Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2044cf14-ba54-49f0-96be-8316c0a7e7e4.roa
File:                     2044cf14-ba54-49f0-96be-8316c0a7e7e4.roa (raw, json)
Hash identifier:          zV3135C2KFEC2TZ6Ko40H9/LgbR2AaQ5/PW3CRE1HFA=
Subject key identifier:   B4:77:06:A0:71:37:F4:88:67:F2:8E:84:22:E5:D2:B2:73:90:6E:7C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       53365611F5501C5864B98AAE2438C96C131A86
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2044cf14-ba54-49f0-96be-8316c0a7e7e4.roa
Signing time:             Sat 10 May 2025 00:31:08 +0000
ROA not before:           Sat 10 May 2025 00:31:08 +0000
ROA not after:            Sat 14 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.151.188.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 13 May 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:36:56:11:f5:50:1c:58:64:b9:8a:ae:24:38:c9:6c:13:1a:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 10 00:31:08 2025 GMT
            Not After : Jun 14 23:59:59 2025 GMT
        Subject: serialNumber=e6bcfb46cf6ec7b04f4ebf7702da545b5d7709f2e747fc59804bff7fb74d83fa, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:73:88:7f:1e:63:d5:04:cb:fb:64:e4:7f:6f:
                    f7:24:f2:fd:3c:14:3a:4c:9f:e9:fb:40:c6:b2:3c:
                    b8:16:da:44:36:37:62:93:96:38:c1:e8:a5:4e:91:
                    0e:87:a2:c5:1f:29:ee:5b:1f:82:95:41:10:4a:38:
                    cf:77:e8:e0:17:da:ac:c7:8b:b8:5b:df:d7:af:b7:
                    ec:11:eb:9a:0b:fa:13:b9:52:7c:47:b6:34:a2:cf:
                    00:ab:de:2b:26:f6:b2:47:2e:55:7d:41:7e:bb:8b:
                    f9:ce:9d:da:f8:7a:e5:e2:51:20:ec:31:a2:b5:ed:
                    4f:81:44:fb:de:db:6a:78:f0:bc:05:1b:69:23:23:
                    26:f5:9b:65:2e:43:a9:8b:35:b4:cc:48:ac:d6:3b:
                    bb:a3:cf:b7:3a:06:d8:71:57:b8:52:84:25:58:78:
                    bc:f9:57:82:50:bb:da:1b:fa:fe:66:78:f3:aa:0a:
                    f1:aa:c6:c9:0a:56:db:a8:31:81:d9:63:67:bb:62:
                    e4:4f:35:cf:3e:ed:58:32:d4:50:76:e8:7c:23:2b:
                    5b:ab:aa:21:a9:fa:bd:6e:0c:1d:40:8c:0f:5f:0a:
                    9b:b0:d1:eb:53:4e:96:62:3b:e3:55:2b:03:7e:56:
                    f8:2a:56:86:aa:71:7d:5d:91:d0:2d:8f:15:96:68:
                    01:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:77:06:A0:71:37:F4:88:67:F2:8E:84:22:E5:D2:B2:73:90:6E:7C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2044cf14-ba54-49f0-96be-8316c0a7e7e4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.151.188.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8a:e6:78:e5:1b:a1:17:d5:e2:8f:39:8d:a3:12:5d:52:a2:56:
         07:ac:9c:76:5c:d5:e5:d2:ca:24:12:d4:12:a1:92:9d:a0:ec:
