjODA1OGNiYzdhODdjZTQxMDVm
ZDY2OTg5N2ZiZmRlMzY0N2E2MzlmZmI3YzE1MGRlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCv1fhs/aOTXr5sMGtZ/S1kJkXN4ov5Q5u1jrruZx2mxUij
HE/WtwyWjm8bryvQEHjk54xfAfm9jly+rbcbBr3dCbR5/Zlvv/P1OgV6uoYgGDFk
ojWCE9n9pq8F8qoSmv6UprXuZWz0q3ySs82dT8KShucKj+B1kZpcSZOtl6DcK6I0
NUMVh56KLfyYxLf5ctt3mKuk36SFP1vbkydTRLQJWgK/ZfhGa0lCqkeP6yi+XhVb
bRwlsQZK79HyFmhRVXXusWdxF4bnksRSxtH8MPq7QljT4P5ir1zasCZ10ENciaMu
kSDPzYxwNS55sa+wBG/WJ191ykD0dsJqh1iOfQD3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUp6oWRag1sXMTA8tVHyrHNX1MDQ8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRkOTQ5OWMwLWM1MDctNGUyNi05MDU1LTdlMGRlNmI2OWQyNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABA/GYwDQYJKoZIhvcNAQELBQADggEBAL0hA8D4tFcyzPzmQ3WkOgS+8PVx
W5MXaTbo2/MSaFHC7TQzwaY41TnmZbeuE+9Q23xhANP2qYy5ckB2nkYvUcaGemIf
8jaE9lIfc/PIqsKG+QRMS8nq1sH87SA7cHXZuNWzq+aEFFtZoOnoBMwIdp05+CY2
1ZyAwUtcdCP8lHe0YayBXP1oWXyZ2kqJi7jMQEFMUZyKdecwjP9Wys1te/9NFNK2
hRmkLs2sBMQHyyJCbxBn3renFEoOfzDiDtr3BgAcCSNkdLEAxuEQu8FBvZDTL2uF
5oiOfNTfjLnVGfIPDPgZ/Ntux+z9KTAGjKj7+8qZ7eXekb3ghwSgSadCXA4=
-----END CERTIFICATE-----
Generated at Sun Jun 1 05:00:30 2025 by rpki-client