Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/61c5552e-f911-4049-840d-5f76ab2a6dd0.roa
File:                     61c5552e-f911-4049-840d-5f76ab2a6dd0.roa (raw, json)
Hash identifier:          L0ljJPSc8dcHTqb87b1Wz8iq+DTMzQhE34IPb/K0H1M=
Subject key identifier:   58:6D:CF:B2:C8:0D:40:D1:A2:20:1D:55:8E:F2:F2:A4:A9:5D:2B:90
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       760E0A4494659CC9CBA2FA809DFF6A3C19C22975
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/61c5552e-f911-4049-840d-5f76ab2a6dd0.roa
Signing time:             Tue 11 Mar 2025 00:00:43 +0000
ROA not before:           Tue 11 Mar 2025 00:00:43 +0000
ROA not after:            Tue 15 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        149.187.128.0/17 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 15 Mar 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:0e:0a:44:94:65:9c:c9:cb:a2:fa:80:9d:ff:6a:3c:19:c2:29:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 11 00:00:43 2025 GMT
            Not After : Apr 15 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:e8:8a:12:51:66:6b:86:c7:2d:85:c0:cf:35:
                    e3:1d:d4:f8:08:70:06:25:49:01:f6:98:be:dd:8f:
                    1f:a1:99:64:96:f4:82:76:f4:8f:f8:4f:e0:a5:30:
                    b7:f4:d0:50:b6:71:86:7e:cb:b2:3e:72:79:91:7b:
                    82:03:c0:bc:d1:54:62:be:a2:c4:c3:da:64:8e:56:
                    81:cf:9a:5a:c5:1b:d9:a1:0a:b2:63:8f:58:c8:7d:
                    54:55:32:50:ed:44:95:42:c7:82:82:9b:d9:88:7e:
                    33:72:79:a0:ce:2e:14:e0:1f:44:d0:5b:5d:87:07:
                    1c:85:3e:b9:32:6d:24:62:82:5e:a9:9b:6a:65:c5:
                    75:31:3c:3c:2b:3e:c7:ba:05:4c:90:c5:5b:7f:a5:
                    ed:a5:3d:86:3c:dd:3d:ca:9f:6f:8f:a8:e3:9b:25:
                    57:ad:c1:a8:fb:6a:72:c9:8e:e9:df:8a:e7:df:6a:
                    95:53:70:29:1a:1e:dc:53:b6:fa:19:7e:cc:bb:02:
                    ba:15:cb:8d:ce:85:3d:2b:fa:20:f0:f0:3c:4a:f3:
                    63:49:a4:68:cd:28:6a:b2:87:04:58:f2:3d:ca:13:
                    27:c5:f0:4a:ea:28:8a:74:39:0d:50:dc:65:b1:56:
                    03:b8:a7:31:43:a0:d1:9b:96:41:78:6a:28:85:d3:
                    f7:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:6D:CF:B2:C8:0D:40:D1:A2:20:1D:55:8E:F2:F2:A4:A9:5D:2B:90
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/61c5552e-f911-4049-840d-5f76ab2a6dd0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  149.187.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         89:77:a2:09:7d:ae:9f:e6:6b:a0:4e:1d:b0:31:67:a3:97:74:
         6e:a0:e1:22:f4:55:d7:db:c2:81:83:28:36:c7:f1:6c:0b:f2:
         cb:1c:e2:32:5d:2a:0e:de:8b:c1:84:43:06:5d:d7:64:6a:cd:
         6b:58:df:f6:d7:44:aa:03:b8:4d:90:48:8c:74:7e:15:a9:e9:
         84:61:59:83:01:12:fc:fc:80:c9:1d:2d:97:08:57:37:4d:d5:
         9c:ef:6b:c5:5b:d2:70:0a:25:a9:fb:d5:e0:3f:53:20:39:fa:
         02:e2:10:7c:f9:ab:f7:8a:fe:1d:4f:69:61:84:bd:bd:d0:34:
         87:12:fc:30:e6:5c:f3:12:e7:37:40:2c:68:66:96:74:20:bf:
         cc:6b:8a:94:e2:0e:b3:30:dc:4f:32:66:b8:96:fb:e8:77:a4:
         b7:f9:04:f6:ba:ad:8a:06:f3:89:89:f9:64:40:be:23:b2:b0:
         9f:00:0c:ca:5b:f8:34:ad:bb:48:e7:5c:35:21:8e:75:65:8d:
         15:26:1f:86:49:60:13:0a:18:1a:81:7d:f6:8d:26:2d:31:5b:
         d0:80:54:3c:9a:2f:29:5a:3a:31:49:92:79:7a:fd:08:67:00:
         7d:e0:af:66:1f:9e:73:fc:17:e6:15:12:e3:a9:52:90:44:e0:
         a6:32:80:a2
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdg4KRJRlnMnLovqAnf9qPBnCKXUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzExMDAwMDQzWhcNMjUwNDE1MjM1OTU5
WjB6MUkwRwYDVQQFE0BjYzIwMzJlZTZkMjhmMGE5ZTg0MmRlZWMxYjRmOWQzMWVj
ZGUwOTNmOWRmNzBmMWM2Y2M4YzEyYzRkOTQ3ZjE4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCs6IoSUWZrhscthcDPNeMd1PgIcAYlSQH2mL7djx+hmWSW
9IJ29I/4T+ClMLf00FC2cYZ+y7I+cnmRe4IDwLzRVGK+osTD2mSOVoHPmlrFG9mh
CrJjj1jIfVRVMlDtRJVCx4KCm9mIfjNyeaDOLhTgH0TQW12HBxyFPrkybSRigl6p
m2plxXUxPDwrPse6BUyQxVt/pe2lPYY83T3Kn2+PqOObJVetwaj7anLJjunfiuff
apVTcCkaHtxTtvoZfsy7AroVy43OhT0r+iDw8DxK82NJpGjNKGqyhwRY8j3KEyfF
8ErqKIp0OQ1Q3GWxVgO4pzFDoNGblkF4aiiF0/d5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUWG3PssgNQNGiIB1VjvLypKldK5AwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzYxYzU1NTJlLWY5MTEtNDA0OS04NDBkLTVmNzZhYjJhNmRkMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAeVu4AwDQYJKoZIhvcNAQELBQADggEBAIl3ogl9rp/ma6BOHbAxZ6OXdG6g
4SL0VdfbwoGDKDbH8WwL8ssc4jJdKg7ei8GEQwZd12RqzWtY3/bXRKoDuE2QSIx0
fhWp6YRhWYMBEvz8gMkdLZcIVzdN1Zzva8Vb0nAKJan71eA/UyA5+gLiEHz5q/eK
/h1PaWGEvb3QNIcS/DDmXPMS5zdALGhmlnQgv8xripTiDrMw3E8yZriW++h3pLf5
BPa6rYoG84mJ+WRAviOysJ8ADMpb+DStu0jnXDUhjnVljRUmH4ZJYBMKGBqBffaN
Ji0xW9CAVDyaLylaOjFJknl6/QhnAH3gr2YfnnP8F+YVEuOpUpBE4KYygKI=
-----END CERTIFICATE-----
Generated at Thu Mar 13 23:39:51 2025 by rpki-client