Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6694171a-aae2-4bbb-a718-43a3f95c6dc1.roa
File:                     6694171a-aae2-4bbb-a718-43a3f95c6dc1.roa (raw, json)
Hash identifier:          MenFYYym/0icTCwBsa8dYWPhB+23c6WtaFxPwoeQzfU=
Subject key identifier:   56:A7:51:08:40:73:6E:44:9A:FC:09:36:F5:AE:24:B7:00:75:09:3E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2F3E9C90EE165D4F730F7D53F12E75615B4F2AAD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6694171a-aae2-4bbb-a718-43a3f95c6dc1.roa
Signing time:             Mon 19 May 2025 17:21:49 +0000
ROA not before:           Mon 19 May 2025 17:21:49 +0000
ROA not after:            Mon 23 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        204.236.144.0/20 maxlen: 20
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:3e:9c:90:ee:16:5d:4f:73:0f:7d:53:f1:2e:75:61:5b:4f:2a:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 19 17:21:49 2025 GMT
            Not After : Jun 23 23:59:59 2025 GMT
        Subject: serialNumber=ff2f5b8190ee100fe99af62cc9be1f166feae92bfaae439eba19a9ef3d0e8487, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:96:02:88:08:d1:bf:98:d2:c1:83:51:37:fe:
                    8c:3d:82:f2:7e:44:0d:ec:71:ae:77:cf:a5:73:a6:
                    87:f9:1f:89:c6:54:5f:3c:97:1a:e3:86:19:78:bf:
                    a3:f2:30:ae:d0:6c:ba:49:0e:98:bd:a3:ff:cb:95:
                    b2:95:2e:02:5b:77:14:ef:d3:d0:f1:ee:97:d6:7e:
                    92:75:62:c8:d1:07:b2:a0:22:7e:19:1f:b4:c7:d5:
                    61:c0:8f:2b:83:c1:3a:44:f3:dc:c3:17:08:b8:c5:
                    54:4b:f9:99:2b:91:3e:3a:f1:1a:d3:7d:88:68:f9:
                    d1:70:a5:8e:6e:81:d6:20:13:75:58:44:53:27:ce:
                    02:91:73:3f:23:06:78:57:53:b5:3e:24:e4:b8:7b:
                    44:32:cb:39:bf:f8:2c:09:c3:d3:f0:ee:eb:32:c0:
                    85:43:22:d8:d0:03:d2:9c:c6:25:e4:b8:7f:c9:98:
                    db:bf:9b:9f:72:04:eb:10:77:c0:5e:25:ee:54:a2:
                    8b:46:72:c3:45:b0:4b:9e:28:f9:2b:c0:6e:f6:32:
                    8b:f0:10:92:62:d1:c9:bb:25:dd:f0:19:7d:8f:8d:
                    08:68:3a:85:8c:f7:f8:51:e6:c6:77:5f:3a:e3:eb:
                    fe:9b:1a:0e:eb:16:f5:5c:f4:07:5b:ac:e1:1f:8d:
                    e9:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:A7:51:08:40:73:6E:44:9A:FC:09:36:F5:AE:24:B7:00:75:09:3E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6694171a-aae2-4bbb-a718-43a3f95c6dc1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  204.236.144.0/20

    Signature Algorithm: sha256WithRSAEncryption
         3c:c7:a0:f2:2e:00:21:91:d5:fe:46:48:c2:09:36:57:b0:74:
         0a:2e:f5:e9:e5:4e:16:e9:49:e6:9d:df:9d:43:5d:ac:74:cc:
         58:3a:03:59:17:d7:a3:10:7e:77:2c:11:24:5e:be:02:dd:18:
         4c:8e:e8:f9:0c:c4:8a:bc:b4:05:cd:c3:a7:54:cd:79:89:f7:
         d2:92:82:5c:c2:78:21:a2:52:5f:d6:94:c2:d2:12:67:f4:12:
         a1:34:00:d4:1a:d3:4e:3f:58:4c:59:d4:52:4b:59:e6:4b:b8:
         69:71:c5:3a:a2:2c:9f:70:91:65:39:4c:bf:e5:48:65:36:4b:
         99:df:5a:2e:75:8d:ac:eb:fc:05:a4:2c:ca:13:da:bb:9d:b1:
         ed:40:38:43:37:15:75:69:ed:2a:45:94:07:15:1a:c6:b9:67:
         57:5c:fd:e1:3a:03:1f:15:21:42:bc:bf:e5:ed:e5:b7:c8:72:
         d0:cd:90:3b:46:bc:3e:83:04:1e:60:1d:e9:ce:2a:64:89:5e:
         ee:a1:e3:14:ea:e7:1c:46:62:55:32:b4:dd:2a:86:b3:57:0c:
         9b:e7:5c:20:b4:86:45:2f:21:ac:d6:e3:aa:82:a9:dd:7f:89:
         c4:13:43:12:47:b2:1a:ac:e0:51:bf:82:e9:4b:3f:b3:58:57:
         a6:65:4a:ee
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULz6ckO4WXU9zD31T8S51YVtPKq0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTE5MTcyMTQ5WhcNMjUwNjIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BmZjJmNWI4MTkwZWUxMDBmZTk5YWY2MmNjOWJlMWYxNjZm
ZWFlOTJiZmFhZTQzOWViYTE5YTllZjNkMGU4NDg3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCIlgKICNG/mNLBg1E3/ow9gvJ+RA3sca53z6Vzpof5H4nG
VF88lxrjhhl4v6PyMK7QbLpJDpi9o//LlbKVLgJbdxTv09Dx7pfWfpJ1YsjRB7Kg
In4ZH7TH1WHAjyuDwTpE89zDFwi4xVRL+ZkrkT468RrTfYho+dFwpY5ugdYgE3VY
RFMnzgKRcz8jBnhXU7U+JOS4e0Qyyzm/+CwJw9Pw7usywIVDItjQA9KcxiXkuH/J
mNu/m59yBOsQd8BeJe5UootGcsNFsEueKPkrwG72MovwEJJi0cm7Jd3wGX2PjQho
OoWM9/hR5sZ3Xzrj6/6bGg7rFvVc9AdbrOEfjemlAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUVqdRCEBzbkSa/Ak29a4ktwB1CT4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY2OTQxNzFhLWFhZTItNGJiYi1hNzE4LTQzYTNmOTVjNmRjMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBATM7JAwDQYJKoZIhvcNAQELBQADggEBADzHoPIuACGR1f5GSMIJNlewdAou
9enlThbpSead351DXax0zFg6A1kX16MQfncsESRevgLdGEyO6PkMxIq8tAXNw6dU
zXmJ99KSglzCeCGiUl/WlMLSEmf0EqE0ANQa004/WExZ1FJLWeZLuGlxxTqiLJ9w
kWU5TL/lSGU2S5nfWi51jazr/AWkLMoT2rudse1AOEM3FXVp7SpFlAcVGsa5Z1dc
/eE6Ax8VIUK8v+Xt5bfIctDNkDtGvD6DBB5gHenOKmSJXu6h4xTq5xxGYlUytN0q
hrNXDJvnXCC0hkUvIazW46qCqd1/icQTQxJHshqs4FG/gulLP7NYV6ZlSu4=
-----END CERTIFICATE-----
Generated at Sun Jun 1 04:55:24 2025 by rpki-client