Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2af70416-397a-4ea4-b7b1-ad7e045c72b6.roa
File:                     2af70416-397a-4ea4-b7b1-ad7e045c72b6.roa (raw, json)
Hash identifier:          H8Ymn4mrpV9Zchf0q3gbLHJ+b6dChG0Sj6FERjWXdTE=
Subject key identifier:   31:C2:AE:B0:D3:83:6D:7D:54:1F:CF:71:61:B5:0F:B6:60:66:81:90
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4216CA2FBEB11D5E53000B7559971B4B6CADEBAA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2af70416-397a-4ea4-b7b1-ad7e045c72b6.roa
Signing time:             Tue 29 Apr 2025 00:11:52 +0000
ROA not before:           Tue 29 Apr 2025 00:11:52 +0000
ROA not after:            Tue 03 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.134.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 12 May 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            42:16:ca:2f:be:b1:1d:5e:53:00:0b:75:59:97:1b:4b:6c:ad:eb:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 29 00:11:52 2025 GMT
            Not After : Jun  3 23:59:59 2025 GMT
        Subject: serialNumber=cdde8b1c07dcd735d5cd101daf2165de9819b618fb840c3fd82d4ccfffc6629f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:53:08:b6:74:3a:27:37:97:b0:19:7d:b0:e3:
                    ad:50:41:f5:ce:60:1e:b1:d3:98:2c:b9:41:cd:44:
                    84:d8:77:f5:01:06:48:02:64:c2:94:ec:8e:a1:6d:
                    76:5e:75:9b:a8:fa:00:46:58:a0:b6:de:04:3b:b2:
                    36:78:fb:1d:a7:f5:4b:e6:18:7a:e7:df:a7:db:69:
                    cd:8f:18:93:fc:1c:4d:16:88:b8:c0:ab:43:43:d9:
                    d9:6e:f2:37:06:fa:f4:46:3a:b8:cd:70:16:fb:6c:
                    2e:7e:71:88:b7:d6:12:c1:e4:01:e8:ff:de:b6:2e:
                    af:c0:e7:70:9b:5b:ce:66:5c:17:8c:63:ed:e9:37:
                    49:1e:a9:ce:81:e1:6d:dc:8b:1d:ec:8c:31:42:59:
                    1b:08:ec:16:81:90:b3:5a:5e:67:41:47:61:d3:de:
                    fa:4e:d2:d7:05:b5:3c:d6:8c:ad:5d:06:81:ce:6d:
                    81:3b:b5:a0:9a:97:5b:f3:38:e8:a5:e0:ec:70:b0:
                    97:4b:16:d8:78:62:50:ba:96:97:11:5d:d5:10:fa:
                    10:7a:4a:34:f8:64:4d:ef:71:91:6f:ba:51:e9:3b:
                    61:a0:e4:ce:a3:02:cb:9d:1f:9a:03:52:90:3c:a2:
                    f7:88:d4:09:e8:70:70:cd:5e:d7:aa:b8:a4:5c:67:
                    f0:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:C2:AE:B0:D3:83:6D:7D:54:1F:CF:71:61:B5:0F:B6:60:66:81:90
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2af70416-397a-4ea4-b7b1-ad7e045c72b6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.134.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         97:b2:5e:cb:4d:e2:4c:5c:84:a2:73:3b:9d:a4:00:b2:ed:d8:
         71:63:24:b4:0b:73:f3:6c:ea:25:34:0c:05:34:98:3d:f5:44:
         e2:6b:40:3e:ca:e0:ca:80:4c:44:7c:96:cf:3b:67:22:e3:a4:
         be:cd:c0:1e:57:85:6e:7a:5d:7d:d0:25:54:3b:09:5a:77:1b:
         29:79:3d:04:61:24:0d:69:ff:ef:21:0d:7d:33:6e:29:fe:e0:
         86:22:dd:6c:03:59:ce:ba:ac:3f:18:b5:51:33:b5:79:d9:21:
         e1:ed:11:04:d8:0f:f5:e8:aa:d9:33:19:b4:97:8c:ee:2a:a5:
         22:b7:b1:80:de:21:2f:2d:dc:83:f2:54:5b:c6:23:f2:04:54:
         72:74:8d:0c:59:15:b8:01:54:34:3d:9f:1a:59:c9:5e:9b:cf:
         9b:19:66:24:cb:1c:62:26:d3:aa:b7:9d:f6:5b:77:df:12:45:
         75:45:19:2c:ab:3d:6d:56:7e:80:1c:99:9f:63:fc:65:d1:a4:
         fe:ae:42:90:09:c3:87:b7:e4:56:f1:8a:ea:b5:ed:97:76:04:
         02:62:40:74:0f:b9:32:f9:9e:40:1d:15:d5:e4:1c:ee:89:5c:
         66:44:c0:81:ad:45:7f:34:85:26:c2:42:4c:c0:9a:6b:7a:2d:
         c8:d7:30:ae
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUQhbKL76xHV5TAAt1WZcbS2yt66owDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDI5MDAxMTUyWhcNMjUwNjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0BjZGRlOGIxYzA3ZGNkNzM1ZDVjZDEwMWRhZjIxNjVkZTk4
MTliNjE4ZmI4NDBjM2ZkODJkNGNjZmZmYzY2MjlmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC9Uwi2dDonN5ewGX2w461QQfXOYB6x05gsuUHNRITYd/UB
BkgCZMKU7I6hbXZedZuo+gBGWKC23gQ7sjZ4+x2n9UvmGHrn36fbac2PGJP8HE0W
iLjAq0ND2dlu8jcG+vRGOrjNcBb7bC5+cYi31hLB5AHo/962Lq/A53CbW85mXBeM
Y+3pN0keqc6B4W3cix3sjDFCWRsI7BaBkLNaXmdBR2HT3vpO0tcFtTzWjK1dBoHO
bYE7taCal1vzOOil4OxwsJdLFth4YlC6lpcRXdUQ+hB6SjT4ZE3vcZFvulHpO2Gg
5M6jAsudH5oDUpA8oveI1AnocHDNXtequKRcZ/DtAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUMcKusNODbX1UH89xYbUPtmBmgZAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJhZjcwNDE2LTM5N2EtNGVhNC1iN2IxLWFkN2UwNDVjNzJiNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA2hjANBgkqhkiG9w0BAQsFAAOCAQEAl7Jey03iTFyEonM7naQAsu3YcWMk
tAtz82zqJTQMBTSYPfVE4mtAPsrgyoBMRHyWzztnIuOkvs3AHleFbnpdfdAlVDsJ
WncbKXk9BGEkDWn/7yENfTNuKf7ghiLdbANZzrqsPxi1UTO1edkh4e0RBNgP9eiq
2TMZtJeM7iqlIrexgN4hLy3cg/JUW8Yj8gRUcnSNDFkVuAFUND2fGlnJXpvPmxlm
JMscYibTqred9lt33xJFdUUZLKs9bVZ+gByZn2P8ZdGk/q5CkAnDh7fkVvGK6rXt
l3YEAmJAdA+5MvmeQB0V1eQc7olcZkTAga1FfzSFJsJCTMCaa3otyNcwrg==
-----END CERTIFICATE-----
Generated at Sat May 10 19:39:30 2025 by rpki-client