Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fc59645b-efad-4950-a874-ac47ec42f4b2.roa
File:                     fc59645b-efad-4950-a874-ac47ec42f4b2.roa (raw, json)
Hash identifier:          q/bnqGkHTo46C1sit7Cn/5lucoc6i/9mLFtKLUJJC5o=
Subject key identifier:   3A:64:94:7E:94:73:FA:B7:3F:BD:40:E6:71:5F:F7:1A:55:C5:B0:BE
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0AB10371958AB3ADFE7FFFFC60EDABB6BAA3DAA3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fc59645b-efad-4950-a874-ac47ec42f4b2.roa
Signing time:             Wed 07 May 2025 00:00:24 +0000
ROA not before:           Wed 07 May 2025 00:00:24 +0000
ROA not after:            Wed 11 Jun 2025 23:59:59 +0000
asID:                     701
IP address blocks:        139.56.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 13 May 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:b1:03:71:95:8a:b3:ad:fe:7f:ff:fc:60:ed:ab:b6:ba:a3:da:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May  7 00:00:24 2025 GMT
            Not After : Jun 11 23:59:59 2025 GMT
        Subject: serialNumber=9d22090b237426240fc18b9bb38abdc4fca08bdc50f3d6ad58ffa09672af91f4, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:c0:b4:d9:b5:3f:48:ff:ac:cc:1f:30:a2:d3:
                    e1:5c:18:f4:66:44:ed:ba:7d:ab:b6:ba:10:45:87:
                    ca:44:7a:7f:14:54:eb:36:53:39:af:a8:46:22:1d:
                    c0:65:c0:80:d1:ce:55:25:5e:08:5c:c9:ff:1b:19:
                    23:ed:f7:62:60:c7:b0:f3:2a:5b:26:ab:8f:ca:ac:
                    f6:a7:b3:ff:be:74:21:b1:ed:dc:b7:dc:b8:6b:d0:
                    50:81:01:53:45:78:73:26:31:4d:6c:0a:55:c1:b5:
                    be:c5:7d:8c:13:99:79:ce:a0:a1:10:f6:e5:a6:89:
                    77:a6:15:89:8c:d1:d5:18:84:75:fa:b7:3d:d3:42:
                    68:f2:ff:d2:58:81:15:59:0d:c1:85:8b:95:42:d4:
                    83:d8:dc:18:db:12:2b:6d:24:d3:c9:fe:8e:ef:10:
                    2e:dc:0e:d9:40:ae:75:cc:cc:bd:bf:3c:84:af:d7:
                    b3:3a:48:ba:24:e5:7e:86:d9:52:99:df:da:2a:05:
                    55:58:21:03:6a:12:b3:96:83:94:c9:46:60:2c:32:
                    ea:75:c9:6f:21:dd:01:1e:7e:d5:56:f6:d1:62:9d:
                    c3:20:d0:69:09:0d:cf:f6:9c:3d:e0:84:6b:f7:f7:
                    65:e1:1e:49:86:30:d9:4c:9f:f6:21:39:55:fd:22:
                    c8:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:64:94:7E:94:73:FA:B7:3F:BD:40:E6:71:5F:F7:1A:55:C5:B0:BE
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fc59645b-efad-4950-a874-ac47ec42f4b2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  139.56.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         22:0b:3e:44:80:05:12:8d:63:f1:88:5c:47:ea:51:64:40:3b:
         96:1e:c9:30:9c:09:a7:21:ed:11:9c:98:61:2b:d6:5a:3b:21:
         30:65:fc:ae:ae:9c:2f:ee:95:1d:af:2f:9d:dc:06:33:a7:fe:
         7c:4f:6f:2e:6e:14:b7:55:de:5c:bd:b7:7c:f8:e4:fc:dc:8d:
         50:e2:e9:04:70:ae:c0:26:ae:ba:26:44:b0:dc:0b:c1:b8:b1:
         1e:dd:43:37:a9:6d:23:f2:eb:6c:a7:c0:b5:55:c9:8b:92:22:
         ba:df:47:73:89:9e:b4:39:b6:00:d2:10:d5:66:ce:cd:52:ff:
         70:5f:8a:b4:64:5d:77:3a:4e:29:85:ff:2b:34:b4:29:ae:ad:
         af:be:b0:5a:1e:0d:7a:32:1a:69:1c:a2:7f:cd:cb:8d:9a:1f:
         85:82:99:96:6d:a6:0e:6c:c0:2e:e0:4c:fe:16:cf:a1:b0:66:
         06:88:eb:c2:41:96:d2:45:72:2a:7b:9d:a4:91:a1:94:fd:3e:
         fb:da:6a:72:c0:b6:a2:71:d9:09:9d:a9:a2:41:ce:74:3f:e2:
         69:41:bf:97:be:1a:d4:5a:0a:56:d5:2a:71:eb:fd:1c:81:3b:
         2c:d0:0e:71:25:42:01:9b:52:27:bf:41:7a:a2:69:99:8c:54:
         aa:ec:5a:a6
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUCrEDcZWKs63+f//8YO2rtrqj2qMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTA3MDAwMDI0WhcNMjUwNjExMjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZDIyMDkwYjIzNzQyNjI0MGZjMThiOWJiMzhhYmRjNGZj
YTA4YmRjNTBmM2Q2YWQ1OGZmYTA5NjcyYWY5MWY0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCSwLTZtT9I/6zMHzCi0+FcGPRmRO26fau2uhBFh8pEen8U
VOs2UzmvqEYiHcBlwIDRzlUlXghcyf8bGSPt92Jgx7DzKlsmq4/KrPans/++dCGx
7dy33Lhr0FCBAVNFeHMmMU1sClXBtb7FfYwTmXnOoKEQ9uWmiXemFYmM0dUYhHX6
tz3TQmjy/9JYgRVZDcGFi5VC1IPY3BjbEittJNPJ/o7vEC7cDtlArnXMzL2/PISv
17M6SLok5X6G2VKZ39oqBVVYIQNqErOWg5TJRmAsMup1yW8h3QEeftVW9tFincMg
0GkJDc/2nD3ghGv392XhHkmGMNlMn/YhOVX9IsjZAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUOmSUfpRz+rc/vUDmcV/3GlXFsL4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ZjNTk2NDViLWVmYWQtNDk1MC1hODc0LWFjNDdlYzQyZjRiMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCLODANBgkqhkiG9w0BAQsFAAOCAQEAIgs+RIAFEo1j8YhcR+pRZEA7lh7J
MJwJpyHtEZyYYSvWWjshMGX8rq6cL+6VHa8vndwGM6f+fE9vLm4Ut1XeXL23fPjk
/NyNUOLpBHCuwCauuiZEsNwLwbixHt1DN6ltI/LrbKfAtVXJi5Iiut9Hc4metDm2
ANIQ1WbOzVL/cF+KtGRddzpOKYX/KzS0Ka6tr76wWh4NejIaaRyif83LjZofhYKZ
lm2mDmzALuBM/hbPobBmBojrwkGW0kVyKnudpJGhlP0++9pqcsC2onHZCZ2pokHO
dD/iaUG/l74a1FoKVtUqcev9HIE7LNAOcSVCAZtSJ79BeqJpmYxUquxapg==
-----END CERTIFICATE-----
Generated at Mon May 12 13:07:54 2025 by rpki-client