Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6582d7f8-5e59-4931-bbcd-c67b298af3fa.roa
File:                     6582d7f8-5e59-4931-bbcd-c67b298af3fa.roa (raw, json)
Hash identifier:          3/GDi1jsuSdXf7D9lciK7M5QNi+6nE6bRZgf/3KUGIg=
Subject key identifier:   F6:01:06:0B:A6:1E:9C:63:6B:BA:65:83:EC:9B:58:EB:E3:5C:C5:A1
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3E95C350B335C9B8DA257254D905807A7BC7467F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6582d7f8-5e59-4931-bbcd-c67b298af3fa.roa
Signing time:             Tue 20 May 2025 15:00:43 +0000
ROA not before:           Tue 20 May 2025 15:00:43 +0000
ROA not after:            Tue 24 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.197.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:95:c3:50:b3:35:c9:b8:da:25:72:54:d9:05:80:7a:7b:c7:46:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 20 15:00:43 2025 GMT
            Not After : Jun 24 23:59:59 2025 GMT
        Subject: serialNumber=1ac0b8dd98c8900799089cd1679aa91089cc16b20adce7213e76d0e11fb2a278, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:03:03:e5:ee:b7:8a:11:7d:f3:1f:35:cc:ae:
                    6f:c1:9e:d8:ba:ef:08:87:c3:16:79:b8:8a:07:a3:
                    2b:25:35:b7:70:96:b2:27:a4:a6:7d:52:53:aa:13:
                    0d:41:f3:2a:61:54:df:48:f3:3c:40:4e:fa:3d:d4:
                    2c:5b:77:08:9f:85:b7:34:48:19:51:8d:8e:3f:c1:
                    a0:0b:9a:a1:73:7b:25:3f:34:bb:db:27:d6:36:a8:
                    51:90:a9:72:16:0d:4c:5e:bc:e3:b0:e8:fe:a0:43:
                    ea:33:18:0c:07:c3:9e:39:90:85:08:61:b8:b3:bf:
                    c6:d0:2c:3a:31:9a:19:26:71:ca:4f:c1:53:0e:d9:
                    31:66:74:e9:d0:14:63:6a:fc:f2:fd:e6:27:b7:bd:
                    fd:90:36:26:36:38:de:83:dd:e2:c9:34:11:1d:d5:
                    77:9b:f8:c5:c9:24:62:f7:0b:95:fe:53:00:7c:87:
                    5a:ec:70:71:ac:bb:01:fd:47:0e:35:3f:01:4c:a4:
                    b0:85:aa:3e:19:39:d3:10:d7:47:d1:3b:23:52:33:
                    bf:6c:9b:0a:cb:c9:00:37:5d:02:0f:9c:e5:73:21:
                    88:40:14:53:49:30:0d:bf:62:52:a6:14:d6:b4:2b:
                    bd:d1:ca:3c:34:6e:d4:33:dd:e0:30:b0:f9:0c:46:
                    b0:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:01:06:0B:A6:1E:9C:63:6B:BA:65:83:EC:9B:58:EB:E3:5C:C5:A1
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6582d7f8-5e59-4931-bbcd-c67b298af3fa.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.197.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         53:77:49:4e:bb:9b:e9:ed:be:92:a7:d9:86:9b:f6:fe:50:cd:
         2a:12:1e:26:b5:94:4c:b6:4a:11:8f:96:27:a4:ec:d0:36:d3:
         50:7f:69:f4:d7:e0:6b:52:ca:b4:67:c1:ac:95:0b:ce:35:5c:
         20:58:56:c7:48:27:5d:68:77:81:f6:d1:1e:6f:7b:b8:70:31:
         18:7f:33:a1:cf:5d:87:19:fd:6e:23:24:58:45:5b:25:29:27:
         af:79:e6:6d:4f:eb:25:6b:52:03:f9:94:d5:a6:ae:d4:c7:9a:
         9e:b3:e1:51:f1:c5:12:5c:46:99:d5:f9:95:d3:d2:49:cc:bf:
         fd:5e:db:b7:71:c2:36:87:b7:9e:0b:02:63:96:bb:28:9a:d4:
         50:ef:9d:53:73:3d:ff:7c:5d:a6:d3:f6:ed:11:ee:73:66:ca:
         52:09:26:c5:c5:77:0c:23:f6:91:e3:55:32:ee:aa:00:5f:82:
         5a:a8:09:af:bc:02:12:76:04:f3:79:41:38:c3:f4:66:1c:55:
         6c:8d:7c:df:b4:27:21:ef:11:a8:05:a4:56:4c:fd:5d:a4:50:
         c2:6e:b7:52:c9:8f:a3:a5:87:31:bf:3c:c5:98:02:ce:45:6c:
         7d:24:62:fd:15:8b:d7:f1:0c:3b:85:86:51:ea:78:ea:07:78:
         1e:b3:ac:eb
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUPpXDULM1ybjaJXJU2QWAenvHRn8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTIwMTUwMDQzWhcNMjUwNjI0MjM1OTU5
WjB6MUkwRwYDVQQFE0AxYWMwYjhkZDk4Yzg5MDA3OTkwODljZDE2NzlhYTkxMDg5
Y2MxNmIyMGFkY2U3MjEzZTc2ZDBlMTFmYjJhMjc4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCgAwPl7reKEX3zHzXMrm/Bnti67wiHwxZ5uIoHoyslNbdw
lrInpKZ9UlOqEw1B8yphVN9I8zxATvo91Cxbdwifhbc0SBlRjY4/waALmqFzeyU/
NLvbJ9Y2qFGQqXIWDUxevOOw6P6gQ+ozGAwHw545kIUIYbizv8bQLDoxmhkmccpP
wVMO2TFmdOnQFGNq/PL95ie3vf2QNiY2ON6D3eLJNBEd1Xeb+MXJJGL3C5X+UwB8
h1rscHGsuwH9Rw41PwFMpLCFqj4ZOdMQ10fROyNSM79smwrLyQA3XQIPnOVzIYhA
FFNJMA2/YlKmFNa0K73Ryjw0btQz3eAwsPkMRrB9AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU9gEGC6YenGNrumWD7JtY6+NcxaEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY1ODJkN2Y4LTVlNTktNDkzMS1iYmNkLWM2N2IyOThhZjNmYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4xTANBgkqhkiG9w0BAQsFAAOCAQEAU3dJTrub6e2+kqfZhpv2/lDNKhIe
JrWUTLZKEY+WJ6Ts0DbTUH9p9Nfga1LKtGfBrJULzjVcIFhWx0gnXWh3gfbRHm97
uHAxGH8zoc9dhxn9biMkWEVbJSknr3nmbU/rJWtSA/mU1aau1MeanrPhUfHFElxG
mdX5ldPSScy//V7bt3HCNoe3ngsCY5a7KJrUUO+dU3M9/3xdptP27RHuc2bKUgkm
xcV3DCP2keNVMu6qAF+CWqgJr7wCEnYE83lBOMP0ZhxVbI1837QnIe8RqAWkVkz9
XaRQwm63UsmPo6WHMb88xZgCzkVsfSRi/RWL1/EMO4WGUep46gd4HrOs6w==
-----END CERTIFICATE-----
Generated at Sun Jun 1 05:25:21 2025 by rpki-client