Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/52603c05-86e8-4ac0-94f4-815b7fc6fca8.roa
File:                     52603c05-86e8-4ac0-94f4-815b7fc6fca8.roa (raw, json)
Hash identifier:          2oXzwuA9iNnHhbathMJNXWAeYHORmHm795vGV+16gkk=
Subject key identifier:   5D:24:26:9C:26:87:E6:95:D3:B8:90:53:A5:4A:77:36:6F:74:E3:3F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       CC92340627E5858E31211399714CF7D8D2CAA7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/52603c05-86e8-4ac0-94f4-815b7fc6fca8.roa
Signing time:             Tue 27 May 2025 00:11:31 +0000
ROA not before:           Tue 27 May 2025 00:11:31 +0000
ROA not after:            Tue 01 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.22.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            cc:92:34:06:27:e5:85:8e:31:21:13:99:71:4c:f7:d8:d2:ca:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 27 00:11:31 2025 GMT
            Not After : Jul  1 23:59:59 2025 GMT
        Subject: serialNumber=e4bc6e1fd06522560f38ca4d797ee47efbb6abeff5c92017fc8c6a2880214f75, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:24:97:b2:b2:71:c0:01:06:1b:d5:57:eb:c8:
                    65:75:b1:50:3d:28:54:ab:8a:8c:74:55:9e:fd:c3:
                    1b:c7:92:0b:cb:72:e1:ee:43:5f:59:73:1b:ae:2d:
                    be:d9:2d:7e:81:40:1e:17:bd:68:9a:4d:69:a9:52:
                    ed:88:ec:ee:8b:ff:84:3c:39:d4:7c:c4:26:f8:84:
                    fd:ba:5a:3c:9a:74:62:d0:cb:4c:18:1b:71:82:9b:
                    50:6d:6f:4d:83:9f:a7:e6:35:41:63:59:f7:ea:f4:
                    3d:f4:0d:80:95:23:87:57:06:89:d5:0b:99:ac:e9:
                    09:01:de:34:66:c9:74:50:73:bc:7e:24:5b:31:7c:
                    91:79:d6:53:d5:a9:60:cf:90:19:0e:9c:53:7d:db:
                    48:2c:65:fd:73:d2:68:86:66:91:e7:00:08:0c:9b:
                    99:a1:6b:05:93:39:7a:bc:ef:45:46:75:92:7b:94:
                    c7:08:76:a4:cf:d6:a9:b5:4b:6a:2f:0d:cf:ee:dc:
                    81:a6:d4:e0:c5:21:04:b3:a7:d9:cc:de:6f:b1:60:
                    65:6f:1d:70:c6:f6:e4:84:75:2f:a8:d6:b6:a2:1f:
                    7f:a7:69:0b:9d:7a:6b:9a:52:e4:25:74:58:9c:e8:
                    da:cb:82:a0:07:49:b4:41:b1:31:07:21:53:d4:f6:
                    a0:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:24:26:9C:26:87:E6:95:D3:B8:90:53:A5:4A:77:36:6F:74:E3:3F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/52603c05-86e8-4ac0-94f4-815b7fc6fca8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.22.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         83:7a:21:65:b8:71:72:c7:83:84:f1:b5:ef:cd:88:5b:04:d6:
         0a:d2:75:b5:fe:1f:4a:97:79:d6:ca:6e:40:61:b9:29:7b:81:
         d3:ca:c1:9c:ae:17:87:bf:7e:6e:c8:cc:15:df:1c:8e:41:43:
         a7:c8:58:01:e0:94:0e:d0:46:a4:a1:35:c8:c1:b3:dd:2f:cd:
         be:a5:e3:a7:08:5b:6f:75:69:f2:ad:b5:4e:db:02:70:8f:54:
         8c:e7:53:7c:ba:1a:ec:77:8b:3c:20:c7:a9:74:1c:b4:d4:85:
         47:55:28:00:a5:16:d7:7c:3b:9a:c1:64:c6:a5:6d:e8:fd:20:
         18:0b:2e:0d:88:16:e4:f8:95:1a:76:17:49:21:7b:10:5f:70:
         74:c1:2a:79:ba:d6:ed:81:e5:4b:68:36:15:33:bc:89:7c:d0:
         c7:2b:14:42:3d:d3:c7:7b:9a:50:17:e7:1b:f1:a3:4e:6f:48:
         84:1d:e1:7b:c6:9d:ac:ec:43:42:b7:4f:35:2a:2b:60:f3:4c:
         1d:89:ec:14:c4:d3:17:db:de:c5:1e:2b:e0:f5:1a:26:64:4c:
         f2:6d:6a:8a:a6:2d:f2:fb:25:db:8b:a0:c0:cb:ef:e6:6b:49:
         0f:1c:4b:d0:2e:21:d2:b3:e8:d1:53:35:fe:b8:fd:7f:7c:a2:
         b1:91:4b:36
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUAMySNAYn5YWOMSETmXFM99jSyqcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTI3MDAxMTMxWhcNMjUwNzAxMjM1OTU5
WjB6MUkwRwYDVQQFE0BlNGJjNmUxZmQwNjUyMjU2MGYzOGNhNGQ3OTdlZTQ3ZWZi
YjZhYmVmZjVjOTIwMTdmYzhjNmEyODgwMjE0Zjc1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3JJeysnHAAQYb1VfryGV1sVA9KFSriox0VZ79wxvHkgvL
cuHuQ19ZcxuuLb7ZLX6BQB4XvWiaTWmpUu2I7O6L/4Q8OdR8xCb4hP26WjyadGLQ
y0wYG3GCm1Btb02Dn6fmNUFjWffq9D30DYCVI4dXBonVC5ms6QkB3jRmyXRQc7x+
JFsxfJF51lPVqWDPkBkOnFN920gsZf1z0miGZpHnAAgMm5mhawWTOXq870VGdZJ7
lMcIdqTP1qm1S2ovDc/u3IGm1ODFIQSzp9nM3m+xYGVvHXDG9uSEdS+o1raiH3+n
aQudemuaUuQldFic6NrLgqAHSbRBsTEHIVPU9qCNAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUXSQmnCaH5pXTuJBTpUp3Nm904z8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzUyNjAzYzA1LTg2ZTgtNGFjMC05NGY0LTgxNWI3ZmM2ZmNhOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQFjANBgkqhkiG9w0BAQsFAAOCAQEAg3ohZbhxcseDhPG1782IWwTWCtJ1
tf4fSpd51spuQGG5KXuB08rBnK4Xh79+bsjMFd8cjkFDp8hYAeCUDtBGpKE1yMGz
3S/NvqXjpwhbb3Vp8q21TtsCcI9UjOdTfLoa7HeLPCDHqXQctNSFR1UoAKUW13w7
msFkxqVt6P0gGAsuDYgW5PiVGnYXSSF7EF9wdMEqebrW7YHlS2g2FTO8iXzQxysU
Qj3Tx3uaUBfnG/GjTm9IhB3he8adrOxDQrdPNSorYPNMHYnsFMTTF9vexR4r4PUa
JmRM8m1qiqYt8vsl24ugwMvv5mtJDxxL0C4h0rPo0VM1/rj9f3yisZFLNg==
-----END CERTIFICATE-----
Generated at Sun Jun 1 04:40:54 2025 by rpki-client