Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7b743625-8ab8-4d1f-a5ee-b2657bad3209.roa
File:                     7b743625-8ab8-4d1f-a5ee-b2657bad3209.roa (raw, json)
Hash identifier:          mzl5u+79iNsT10VSWIBByfySK8o3+sJLq4uu1ZImV/0=
Subject key identifier:   CE:E5:AB:B6:FD:03:92:14:6F:34:E3:C1:6D:69:B5:A8:62:1E:7F:AD
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0FA1EFF3C484E5B7B0912AE676C21E76D610ABE8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7b743625-8ab8-4d1f-a5ee-b2657bad3209.roa
Signing time:             Mon 26 May 2025 15:00:38 +0000
ROA not before:           Mon 26 May 2025 15:00:38 +0000
ROA not after:            Mon 30 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        128.167.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:a1:ef:f3:c4:84:e5:b7:b0:91:2a:e6:76:c2:1e:76:d6:10:ab:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 26 15:00:38 2025 GMT
            Not After : Jun 30 23:59:59 2025 GMT
        Subject: serialNumber=1e8a87602faff17feb8bd273e34adee8c938faa2aae21ceeb3c6e0484fc918e8, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:3d:73:f6:46:2e:86:b5:97:ec:0c:d6:2d:25:
                    be:86:d0:a3:fc:5d:c5:ba:34:4d:ed:31:74:3c:5a:
                    6a:79:09:b1:c9:c1:e9:82:b3:b0:e4:57:eb:cd:f8:
                    01:52:2d:08:fe:2a:43:d7:d8:30:f7:ff:15:40:74:
                    f0:67:d6:67:9f:6b:53:7e:5c:9f:cb:85:67:95:be:
                    69:6f:ce:94:b4:a4:3e:dc:98:cc:3d:d0:92:79:86:
                    fa:70:0d:0c:22:f7:38:24:09:55:be:a2:9a:64:68:
                    f2:88:66:d4:ff:ea:d7:be:c6:77:b6:bc:e4:95:e0:
                    8d:a5:f7:77:08:76:a7:30:2d:5e:5b:b4:5a:d4:85:
                    ee:19:2f:e1:44:47:f7:8c:3d:f9:ee:b1:7a:b0:4b:
                    2f:5e:55:20:a6:62:09:1a:63:a9:80:d4:b5:ab:25:
                    c0:b2:a0:9c:38:1b:8b:cd:b2:9f:8b:48:82:5f:d9:
                    a3:8a:ad:f7:0f:e2:62:e2:e2:da:46:18:e9:5b:84:
                    5d:3b:d2:71:11:96:d8:c6:4d:95:53:cf:14:6d:0c:
                    5e:b9:f4:dd:2e:b5:fc:8c:40:60:05:b7:17:61:f2:
                    f4:1b:a7:36:af:58:15:7e:74:cd:cc:e4:51:55:b8:
                    24:f7:f0:6f:4a:1c:3a:63:a4:dd:ec:67:6b:9e:3c:
                    c8:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:E5:AB:B6:FD:03:92:14:6F:34:E3:C1:6D:69:B5:A8:62:1E:7F:AD
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7b743625-8ab8-4d1f-a5ee-b2657bad3209.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  128.167.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         bd:35:86:f5:2f:90:79:e5:8c:9a:92:ec:47:b9:0b:dd:d2:5d:
         b2:d8:94:a4:82:e3:a5:c0:e4:a1:27:f9:94:87:d4:4c:85:47:
         4a:4f:d0:3b:01:81:be:4e:e5:74:fc:1d:d5:86:fc:b9:c7:66:
         4d:73:fb:b5:c4:90:e6:5f:f9:48:a8:a3:1a:51:93:10:e1:98:
         19:a6:38:4e:05:37:a7:ba:db:af:30:59:ea:7f:3a:a7:09:94:
         32:b3:c6:84:85:ee:77:3a:89:eb:57:b2:23:9f:9b:3a:12:ba:
         9b:52:07:bc:c7:d2:cd:63:84:30:69:03:71:a4:cf:dc:bf:9f:
         d2:96:da:8b:24:32:84:db:78:d0:17:12:e4:c8:98:7a:2f:76:
         b4:e1:5a:36:09:93:d9:38:9e:ad:81:b0:ef:9a:1c:07:08:e5:
         53:b0:ce:76:66:fb:ca:17:bb:ef:69:85:b4:44:71:db:70:d7:
         ff:d0:30:41:6c:e7:01:91:17:09:a8:0e:00:c0:3a:ab:25:cf:
         95:23:5e:24:80:1b:a5:d5:5b:76:27:c4:53:82:cc:81:a5:b6:
         48:15:18:39:79:15:13:a3:3b:dd:37:97:00:70:1d:04:ac:38:
         9f:8c:f0:ee:6b:d1:1c:d5:a1:35:21:b1:0c:8a:14:6e:c6:f6:
         e8:69:a6:8a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUD6Hv88SE5bewkSrmdsIedtYQq+gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTI2MTUwMDM4WhcNMjUwNjMwMjM1OTU5
WjB6MUkwRwYDVQQFE0AxZThhODc2MDJmYWZmMTdmZWI4YmQyNzNlMzRhZGVlOGM5
MzhmYWEyYWFlMjFjZWViM2M2ZTA0ODRmYzkxOGU4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCxPXP2Ri6GtZfsDNYtJb6G0KP8XcW6NE3tMXQ8Wmp5CbHJ
wemCs7DkV+vN+AFSLQj+KkPX2DD3/xVAdPBn1mefa1N+XJ/LhWeVvmlvzpS0pD7c
mMw90JJ5hvpwDQwi9zgkCVW+oppkaPKIZtT/6te+xne2vOSV4I2l93cIdqcwLV5b
tFrUhe4ZL+FER/eMPfnusXqwSy9eVSCmYgkaY6mA1LWrJcCyoJw4G4vNsp+LSIJf
2aOKrfcP4mLi4tpGGOlbhF070nERltjGTZVTzxRtDF659N0utfyMQGAFtxdh8vQb
pzavWBV+dM3M5FFVuCT38G9KHDpjpN3sZ2uePMglAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUzuWrtv0DkhRvNOPBbWm1qGIef60wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdiNzQzNjI1LThhYjgtNGQxZi1hNWVlLWIyNjU3YmFkMzIwOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCApzANBgkqhkiG9w0BAQsFAAOCAQEAvTWG9S+QeeWMmpLsR7kL3dJdstiU
pILjpcDkoSf5lIfUTIVHSk/QOwGBvk7ldPwd1Yb8ucdmTXP7tcSQ5l/5SKijGlGT
EOGYGaY4TgU3p7rbrzBZ6n86pwmUMrPGhIXudzqJ61eyI5+bOhK6m1IHvMfSzWOE
MGkDcaTP3L+f0pbaiyQyhNt40BcS5MiYei92tOFaNgmT2TierYGw75ocBwjlU7DO
dmb7yhe772mFtERx23DX/9AwQWznAZEXCagOAMA6qyXPlSNeJIAbpdVbdifEU4LM
gaW2SBUYOXkVE6M73TeXAHAdBKw4n4zw7mvRHNWhNSGxDIoUbsb26Gmmig==
-----END CERTIFICATE-----
Generated at Sun Jun 1 05:01:16 2025 by rpki-client