Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6f9e4c99-1745-41a5-a36b-cdd7f466d60a.roa
File:                     6f9e4c99-1745-41a5-a36b-cdd7f466d60a.roa (raw, json)
Hash identifier:          BqX05pOiB9fHMOGXEJBvXEnPmTs3/8N81arEBQaTz24=
Subject key identifier:   DC:9B:8C:95:BD:68:F8:A7:E6:7C:A3:6B:74:13:DC:16:24:12:AF:5E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       184766B138BDE1908C4D9DBD535CE8B963500A9D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6f9e4c99-1745-41a5-a36b-cdd7f466d60a.roa
Signing time:             Mon 10 Feb 2025 00:00:00 +0000
ROA not before:           Mon 10 Feb 2025 00:00:00 +0000
ROA not after:            Mon 17 Mar 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        136.8.0.0/15 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:47:66:b1:38:bd:e1:90:8c:4d:9d:bd:53:5c:e8:b9:63:50:0a:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 10 00:00:00 2025 GMT
            Not After : Mar 17 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:83:00:a3:34:6c:ef:9c:e5:49:50:b1:db:a2:
                    eb:73:a5:cd:d7:29:0f:05:f5:d4:3e:36:95:cd:19:
                    4c:ea:3f:1c:79:12:3c:f1:0b:56:3c:e4:72:4e:11:
                    d0:ff:fd:4e:9c:38:37:a3:11:23:27:b2:5c:89:25:
                    bc:17:11:b9:52:99:99:1f:75:e4:5a:b9:b2:9a:e7:
                    0a:27:89:df:90:30:93:8d:73:2f:43:fa:d2:bc:8b:
                    57:f8:5f:9a:b2:ec:fc:84:83:44:a4:c2:ae:9b:f0:
                    62:3f:fa:40:28:eb:91:0d:a3:c7:52:e5:e5:8b:52:
                    09:02:59:fb:1a:10:c4:04:f8:5f:84:3a:89:49:08:
                    cc:50:e2:39:32:04:28:b9:e0:ad:4a:23:ed:0d:a5:
                    69:b3:29:e9:38:f3:cf:3e:e5:fb:00:f2:b1:0f:f4:
                    87:00:ce:8a:85:bc:ec:2b:92:09:90:af:d3:69:20:
                    1d:06:86:1c:0d:6d:e5:8d:c9:9e:da:fb:09:c0:c6:
                    4f:fe:d0:1b:1d:25:f6:0d:fd:6d:a5:85:37:82:be:
                    27:37:b9:89:06:99:b1:a0:b2:85:06:02:cb:e1:45:
                    c9:29:81:f4:5c:92:d3:15:88:66:eb:c7:0f:2e:f8:
                    98:d6:1b:07:af:5c:03:db:90:e7:75:a0:f9:29:34:
                    88:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:9B:8C:95:BD:68:F8:A7:E6:7C:A3:6B:74:13:DC:16:24:12:AF:5E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6f9e4c99-1745-41a5-a36b-cdd7f466d60a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  136.8.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         d0:9d:92:f0:7f:d2:29:44:51:0f:4b:1d:5e:de:6f:92:8d:d9:
         ef:8f:2a:cc:f1:3f:48:2d:73:63:2b:9f:fb:31:cf:c3:a7:eb:
         04:63:40:2d:bb:46:99:5a:38:e4:bb:1f:ac:8f:60:17:8a:d5:
         3a:de:78:4a:31:64:f1:f0:61:be:06:ff:ed:8a:7a:0a:9b:de:
         f7:e8:8a:86:94:1a:2e:66:ae:03:00:7e:60:74:1d:b5:06:c2:
         9b:b9:dc:9e:13:96:9a:3e:bb:73:df:6f:33:19:10:8a:24:d3:
         1d:6a:82:a9:bf:aa:08:92:35:ad:21:be:da:39:46:8e:3f:15:
         1f:c8:6f:84:fb:e8:19:b7:66:8d:28:dd:9c:23:be:cd:56:80:
         04:77:c4:a4:c7:1c:e1:f1:5a:bd:0a:dd:46:e9:eb:70:e0:0a:
         5a:eb:78:d0:a4:7e:9a:2f:3d:c3:05:ce:87:29:77:9a:c1:4c:
         62:32:ab:12:98:09:d8:08:de:4b:ea:63:84:ee:4d:90:f4:78:
         73:8a:80:b4:aa:97:c8:67:66:95:b9:41:25:ae:21:22:20:a0:
         c3:7c:ed:22:b0:15:34:10:fa:be:01:73:7a:34:97:4d:21:ea:
         a5:04:4f:7c:4c:52:09:72:15:b8:4b:7d:08:37:ec:86:2a:ff:
         38:ff:90:13
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUGEdmsTi94ZCMTZ29U1zouWNQCp0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMjEwMDAwMDAwWhcNMjUwMzE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AyODA1YWVlNzI2YTE1YjNhZTQ4NWJkNmM4ZTIyMjJkMGUz
OTUwMjUzMTBkNDA4NTlkZDhkYTk4ZTUyNzQ3Njc3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3gwCjNGzvnOVJULHboutzpc3XKQ8F9dQ+NpXNGUzqPxx5
EjzxC1Y85HJOEdD//U6cODejESMnslyJJbwXEblSmZkfdeRaubKa5wonid+QMJON
cy9D+tK8i1f4X5qy7PyEg0Skwq6b8GI/+kAo65ENo8dS5eWLUgkCWfsaEMQE+F+E
OolJCMxQ4jkyBCi54K1KI+0NpWmzKek4888+5fsA8rEP9IcAzoqFvOwrkgmQr9Np
IB0GhhwNbeWNyZ7a+wnAxk/+0BsdJfYN/W2lhTeCvic3uYkGmbGgsoUGAsvhRckp
gfRcktMViGbrxw8u+JjWGwevXAPbkOd1oPkpNIgFAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU3JuMlb1o+KfmfKNrdBPcFiQSr14wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZmOWU0Yzk5LTE3NDUtNDFhNS1hMzZiLWNkZDdmNDY2ZDYwYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwGICDANBgkqhkiG9w0BAQsFAAOCAQEA0J2S8H/SKURRD0sdXt5vko3Z748q
zPE/SC1zYyuf+zHPw6frBGNALbtGmVo45LsfrI9gF4rVOt54SjFk8fBhvgb/7Yp6
Cpve9+iKhpQaLmauAwB+YHQdtQbCm7ncnhOWmj67c99vMxkQiiTTHWqCqb+qCJI1
rSG+2jlGjj8VH8hvhPvoGbdmjSjdnCO+zVaABHfEpMcc4fFavQrdRunrcOAKWut4
0KR+mi89wwXOhyl3msFMYjKrEpgJ2AjeS+pjhO5NkPR4c4qAtKqXyGdmlblBJa4h
IiCgw3ztIrAVNBD6vgFzejSXTSHqpQRPfExSCXIVuEt9CDfshir/OP+QEw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:20:28 2025 by rpki-client