Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/655d9c54-1648-4b17-915a-5b868df7eca4.roa
File:                     655d9c54-1648-4b17-915a-5b868df7eca4.roa (raw, json)
Hash identifier:          AHSoEUKhPWrOrMfXar7b6S9NH4uYQf08IhrrWPD9ixw=
Subject key identifier:   0F:08:02:A4:EB:74:7C:CB:1F:00:D0:6D:DC:DB:7C:AD:8B:96:68:4E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1B03A50E4E35B13B074F9918BC29148E2B74DA4B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/655d9c54-1648-4b17-915a-5b868df7eca4.roa
Signing time:             Wed 28 May 2025 00:41:15 +0000
ROA not before:           Wed 28 May 2025 00:41:15 +0000
ROA not after:            Wed 02 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        75.79.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 10 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:03:a5:0e:4e:35:b1:3b:07:4f:99:18:bc:29:14:8e:2b:74:da:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 28 00:41:15 2025 GMT
            Not After : Jul  2 23:59:59 2025 GMT
        Subject: serialNumber=1380a6dcb63b3eacf7e01e0825baadcfe9df6d1cc4be2cddc213c86bab04d1f6, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:2a:a8:20:cf:8e:3e:8c:1e:0c:79:b6:73:f9:
                    66:f9:f1:7c:7b:30:1a:a7:be:2b:e3:6f:65:3a:89:
                    3c:64:65:ab:7c:69:55:55:f2:d6:4d:7a:3c:79:84:
                    ed:36:33:78:94:a6:94:3b:96:b5:7a:d7:a3:03:ca:
                    25:f7:a0:82:da:db:cb:31:1e:b6:19:72:50:3a:b3:
                    c4:59:28:62:d6:f3:e4:74:e7:b2:b7:6c:61:96:c9:
                    34:e6:ce:11:b2:68:f7:a6:f7:b9:74:e4:cc:1c:7f:
                    5a:5c:7a:ab:c3:82:8b:18:8f:ea:c5:09:5f:f0:1c:
                    4d:1d:4a:5c:82:81:c4:d6:f4:9f:6a:66:e9:10:cf:
                    04:23:74:46:31:68:09:3c:6e:22:00:1c:37:43:bc:
                    08:5f:0d:50:b0:4b:55:d6:8b:ca:b3:45:27:cb:07:
                    4e:36:d7:f7:07:b5:74:1a:83:05:64:8e:44:97:e8:
                    20:a3:f5:e8:11:8b:f6:f2:9f:f0:30:58:f4:1d:b4:
                    82:f0:4a:35:b8:b1:a0:ac:23:99:9c:37:fc:a2:f7:
                    14:b4:21:37:3e:63:1b:f0:06:0f:ce:68:a7:19:66:
                    8c:86:3a:fe:4f:e1:19:a0:1b:e9:38:36:26:46:0c:
                    13:a6:dd:8f:16:b0:72:14:28:f6:90:78:12:24:d0:
                    98:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:08:02:A4:EB:74:7C:CB:1F:00:D0:6D:DC:DB:7C:AD:8B:96:68:4E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/655d9c54-1648-4b17-915a-5b868df7eca4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  75.79.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         b6:14:59:36:60:dd:ac:97:a6:b3:c6:d9:65:c1:29:89:a3:8a:
         10:05:97:00:bb:1a:ce:16:83:db:8e:d4:b0:a9:76:18:0a:53:
         b2:00:58:4a:59:85:56:a0:76:ce:f3:39:88:8e:9d:8e:fb:96:
         32:2e:e9:b0:4e:c2:e7:76:6d:80:b4:aa:00:e4:81:a8:d0:3b:
         2e:c5:b3:c3:a3:c8:d8:f7:5a:11:79:48:9b:16:77:a6:b1:61:
         a5:39:c3:6c:af:1c:55:1d:be:ac:54:03:8d:05:31:ae:e0:d3:
         9b:4b:ec:ce:fc:f5:9b:f6:0c:af:3a:1f:d9:65:3c:b4:7c:45:
         ee:72:8c:c0:f2:7e:80:12:4a:c8:cd:d2:86:10:70:42:fe:75:
         8b:4f:08:96:e1:6a:c9:6a:b4:90:2b:95:cc:70:96:5a:be:8f:
         52:e5:11:05:e4:82:2d:cb:e2:57:36:01:f2:43:b6:6f:20:f2:
         c9:53:5b:74:f9:37:39:15:94:9c:1b:76:bf:3f:a8:3b:1c:38:
         bc:ab:33:4c:25:93:41:72:c0:5f:18:29:67:12:fc:ec:df:f1:
         10:82:2b:6e:c3:28:c4:5b:c5:f1:06:7e:5a:11:b7:42:4b:0a:
         92:88:eb:53:91:70:4b:1d:da:37:12:88:d8:54:82:d6:ff:1f:
         5e:7b:4f:cf
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUGwOlDk41sTsHT5kYvCkUjit02kswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTI4MDA0MTE1WhcNMjUwNzAyMjM1OTU5
WjB6MUkwRwYDVQQFE0AxMzgwYTZkY2I2M2IzZWFjZjdlMDFlMDgyNWJhYWRjZmU5
ZGY2ZDFjYzRiZTJjZGRjMjEzYzg2YmFiMDRkMWY2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2Kqggz44+jB4MebZz+Wb58Xx7MBqnvivjb2U6iTxkZat8
aVVV8tZNejx5hO02M3iUppQ7lrV616MDyiX3oILa28sxHrYZclA6s8RZKGLW8+R0
57K3bGGWyTTmzhGyaPem97l05Mwcf1pceqvDgosYj+rFCV/wHE0dSlyCgcTW9J9q
ZukQzwQjdEYxaAk8biIAHDdDvAhfDVCwS1XWi8qzRSfLB0421/cHtXQagwVkjkSX
6CCj9egRi/byn/AwWPQdtILwSjW4saCsI5mcN/yi9xS0ITc+YxvwBg/OaKcZZoyG
Ov5P4RmgG+k4NiZGDBOm3Y8WsHIUKPaQeBIk0JiFAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUDwgCpOt0fMsfANBt3Nt8rYuWaE4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY1NWQ5YzU0LTE2NDgtNGIxNy05MTVhLTViODY4ZGY3ZWNhNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBLTzANBgkqhkiG9w0BAQsFAAOCAQEAthRZNmDdrJems8bZZcEpiaOKEAWX
ALsazhaD247UsKl2GApTsgBYSlmFVqB2zvM5iI6djvuWMi7psE7C53ZtgLSqAOSB
qNA7LsWzw6PI2PdaEXlImxZ3prFhpTnDbK8cVR2+rFQDjQUxruDTm0vszvz1m/YM
rzof2WU8tHxF7nKMwPJ+gBJKyM3ShhBwQv51i08IluFqyWq0kCuVzHCWWr6PUuUR
BeSCLcviVzYB8kO2byDyyVNbdPk3ORWUnBt2vz+oOxw4vKszTCWTQXLAXxgpZxL8
7N/xEIIrbsMoxFvF8QZ+WhG3QksKkojrU5FwSx3aNxKI2FSC1v8fXntPzw==
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:42:03 2025 by rpki-client