Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9ae9d595-e46f-4b50-99d6-0707f0dd0ff0.roa
File:                     9ae9d595-e46f-4b50-99d6-0707f0dd0ff0.roa (raw, json)
Hash identifier:          xZkBm9MZQfmWH3LOuDOUzGLCi+6RCpS+ezoVOxpmorY=
Subject key identifier:   0E:3E:9A:C7:23:01:5A:AE:CB:85:84:08:6F:55:50:8B:DA:EE:49:F5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       29277C4900E72B1EEE101D3EE52C0A3C5608805C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9ae9d595-e46f-4b50-99d6-0707f0dd0ff0.roa
Signing time:             Fri 23 May 2025 00:10:52 +0000
ROA not before:           Fri 23 May 2025 00:10:52 +0000
ROA not after:            Fri 27 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        149.186.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:27:7c:49:00:e7:2b:1e:ee:10:1d:3e:e5:2c:0a:3c:56:08:80:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 23 00:10:52 2025 GMT
            Not After : Jun 27 23:59:59 2025 GMT
        Subject: serialNumber=42f4a99087d9212eb6373205b7e8c2dc31512a4c20626798ce686ea166e7bd26, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:2c:92:97:d7:17:99:44:ca:a8:46:37:29:c3:
                    f2:92:05:4a:80:23:64:62:32:4c:8b:56:0c:4e:f6:
                    4e:90:f8:f4:ac:a3:12:b9:9c:d1:3c:ef:73:21:1d:
                    99:c9:13:f6:91:50:5d:b7:30:91:2b:98:23:17:4c:
                    b6:1a:06:b6:43:dd:67:91:31:ca:10:af:63:67:28:
                    8b:2f:e6:38:6f:e6:77:81:95:77:2c:bc:2a:7e:e9:
                    18:61:5c:d4:94:d9:40:1d:ef:52:89:fd:b4:63:46:
                    8e:17:94:6b:6d:cb:87:9b:80:9c:a5:93:66:c2:14:
                    aa:ad:36:aa:ac:68:09:c6:80:39:ae:af:92:87:e7:
                    33:23:c9:6d:f2:1b:bb:2c:90:27:39:01:b5:ec:bf:
                    21:0c:a4:81:9b:d7:e4:f4:06:09:34:ef:95:e0:7f:
                    57:8e:d5:f6:c7:04:f7:52:64:31:8c:d1:5d:8a:2b:
                    17:43:08:a0:ad:6c:c4:37:b5:6c:38:09:d4:38:31:
                    95:4a:a1:d7:6b:58:bb:56:86:44:4a:dc:25:9f:01:
                    12:38:ab:61:eb:6b:bc:c6:c5:0e:16:94:78:ed:b1:
                    03:69:dd:a4:10:9a:59:36:ba:43:25:eb:2e:01:a4:
                    16:b6:04:1e:87:dd:b4:5b:cd:72:b0:d3:62:34:0b:
                    c6:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:3E:9A:C7:23:01:5A:AE:CB:85:84:08:6F:55:50:8B:DA:EE:49:F5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9ae9d595-e46f-4b50-99d6-0707f0dd0ff0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  149.186.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         ae:5b:78:2b:a3:7c:8f:9c:7c:07:56:c3:72:ed:eb:a8:f8:0c:
         21:ed:cb:8e:c7:90:b5:78:66:cc:c7:6d:8d:9d:6f:0a:e6:78:
         5d:9d:9d:a9:dc:ab:2c:dd:76:78:cf:b0:db:25:fd:65:5c:a9:
         6c:78:97:ca:4d:f6:6b:5a:1c:ba:88:78:10:1a:42:3a:72:7e:
         2c:01:51:1d:9c:bf:04:17:93:37:85:6c:47:d5:ca:d5:25:76:
         6a:6e:3e:db:4b:a9:55:d9:4f:21:ba:8d:58:85:1b:45:36:3e:
         22:af:7b:a0:1e:2f:65:24:cf:78:8e:e1:6f:6c:e4:06:92:4d:
         90:87:37:8b:53:74:cd:10:1f:56:ea:4d:ac:ed:eb:f5:57:7c:
         eb:3d:3b:2c:05:f4:31:e9:7d:0a:ee:51:3f:79:c7:49:78:11:
         f7:bd:d9:2a:10:50:21:2e:ff:14:8b:a7:3f:1f:36:a9:3b:ec:
         60:63:c2:ce:37:b8:f7:1f:40:d8:87:88:03:c2:85:00:b4:0d:
         bf:9e:cc:53:87:44:16:7c:0d:17:0e:e1:a2:63:c7:72:17:80:
         6b:c8:82:b4:8d:9c:2f:a8:18:87:8e:30:1f:bc:c1:39:b4:df:
         3f:34:12:1e:58:02:f9:95:fb:7b:17:77:42:44:dc:04:f6:68:
         32:a3:4a:5d
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUKSd8SQDnKx7uEB0+5SwKPFYIgFwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTIzMDAxMDUyWhcNMjUwNjI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A0MmY0YTk5MDg3ZDkyMTJlYjYzNzMyMDViN2U4YzJkYzMx
NTEyYTRjMjA2MjY3OThjZTY4NmVhMTY2ZTdiZDI2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpLJKX1xeZRMqoRjcpw/KSBUqAI2RiMkyLVgxO9k6Q+PSs
oxK5nNE873MhHZnJE/aRUF23MJErmCMXTLYaBrZD3WeRMcoQr2NnKIsv5jhv5neB
lXcsvCp+6RhhXNSU2UAd71KJ/bRjRo4XlGtty4ebgJylk2bCFKqtNqqsaAnGgDmu
r5KH5zMjyW3yG7sskCc5AbXsvyEMpIGb1+T0Bgk075Xgf1eO1fbHBPdSZDGM0V2K
KxdDCKCtbMQ3tWw4CdQ4MZVKoddrWLtWhkRK3CWfARI4q2Hra7zGxQ4WlHjtsQNp
3aQQmlk2ukMl6y4BpBa2BB6H3bRbzXKw02I0C8afAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUDj6axyMBWq7LhYQIb1VQi9ruSfUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzlhZTlkNTk1LWU0NmYtNGI1MC05OWQ2LTA3MDdmMGRkMGZmMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCVujANBgkqhkiG9w0BAQsFAAOCAQEArlt4K6N8j5x8B1bDcu3rqPgMIe3L
jseQtXhmzMdtjZ1vCuZ4XZ2dqdyrLN12eM+w2yX9ZVypbHiXyk32a1ocuoh4EBpC
OnJ+LAFRHZy/BBeTN4VsR9XK1SV2am4+20upVdlPIbqNWIUbRTY+Iq97oB4vZSTP
eI7hb2zkBpJNkIc3i1N0zRAfVupNrO3r9Vd86z07LAX0Mel9Cu5RP3nHSXgR973Z
KhBQIS7/FIunPx82qTvsYGPCzje49x9A2IeIA8KFALQNv57MU4dEFnwNFw7homPH
cheAa8iCtI2cL6gYh44wH7zBObTfPzQSHlgC+ZX7exd3QkTcBPZoMqNKXQ==
-----END CERTIFICATE-----
Generated at Sun Jun 1 04:38:27 2025 by rpki-client