Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e7024f23-e277-47d3-8cfa-36397ac62c94.roa
File:                     e7024f23-e277-47d3-8cfa-36397ac62c94.roa (raw, json)
Hash identifier:          VuPyy2LHwNyQVysz/ZozajTvDUo9Lw446ZeWeRLWcaA=
Subject key identifier:   3A:F2:7D:AE:A0:89:D5:BE:F5:8B:55:78:5D:7A:BA:BC:E4:7B:9F:B8
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       483E7F4C9BFB9B0EBB7182C562F3166C4FCE4FF3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e7024f23-e277-47d3-8cfa-36397ac62c94.roa
Signing time:             Wed 07 May 2025 00:31:13 +0000
ROA not before:           Wed 07 May 2025 00:31:13 +0000
ROA not after:            Wed 11 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        50.18.152.0/21 maxlen: 21
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:3e:7f:4c:9b:fb:9b:0e:bb:71:82:c5:62:f3:16:6c:4f:ce:4f:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May  7 00:31:13 2025 GMT
            Not After : Jun 11 23:59:59 2025 GMT
        Subject: serialNumber=0aed325689793a1d56312bcf53f9ec0d3363bac9f2b9353362b93fb5464c6195, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:9d:32:f1:50:bb:5e:19:d6:58:ec:50:2c:2e:
                    ed:59:26:d7:df:df:51:1a:f8:7c:d1:f2:db:1d:17:
                    7c:e3:96:29:03:f6:30:b7:15:13:8c:59:80:a0:b5:
                    e3:2c:f8:7b:8f:b2:03:01:59:e7:2d:60:b6:50:70:
                    42:59:6f:7b:d8:f4:9e:41:f1:3e:1b:02:c6:8e:40:
                    28:28:05:28:a6:3a:7b:18:a1:8c:02:5d:d2:71:d3:
                    cc:f8:ff:48:52:01:22:03:02:52:07:8a:23:d4:c2:
                    c5:b9:f3:42:f1:fb:f1:1d:0b:db:08:e4:86:0b:e2:
                    1b:2f:1f:c8:8c:94:ae:c4:b6:f2:4b:04:02:ec:94:
                    73:2b:ee:26:95:23:0f:82:26:9b:17:7d:a4:6e:4e:
                    7c:ec:4b:65:3b:92:3f:2d:7c:56:27:93:01:34:58:
                    ad:9e:32:fc:2b:f2:c5:a1:5f:34:c5:da:43:c3:cd:
                    27:aa:ad:a1:ba:b1:97:8e:d3:b6:b3:5e:ef:0c:8e:
                    6a:9d:0f:53:49:d3:e6:2c:fc:7d:c8:e8:28:18:8e:
                    4a:ba:6b:0e:41:2d:e8:ce:cc:29:17:1f:98:1a:bd:
                    73:7a:d6:23:68:3a:63:8d:c4:43:2b:27:c5:7f:92:
                    b4:ce:ec:5f:99:33:a6:6e:c4:7f:92:5f:4a:ba:85:
                    4f:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:F2:7D:AE:A0:89:D5:BE:F5:8B:55:78:5D:7A:BA:BC:E4:7B:9F:B8
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e7024f23-e277-47d3-8cfa-36397ac62c94.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  50.18.152.0/21

    Signature Algorithm: sha256WithRSAEncryption
         01:98:a8:52:f2:f3:61:11:e6:f2:68:b0:02:e4:fe:31:ac:9c:
         6a:95:72:8c:ea:ad:b8:72:10:ec:c2:d3:26:7b:a3:e4:c0:22:
         e4:b1:0b:35:57:63:8c:c3:14:c1:99:7a:f8:53:5d:c4:37:90:
         b2:21:a9:07:26:a2:c9:0f:49:e8:c7:39:8b:5c:e7:22:67:a0:
         2b:fd:fa:b7:d9:54:e8:77:59:de:74:2d:8a:05:ec:83:b5:2a:
         b5:6f:8e:25:20:3d:45:dc:03:92:0c:54:06:ef:5c:82:c3:02:
         0c:82:d7:f1:c3:e0:be:eb:ea:3f:6f:e3:c3:76:17:c0:e5:dc:
         8f:cb:72:72:72:56:f6:ac:b3:3e:d7:42:f9:b7:fc:47:7a:da:
         e8:71:ed:74:e4:8d:68:c0:91:e9:28:0c:03:3a:6d:81:ce:d8:
         72:36:48:98:a8:5b:40:af:ea:d6:f5:d9:39:9c:01:ae:d0:9d:
         f1:4d:e9:c5:33:2c:a2:be:c2:e8:ae:83:a3:1d:38:5b:a9:b5:
         9f:4e:46:ee:c0:0f:c4:e6:ca:30:56:1d:ee:4c:ab:ee:72:87:
         f1:42:9e:18:d7:8c:2b:e6:1d:85:24:ca:7b:b3:a6:31:d3:f9:
         ca:b9:21:8c:dd:6b:4a:e1:84:d6:25:12:65:d0:a9:60:4c:79:
         fc:ee:bc:f8
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSD5/TJv7mw67cYLFYvMWbE/OT/MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTA3MDAzMTEzWhcNMjUwNjExMjM1OTU5
WjB6MUkwRwYDVQQFE0AwYWVkMzI1Njg5NzkzYTFkNTYzMTJiY2Y1M2Y5ZWMwZDMz
NjNiYWM5ZjJiOTM1MzM2MmI5M2ZiNTQ2NGM2MTk1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCwnTLxULteGdZY7FAsLu1ZJtff31Ea+HzR8tsdF3zjlikD
9jC3FROMWYCgteMs+HuPsgMBWectYLZQcEJZb3vY9J5B8T4bAsaOQCgoBSimOnsY
oYwCXdJx08z4/0hSASIDAlIHiiPUwsW580Lx+/EdC9sI5IYL4hsvH8iMlK7EtvJL
BALslHMr7iaVIw+CJpsXfaRuTnzsS2U7kj8tfFYnkwE0WK2eMvwr8sWhXzTF2kPD
zSeqraG6sZeO07azXu8MjmqdD1NJ0+Ys/H3I6CgYjkq6aw5BLejOzCkXH5gavXN6
1iNoOmONxEMrJ8V/krTO7F+ZM6ZuxH+SX0q6hU/fAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUOvJ9rqCJ1b71i1V4XXq6vOR7n7gwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U3MDI0ZjIzLWUyNzctNDdkMy04Y2ZhLTM2Mzk3YWM2MmM5NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMyEpgwDQYJKoZIhvcNAQELBQADggEBAAGYqFLy82ER5vJosALk/jGsnGqV
cozqrbhyEOzC0yZ7o+TAIuSxCzVXY4zDFMGZevhTXcQ3kLIhqQcmoskPSejHOYtc
5yJnoCv9+rfZVOh3Wd50LYoF7IO1KrVvjiUgPUXcA5IMVAbvXILDAgyC1/HD4L7r
6j9v48N2F8Dl3I/LcnJyVvassz7XQvm3/Ed62uhx7XTkjWjAkekoDAM6bYHO2HI2
SJioW0Cv6tb12TmcAa7QnfFN6cUzLKK+wuiug6MdOFuptZ9ORu7AD8TmyjBWHe5M
q+5yh/FCnhjXjCvmHYUkynuzpjHT+cq5IYzda0rhhNYlEmXQqWBMefzuvPg=
-----END CERTIFICATE-----