Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8c1a18f2-6db7-414e-af5f-943e93d34d77.roa
File:                     8c1a18f2-6db7-414e-af5f-943e93d34d77.roa (raw, json)
Hash identifier:          VA9LQss+HvLmut5iPbSuiMb4xwtx4JExi6isQHqAg+w=
Subject key identifier:   8A:B4:8F:8A:5F:B1:97:C1:27:60:3D:B6:7C:5C:19:23:14:EE:C1:78
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3FB80C2C1DB3F1AB86D1E04F73748032A8A14B1D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8c1a18f2-6db7-414e-af5f-943e93d34d77.roa
Signing time:             Tue 11 Mar 2025 00:00:44 +0000
ROA not before:           Tue 11 Mar 2025 00:00:44 +0000
ROA not after:            Tue 15 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        151.134.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 15 Mar 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:b8:0c:2c:1d:b3:f1:ab:86:d1:e0:4f:73:74:80:32:a8:a1:4b:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 11 00:00:44 2025 GMT
            Not After : Apr 15 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:8d:c1:a3:59:03:fe:9c:f5:fe:c9:b2:1c:c1:
                    b3:d5:4e:fe:2e:25:0d:5d:09:d7:ea:cd:b3:ce:f6:
                    51:30:e2:ff:ae:bd:79:da:18:f8:cc:bc:49:1c:da:
                    d2:46:f3:e5:13:84:ac:a4:a9:ac:71:12:7a:1e:64:
                    b1:7d:3d:20:a4:43:fe:f9:7d:8f:ad:96:cb:8b:bd:
                    00:92:a8:16:7d:f9:df:48:9a:ce:96:60:ce:db:16:
                    f8:b6:76:ce:47:25:6a:c2:da:66:8d:be:44:2a:8c:
                    c8:8c:d3:b2:7e:db:95:21:49:93:b1:51:78:e7:79:
                    9b:81:1c:7e:8d:bf:69:d9:65:c7:15:14:e0:c2:f5:
                    e0:56:43:0d:a8:91:e7:14:81:79:89:3e:bf:de:8f:
                    92:d8:49:c0:cc:09:7e:32:0b:60:22:65:68:96:86:
                    f5:f6:17:0a:94:de:cc:cb:93:a5:77:11:37:4d:38:
                    69:b0:1e:46:00:7e:cc:fd:1f:e9:c7:50:0e:ce:2f:
                    c1:a3:24:74:69:81:21:a2:86:d1:16:a3:1c:7d:57:
                    91:b5:5d:3c:91:1c:20:dc:f8:5d:c9:92:e5:9e:b0:
                    88:63:6a:1a:b5:87:dc:0e:02:7e:4b:7b:a4:58:8f:
                    05:63:68:a2:58:49:5d:1b:00:2e:b4:2d:95:12:b0:
                    19:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:B4:8F:8A:5F:B1:97:C1:27:60:3D:B6:7C:5C:19:23:14:EE:C1:78
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8c1a18f2-6db7-414e-af5f-943e93d34d77.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  151.134.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         2a:4c:bb:5f:32:10:eb:73:df:f7:51:61:7d:98:9b:7b:97:3b:
         56:c4:25:42:5a:06:10:67:1a:d9:c0:ed:08:26:98:de:fa:fa:
         0c:52:df:48:f0:6c:3a:34:81:73:ec:5b:7b:d9:5e:ff:2c:70:
         63:68:92:cf:32:2c:c0:3d:e8:51:8d:a7:e2:ad:f0:72:5e:c9:
         67:8a:a6:38:01:a0:41:64:1d:05:ce:2a:84:94:a2:00:e1:ab:
         6e:c1:c4:c8:45:aa:84:35:c1:32:4d:92:a2:bb:13:13:cb:2f:
         62:d3:6e:42:50:3f:15:7d:14:ac:18:de:a7:ed:42:e6:d9:c9:
         8b:82:78:39:dc:bd:ba:c8:06:5e:f5:0c:60:14:14:19:2d:a5:
         c9:6a:dd:0d:36:2a:0f:3e:d4:06:91:64:c4:8e:56:7a:86:5a:
         60:93:e2:a8:41:dc:1d:cb:46:f3:0d:81:36:55:a0:71:60:50:
         ae:c2:5c:2b:62:a6:54:97:b6:bf:ea:d6:7a:c5:8e:dd:7f:ea:
         d3:ee:72:3c:04:d7:72:55:60:d4:43:d8:e8:29:64:50:71:fa:
         3f:53:72:37:85:36:31:5e:49:46:db:d0:13:30:34:40:6e:41:
         1d:da:b0:93:08:81:f3:e2:82:2b:b6:99:0d:6e:f4:2a:70:3d:
         fb:54:86:b5
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUP7gMLB2z8auG0eBPc3SAMqihSx0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzExMDAwMDQ0WhcNMjUwNDE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A0ZDIyMzhlZTVjZmVmNzU0NGZmNzA5YzhmNGFkYjYyNDQ0
OGM1MWJmOGJjZGJkM2Y0MTNhMzFmMzBjM2U1ZGViMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpjcGjWQP+nPX+ybIcwbPVTv4uJQ1dCdfqzbPO9lEw4v+u
vXnaGPjMvEkc2tJG8+UThKykqaxxEnoeZLF9PSCkQ/75fY+tlsuLvQCSqBZ9+d9I
ms6WYM7bFvi2ds5HJWrC2maNvkQqjMiM07J+25UhSZOxUXjneZuBHH6Nv2nZZccV
FODC9eBWQw2okecUgXmJPr/ej5LYScDMCX4yC2AiZWiWhvX2FwqU3szLk6V3ETdN
OGmwHkYAfsz9H+nHUA7OL8GjJHRpgSGihtEWoxx9V5G1XTyRHCDc+F3JkuWesIhj
ahq1h9wOAn5Le6RYjwVjaKJYSV0bAC60LZUSsBmPAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUirSPil+xl8EnYD22fFwZIxTuwXgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhjMWExOGYyLTZkYjctNDE0ZS1hZjVmLTk0M2U5M2QzNGQ3Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCXhjANBgkqhkiG9w0BAQsFAAOCAQEAKky7XzIQ63Pf91FhfZibe5c7VsQl
QloGEGca2cDtCCaY3vr6DFLfSPBsOjSBc+xbe9le/yxwY2iSzzIswD3oUY2n4q3w
cl7JZ4qmOAGgQWQdBc4qhJSiAOGrbsHEyEWqhDXBMk2SorsTE8svYtNuQlA/FX0U
rBjep+1C5tnJi4J4Ody9usgGXvUMYBQUGS2lyWrdDTYqDz7UBpFkxI5WeoZaYJPi
qEHcHctG8w2BNlWgcWBQrsJcK2KmVJe2v+rWesWO3X/q0+5yPATXclVg1EPY6Clk
UHH6P1NyN4U2MV5JRtvQEzA0QG5BHdqwkwiB8+KCK7aZDW70KnA9+1SGtQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 23:54:39 2025 by rpki-client