         32:7b:b3:23:4f:ac:c2:cc:cf:79:05:82:f0:c5:a3:43:d1:09:
         66:4b:38:d1:db:cc:6a:47:e4:8c:c1:99:80:88:2e:65:4b:14:
         47:be:8b:32:86:80:7a:f4:de:5e:73:69:f7:55:fe:20:b8:2d:
         e2:d4:b9:b1:3e:cc:55:51:c9:e0:d6:ca:43:5c:e5:9d:de:d2:
         bb:78:9f:01:d9:5f:29:37:93:1a:65:b1:ba:36:73:34:6f:6d:
         e8:f2:b4:0c:c7:f0:f5:9b:df:ba:82:0b:74:09:af:42:d5:c5:
         d9:61:82:74:f7:f6:8e:0e:8b:ed:f1:c1:ee:87:48:4d:62:b0:
         8b:86:af:62:7d:99:f5:be:52:2a:7b:24:7d:d2:d7:00:3a:e9:
         6e:e4:4f:08:d7:c6:7a:c6:29:48:44:cc:cd:d5:47:70:99:9d:
         75:45:5f:91:80:b8:ed:56:29:c2:b7:9a:f4:22:e7:5e:f9:37:
         12:9d:58:3c:3a:f7:cd:0d:42:2c:c1:0e:f8:f3:e4:0d:5f:b2:
         02:bc:5f:ea:5c:37:38:a5:5d:99:2e:24:1f:bd:4d:80:d1:54:
         9d:7b:f9:a9
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITUzZWEfVQHFhkuYquJDjJbBMahjANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzI2ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAxOGQ0MmJlMzU4ZWIz
NzEwN2RiZThjYjcxZDBhNzAeFw0yNTA1MTAwMDMxMDhaFw0yNTA2MTQyMzU5NTla
MHoxSTBHBgNVBAUTQGU2YmNmYjQ2Y2Y2ZWM3YjA0ZjRlYmY3NzAyZGE1NDViNWQ3
NzA5ZjJlNzQ3ZmM1OTgwNGJmZjdmYjc0ZDgzZmExLTArBgNVBAMTJGIyNWM5NzBm
LWQ4MTMtNDQ1Yy1iZmUyLTYyNjY4NTE4Yzg3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALNziH8eY9UEy/tk5H9v9yTy/TwUOkyf6ftAxrI8uBbaRDY3
YpOWOMHopU6RDoeixR8p7lsfgpVBEEo4z3fo4BfarMeLuFvf16+37BHrmgv6E7lS
fEe2NKLPAKveKyb2skcuVX1BfruL+c6d2vh65eJRIOwxorXtT4FE+97banjwvAUb
aSMjJvWbZS5DqYs1tMxIrNY7u6PPtzoG2HFXuFKEJVh4vPlXglC72hv6/mZ486oK
8arGyQpW26gxgdljZ7ti5E81zz7tWDLUUHbofCMrW6uqIan6vW4MHUCMD18Km7DR
61NOlmI741UrA35W+CpWhqpxfV2R0C2PFZZoAQkCAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBS0dwagcTf0iGfyjoQi5dKyc5BufDAfBgNVHSMEGDAWgBQQXdeNVXhAq0Nd
vRUhII8p+kk/rjAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzFiYTMwMmI4LThk
YWItNDkxZC1iOWVkLWQ3YzkyZDAzMGQ4Mi82ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAx
OGQ0MmJlMzU4ZWIzNzEwN2RiZThjYjcxZDBhNy5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8yMGFhMzI5Yi1mYzUyLTRjNjEtYmY1My0wOTcy
NWMwNDI5NDIvMjA0NGNmMTQtYmE1NC00OWYwLTk2YmUtODMxNmMwYTdlN2U0LnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMt
MDk3MjVjMDQyOTQyL19xeDNSSjhCalVLLU5ZNnpjUWZiNk10eDBLYy5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAWOXvDANBgkqhkiG9w0BAQsFAAOCAQEAiuZ45RuhF9XijzmNoxJdUqJWB6yc
dlzV5dLKJBLUEqGSnaDsMnuzI0+swszPeQWC8MWjQ9EJZks40dvMakfkjMGZgIgu
ZUsUR76LMoaAevTeXnNp91X+ILgt4tS5sT7MVVHJ4NbKQ1zlnd7Su3ifAdlfKTeT
GmWxujZzNG9t6PK0DMfw9ZvfuoILdAmvQtXF2WGCdPf2jg6L7fHB7odITWKwi4av
Yn2Z9b5SKnskfdLXADrpbuRPCNfGesYpSETMzdVHcJmddUVfkYC47VYpwrea9CLn
Xvk3Ep1YPDr3zQ1CLMEO+PPkDV+yArxf6lw3OKVdmS4kH71NgNFUnXv5qQ==
-----END CERTIFICATE-----
Generated at Mon May 12 10:25:42 2025 by rpki-client