Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/db1f2730-0f56-434b-aea7-5265e3cade65.roa
File:                     db1f2730-0f56-434b-aea7-5265e3cade65.roa (raw, json)
Hash identifier:          JNe4+Qx7jYSRhTzbxnQ8mRCqMPrkHQ4tPT6QoPY4/Is=
Subject key identifier:   ED:32:4E:38:1E:5E:71:85:93:CE:13:29:B3:3B:1B:C7:7E:30:C8:35
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3F2305C508E7C52468DE2F2F09A0046C57C9FA04
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/db1f2730-0f56-434b-aea7-5265e3cade65.roa
Signing time:             Tue 27 May 2025 00:10:58 +0000
ROA not before:           Tue 27 May 2025 00:10:58 +0000
ROA not after:            Tue 01 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.144.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:23:05:c5:08:e7:c5:24:68:de:2f:2f:09:a0:04:6c:57:c9:fa:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 27 00:10:58 2025 GMT
            Not After : Jul  1 23:59:59 2025 GMT
        Subject: serialNumber=7278bd442fd738b6a524c61576e7d0ff23dd0e2be7b76760644594529f81d464, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:93:3b:52:af:0d:b9:49:68:b3:95:7c:81:08:
                    ac:01:bf:11:71:57:29:e6:06:00:44:77:56:b1:97:
                    b0:7b:23:82:3e:ef:e1:26:9f:bf:1f:2d:e5:57:f4:
                    eb:7c:f0:47:13:3d:bb:69:2f:b4:54:c4:20:e8:fb:
                    ff:e4:23:81:60:b2:a1:5f:cb:54:73:86:4b:a1:09:
                    ed:99:2f:d0:60:3c:88:db:87:ae:f8:1d:6a:e8:60:
                    b8:45:c8:1f:0e:70:87:b1:15:32:c7:36:53:cf:07:
                    6c:62:b8:5e:a7:2a:8d:a7:ec:8d:73:c0:13:b2:79:
                    bb:65:81:55:31:f8:e9:35:71:30:02:35:22:4d:37:
                    fb:5f:fd:2c:04:87:a0:a4:51:5a:4e:6b:7a:77:b2:
                    ff:e6:e0:04:5a:4e:d4:89:71:4a:5f:06:ec:65:ae:
                    4d:e5:01:eb:95:05:9d:f7:cf:52:eb:69:50:14:ce:
                    6e:76:fc:ba:10:a8:2b:22:ac:73:a3:a6:35:2e:60:
                    14:d3:9c:2c:65:34:fc:e0:13:4e:6a:d7:e3:0a:55:
                    2c:3b:18:27:b5:30:1a:08:c3:59:16:de:db:3d:34:
                    dd:92:c2:51:b6:81:3d:7f:da:a9:43:a8:7e:b4:eb:
                    73:89:20:22:ff:9f:29:59:00:8b:54:fc:bc:28:d6:
                    f8:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:32:4E:38:1E:5E:71:85:93:CE:13:29:B3:3B:1B:C7:7E:30:C8:35
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/db1f2730-0f56-434b-aea7-5265e3cade65.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.144.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         7f:1e:c8:d0:86:44:4a:77:5d:aa:f4:ac:8c:28:f0:cb:13:5d:
         51:c1:81:eb:b7:30:f2:6b:3e:23:c7:6b:44:f4:2f:7b:8b:03:
         b9:91:77:3c:26:b3:0d:1c:f1:d2:04:0f:57:4b:96:00:b5:fc:
         b1:64:cf:7d:c7:bc:08:1b:1c:da:21:e0:25:a9:8a:de:d5:24:
         c3:bd:e8:cb:75:51:da:31:ac:a5:fb:7e:95:6d:3e:50:a6:a5:
         55:ed:92:a9:99:38:71:5a:e6:56:fc:1b:bc:22:04:9f:03:53:
         81:33:bc:e5:91:de:f9:f4:5c:de:85:13:c0:92:b5:a6:be:32:
         c3:90:9e:da:d6:7e:ca:84:08:1e:15:bd:41:a6:39:b0:23:df:
         c5:13:0f:78:0d:e1:74:63:f5:18:09:65:a6:5a:c9:58:99:9f:
         26:b1:02:4f:b6:9f:f4:6e:68:88:5c:e2:1b:6e:87:90:0e:d0:
         2a:8f:6e:10:b7:db:a6:3a:0a:29:95:d8:d0:ba:20:60:e9:a5:
         fa:e9:2a:30:0b:16:c2:16:49:7f:2e:72:9d:a2:2e:fa:97:25:
         f4:17:13:a4:a6:77:f2:d9:bf:5f:c6:a5:fc:c3:a4:bc:6a:b8:
         91:e4:ff:11:78:15:78:e2:77:76:f2:9f:9c:8b:c6:87:01:e1:
         54:6b:be:36
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUPyMFxQjnxSRo3i8vCaAEbFfJ+gQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTI3MDAxMDU4WhcNMjUwNzAxMjM1OTU5
WjB6MUkwRwYDVQQFE0A3Mjc4YmQ0NDJmZDczOGI2YTUyNGM2MTU3NmU3ZDBmZjIz
ZGQwZTJiZTdiNzY3NjA2NDQ1OTQ1MjlmODFkNDY0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCdkztSrw25SWizlXyBCKwBvxFxVynmBgBEd1axl7B7I4I+
7+Emn78fLeVX9Ot88EcTPbtpL7RUxCDo+//kI4FgsqFfy1RzhkuhCe2ZL9BgPIjb
h674HWroYLhFyB8OcIexFTLHNlPPB2xiuF6nKo2n7I1zwBOyebtlgVUx+Ok1cTAC
NSJNN/tf/SwEh6CkUVpOa3p3sv/m4ARaTtSJcUpfBuxlrk3lAeuVBZ33z1LraVAU
zm52/LoQqCsirHOjpjUuYBTTnCxlNPzgE05q1+MKVSw7GCe1MBoIw1kW3ts9NN2S
wlG2gT1/2qlDqH6063OJICL/nylZAItU/Lwo1vh5AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU7TJOOB5ecYWTzhMpszsbx34wyDUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2RiMWYyNzMwLTBmNTYtNDM0Yi1hZWE3LTUyNjVlM2NhZGU2NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQkDANBgkqhkiG9w0BAQsFAAOCAQEAfx7I0IZESnddqvSsjCjwyxNdUcGB
67cw8ms+I8drRPQve4sDuZF3PCazDRzx0gQPV0uWALX8sWTPfce8CBsc2iHgJamK
3tUkw73oy3VR2jGspft+lW0+UKalVe2SqZk4cVrmVvwbvCIEnwNTgTO85ZHe+fRc
3oUTwJK1pr4yw5Ce2tZ+yoQIHhW9QaY5sCPfxRMPeA3hdGP1GAllplrJWJmfJrEC
T7af9G5oiFziG26HkA7QKo9uELfbpjoKKZXY0LogYOml+ukqMAsWwhZJfy5ynaIu
+pcl9BcTpKZ38tm/X8al/MOkvGq4keT/EXgVeOJ3dvKfnIvGhwHhVGu+Ng==
-----END CERTIFICATE-----
Generated at Sun Jun 1 04:58:14 2025 by rpki-client