Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5752b4d6-9da4-44b3-80c5-238c0eccb401.roa
File:                     5752b4d6-9da4-44b3-80c5-238c0eccb401.roa (raw, json)
Hash identifier:          ufvSBDsgB1ePco+HCNdPgwNMAceu3lTCjFcSzjiafPk=
Subject key identifier:   19:44:8D:E1:AC:C8:93:DE:0F:76:F0:08:23:53:A5:E7:0F:55:76:64
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0E298C3ECD35364E7760C32017C20CDF1467C127
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5752b4d6-9da4-44b3-80c5-238c0eccb401.roa
Signing time:             Fri 14 Feb 2025 00:10:41 +0000
ROA not before:           Fri 14 Feb 2025 00:10:41 +0000
ROA not after:            Fri 21 Mar 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        142.4.160.0/19 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:29:8c:3e:cd:35:36:4e:77:60:c3:20:17:c2:0c:df:14:67:c1:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 14 00:10:41 2025 GMT
            Not After : Mar 21 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:55:86:3c:81:dc:dc:41:f0:ca:07:cb:cb:9a:
                    6b:37:17:6a:bb:24:a2:d2:39:be:00:bb:de:66:73:
                    f9:fb:c7:49:dd:c6:eb:6c:77:d5:a6:08:b9:b7:5e:
                    43:df:91:3c:67:a9:9b:4c:fb:55:06:d6:2c:3e:3b:
                    02:4a:4a:1c:d1:4b:b0:c7:71:64:8f:68:22:0d:3e:
                    cd:9c:a7:5d:1b:09:7b:73:9f:c1:0c:8f:7b:36:35:
                    77:ab:35:c6:10:fc:0f:26:81:be:f3:ec:b8:61:e3:
                    70:80:32:80:e4:35:9d:55:ee:ce:46:08:7d:e0:15:
                    1f:02:ea:1e:d5:c3:f5:f6:87:ba:77:2d:cd:57:f3:
                    6b:0f:12:41:9c:f4:6c:e4:5e:3f:33:97:72:8f:de:
                    7d:b2:ae:fe:47:67:ed:90:c6:d3:73:5d:78:b6:de:
                    f7:bc:f8:a7:2a:1b:43:ec:74:7c:d4:76:97:ad:8d:
                    18:95:a9:8f:4b:d6:dd:cd:09:7c:9d:84:d9:bb:d0:
                    94:aa:a1:47:2f:44:96:31:62:ca:c8:50:67:ee:d1:
                    46:96:fa:ca:e6:6c:9e:5a:1e:eb:32:dc:ec:fa:c4:
                    30:8e:c6:8c:e5:5d:7e:e5:19:d5:de:cd:8f:b7:02:
                    db:73:4e:c1:66:3a:be:ed:7b:ec:f7:00:37:bb:25:
                    e5:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:44:8D:E1:AC:C8:93:DE:0F:76:F0:08:23:53:A5:E7:0F:55:76:64
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5752b4d6-9da4-44b3-80c5-238c0eccb401.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  142.4.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         5b:61:a1:0c:f2:69:ed:f7:2e:5f:57:cb:4d:ba:76:a5:26:81:
         b0:04:f8:ba:ca:02:ed:84:44:ed:d2:0f:67:9a:b6:d4:01:ff:
         3f:64:c7:da:d0:43:66:c9:36:0f:67:5f:6d:db:71:33:41:ad:
         86:34:44:9d:a4:51:b3:68:16:be:bf:41:7d:fc:9a:1b:94:41:
         ab:f0:6e:62:b6:48:b8:3c:bf:75:f5:f0:73:5a:70:d2:7c:5f:
         d9:f0:c8:e3:2f:ba:c2:d9:36:71:02:fd:8b:4a:82:2a:ad:56:
         4c:ee:56:e6:d4:e8:7d:7a:30:a9:70:aa:4c:10:98:bb:65:7f:
         6f:88:3a:49:ce:5c:28:44:ac:d1:8a:ba:2a:1e:a3:d6:e4:93:
         53:bd:30:70:89:a0:69:eb:05:3d:40:1e:54:1d:7b:a5:9d:13:
         6b:46:ed:84:bc:d5:07:88:b7:f5:f6:33:a5:28:39:95:00:0d:
         4b:03:ec:77:41:9b:9f:0a:2b:bb:6b:07:3e:53:93:13:cd:ec:
         da:68:ab:e6:22:82:e5:fd:81:46:1d:ee:93:10:e4:48:da:2c:
         e1:67:b8:91:a6:d6:a4:ce:f8:63:f7:ca:87:65:4d:cc:68:1f:
         b0:27:76:86:60:34:32:fd:e8:32:fb:e6:4d:04:ea:62:9c:1a:
         4b:5b:14:f0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDimMPs01Nk53YMMgF8IM3xRnwScwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMjE0MDAxMDQxWhcNMjUwMzIxMjM1OTU5
WjB6MUkwRwYDVQQFE0AyN2VhYmRkNjNmZjFhODY0ZDhiMGVlZDdjODU0Y2ZjMzQ2
YmRhNDEwNGE5MzQ0MDU2OTVmMDMyMWJjN2E4Y2JkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC5VYY8gdzcQfDKB8vLmms3F2q7JKLSOb4Au95mc/n7x0nd
xutsd9WmCLm3XkPfkTxnqZtM+1UG1iw+OwJKShzRS7DHcWSPaCINPs2cp10bCXtz
n8EMj3s2NXerNcYQ/A8mgb7z7Lhh43CAMoDkNZ1V7s5GCH3gFR8C6h7Vw/X2h7p3
Lc1X82sPEkGc9GzkXj8zl3KP3n2yrv5HZ+2QxtNzXXi23ve8+KcqG0PsdHzUdpet
jRiVqY9L1t3NCXydhNm70JSqoUcvRJYxYsrIUGfu0UaW+srmbJ5aHusy3Oz6xDCO
xozlXX7lGdXezY+3AttzTsFmOr7te+z3ADe7JeWVAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUGUSN4azIk94PdvAII1Ol5w9VdmQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzU3NTJiNGQ2LTlkYTQtNDRiMy04MGM1LTIzOGMwZWNjYjQwMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAWOBKAwDQYJKoZIhvcNAQELBQADggEBAFthoQzyae33Ll9Xy026dqUmgbAE
+LrKAu2ERO3SD2eattQB/z9kx9rQQ2bJNg9nX23bcTNBrYY0RJ2kUbNoFr6/QX38
mhuUQavwbmK2SLg8v3X18HNacNJ8X9nwyOMvusLZNnEC/YtKgiqtVkzuVubU6H16
MKlwqkwQmLtlf2+IOknOXChErNGKuioeo9bkk1O9MHCJoGnrBT1AHlQde6WdE2tG
7YS81QeIt/X2M6UoOZUADUsD7HdBm58KK7trBz5TkxPN7Npoq+YiguX9gUYd7pMQ
5EjaLOFnuJGm1qTO+GP3yodlTcxoH7AndoZgNDL96DL75k0E6mKcGktbFPA=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:14:42 2025 by rpki-client