Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/76e74dd0-5733-4c2f-b500-2d75cab973be.roa
File:                     76e74dd0-5733-4c2f-b500-2d75cab973be.roa (raw, json)
Hash identifier:          gJtgUWW40CQNwit0U2j0bHuzoNhEl64XVdHccA7SNA0=
Subject key identifier:   46:6A:0A:14:FB:21:6B:0D:38:47:26:6E:13:44:AC:74:22:3B:26:AC
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7B5F2865B03C21B37745A119E43B2280FACB43A5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/76e74dd0-5733-4c2f-b500-2d75cab973be.roa
Signing time:             Fri 30 May 2025 00:22:18 +0000
ROA not before:           Fri 30 May 2025 00:22:18 +0000
ROA not after:            Fri 04 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.44.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:5f:28:65:b0:3c:21:b3:77:45:a1:19:e4:3b:22:80:fa:cb:43:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 30 00:22:18 2025 GMT
            Not After : Jul  4 23:59:59 2025 GMT
        Subject: serialNumber=1bed2f65710901b97627dc266ed76753872513d8bb00f542edd4e21fc6452871, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:fc:85:9f:60:a3:4e:b5:54:6a:3a:40:09:3a:
                    8e:7d:de:fb:50:08:ce:97:db:7a:87:b3:ae:76:f0:
                    be:f8:6c:e0:f5:3b:78:11:31:59:51:dc:6d:94:14:
                    0a:59:5d:4c:67:08:cb:85:26:9d:63:b6:a7:48:a1:
                    c4:ec:42:c7:46:4d:fe:13:eb:16:a7:96:df:f1:6f:
                    58:68:23:b0:7d:b8:10:e7:ed:01:9a:69:dc:68:62:
                    10:ea:62:03:f7:b6:2b:3a:94:3f:e9:5a:7a:b2:2b:
                    e4:97:47:45:d0:af:42:d3:63:b5:66:23:75:0d:7c:
                    73:33:fd:9d:2e:d3:24:23:cb:b9:ba:fb:0e:18:90:
                    11:3b:f3:19:d4:af:18:fa:31:2f:88:80:48:d3:17:
                    36:90:ae:08:0b:17:fe:b2:a1:58:e5:c5:27:c2:b9:
                    ee:27:bb:24:b2:ae:17:9a:db:94:93:22:be:a0:da:
                    e8:2d:ff:9d:54:73:80:ee:fd:01:d5:c7:27:87:d0:
                    18:91:cc:4c:6e:9f:e2:85:48:f2:2c:ef:75:b4:15:
                    a7:90:4f:4c:d0:8c:a2:dc:1d:48:4b:be:d8:e4:70:
                    05:32:d6:d5:80:43:9b:f0:7b:10:4a:ec:97:37:fd:
                    98:cc:8e:f6:f9:42:3d:f5:a4:1c:23:17:37:31:e7:
                    36:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:6A:0A:14:FB:21:6B:0D:38:47:26:6E:13:44:AC:74:22:3B:26:AC
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/76e74dd0-5733-4c2f-b500-2d75cab973be.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.44.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         0e:e2:a7:ef:c5:e0:d1:d7:b0:9f:50:b4:b3:e5:d1:48:e6:9e:
         f2:e3:10:bf:57:24:fa:2e:7b:d8:6c:69:38:27:a9:40:83:a4:
         52:c6:f5:8f:63:0b:ba:6e:33:8c:b2:1e:0c:65:d2:22:2b:e9:
         27:36:4e:8f:55:a9:6a:45:b9:fc:7e:d2:8a:4a:c9:35:cc:e6:
         eb:b9:6e:c9:0c:4f:a1:a5:51:cf:8d:fc:34:bb:4c:79:c3:34:
         22:15:7d:2d:c5:90:f2:74:f5:19:42:7f:15:a7:14:20:1f:b6:
         31:d0:69:aa:c4:99:3f:31:2f:cb:5a:de:1b:58:c8:d4:a2:b6:
         5a:41:e6:16:fe:c3:fa:71:f1:30:cf:ea:13:71:4c:d5:a6:61:
         b8:bf:f4:41:e6:b5:76:0c:3d:76:86:6d:6c:4c:94:9a:c8:88:
         93:58:80:43:08:27:45:f0:96:cf:8c:d3:18:3e:10:ff:a0:88:
         3b:7b:81:3d:26:56:22:b9:dc:32:86:95:d9:71:dc:0c:74:0c:
         90:ae:90:66:16:02:d6:07:96:9b:e5:18:e6:05:9d:88:4a:b4:
         2a:70:0d:53:83:fc:3d:9e:e0:32:a5:69:61:92:91:1e:22:b3:
         ba:d8:c0:f3:cc:08:b3:7c:49:f9:f4:5c:eb:8e:74:a0:03:1e:
         19:4b:91:33
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUe18oZbA8IbN3RaEZ5DsigPrLQ6UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTMwMDAyMjE4WhcNMjUwNzA0MjM1OTU5
WjB6MUkwRwYDVQQFE0AxYmVkMmY2NTcxMDkwMWI5NzYyN2RjMjY2ZWQ3Njc1Mzg3
MjUxM2Q4YmIwMGY1NDJlZGQ0ZTIxZmM2NDUyODcxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCs/IWfYKNOtVRqOkAJOo593vtQCM6X23qHs6528L74bOD1
O3gRMVlR3G2UFApZXUxnCMuFJp1jtqdIocTsQsdGTf4T6xanlt/xb1hoI7B9uBDn
7QGaadxoYhDqYgP3tis6lD/pWnqyK+SXR0XQr0LTY7VmI3UNfHMz/Z0u0yQjy7m6
+w4YkBE78xnUrxj6MS+IgEjTFzaQrggLF/6yoVjlxSfCue4nuySyrhea25STIr6g
2ugt/51Uc4Du/QHVxyeH0BiRzExun+KFSPIs73W0FaeQT0zQjKLcHUhLvtjkcAUy
1tWAQ5vwexBK7Jc3/ZjMjvb5Qj31pBwjFzcx5zaVAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQURmoKFPshaw04RyZuE0SsdCI7JqwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc2ZTc0ZGQwLTU3MzMtNGMyZi1iNTAwLTJkNzVjYWI5NzNiZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4LDANBgkqhkiG9w0BAQsFAAOCAQEADuKn78Xg0dewn1C0s+XRSOae8uMQ
v1ck+i572GxpOCepQIOkUsb1j2MLum4zjLIeDGXSIivpJzZOj1WpakW5/H7SikrJ
Nczm67luyQxPoaVRz438NLtMecM0IhV9LcWQ8nT1GUJ/FacUIB+2MdBpqsSZPzEv
y1reG1jI1KK2WkHmFv7D+nHxMM/qE3FM1aZhuL/0Qea1dgw9doZtbEyUmsiIk1iA
QwgnRfCWz4zTGD4Q/6CIO3uBPSZWIrncMoaV2XHcDHQMkK6QZhYC1geWm+UY5gWd
iEq0KnANU4P8PZ7gMqVpYZKRHiKzutjA88wIs3xJ+fRc6450oAMeGUuRMw==
-----END CERTIFICATE-----
Generated at Sun Jun 1 05:19:17 2025 by rpki-client