Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/25b41a4c-7a8b-41e6-8d0c-2dc7cee8afd0.roa
File:                     25b41a4c-7a8b-41e6-8d0c-2dc7cee8afd0.roa (raw, json)
Hash identifier:          IhsfVyCPJ04mqnomaCUzFZqhPROcpHPZZxYOj+7W5k0=
Subject key identifier:   71:C5:E2:98:20:48:96:FD:8C:B0:72:76:77:11:FC:85:04:C7:2B:6E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       34D951A405F565DDA4BF57FF0B946B3614340FA4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/25b41a4c-7a8b-41e6-8d0c-2dc7cee8afd0.roa
Signing time:             Mon 16 Jun 2025 15:51:10 +0000
ROA not before:           Mon 16 Jun 2025 15:51:10 +0000
ROA not after:            Mon 21 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        78.12.0.0/15 maxlen: 15
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 30 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            34:d9:51:a4:05:f5:65:dd:a4:bf:57:ff:0b:94:6b:36:14:34:0f:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 16 15:51:10 2025 GMT
            Not After : Jul 21 23:59:59 2025 GMT
        Subject: serialNumber=4e0d822e32c0e2b9ec874db3ff98cbdc6ecf529aa87dfabd4bf2decb690be7ea, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:39:5f:ef:ed:3a:9c:09:63:c7:97:38:e4:8b:
                    80:ab:02:c1:ee:88:8f:98:c2:1c:f4:b6:24:b3:70:
                    0f:39:fb:6e:84:e9:e9:f0:15:8e:51:8b:c9:83:36:
                    1e:75:49:af:de:66:1a:b2:70:33:c8:f0:fe:e2:7d:
                    ed:0b:37:47:c1:4d:c9:7c:a8:a6:52:93:6d:00:23:
                    7e:23:fd:27:22:80:a5:d7:7c:24:b4:84:11:46:d3:
                    f3:6c:92:23:e0:a1:3a:0e:d3:60:b6:eb:8f:94:d6:
                    f8:b5:92:4e:21:23:e0:4e:bd:27:9f:2f:e3:9d:28:
                    34:e7:8a:ad:95:d9:99:16:a7:0b:90:d3:57:99:24:
                    ba:d3:7c:61:37:92:52:4f:91:92:25:4b:03:50:5c:
                    b8:11:4a:db:fd:c4:ad:12:bc:59:65:f6:78:44:1c:
                    cd:dd:a3:c2:20:4c:48:78:ca:b0:f8:d6:ef:4b:9a:
                    82:1a:31:c2:d6:af:26:10:69:07:f3:1e:f1:c2:18:
                    31:e7:48:6a:e6:ef:fd:ce:55:6c:64:ae:fa:08:d5:
                    f4:d0:7c:76:2a:2d:28:36:2d:35:76:7b:21:19:66:
                    78:1d:fb:2b:e8:9a:34:1f:c5:48:52:1c:bc:fb:a5:
                    17:16:7b:39:d1:2e:36:fd:96:e1:14:cd:ee:dd:b0:
                    ff:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:C5:E2:98:20:48:96:FD:8C:B0:72:76:77:11:FC:85:04:C7:2B:6E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/25b41a4c-7a8b-41e6-8d0c-2dc7cee8afd0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.12.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         cc:68:7a:45:33:1c:38:c7:59:cf:e9:f1:17:f9:eb:93:3e:32:
         32:7a:65:83:aa:30:de:ea:13:e1:0f:5f:cf:b1:84:38:f6:a8:
         ba:3e:af:71:3e:da:17:70:48:0b:9b:ae:04:07:d1:2a:59:52:
         b9:77:ea:f9:af:9e:17:7b:fa:cb:fd:92:cf:77:ad:1f:27:a2:
         5b:68:f4:55:85:c6:e6:7e:92:eb:5b:e9:db:62:4d:c3:e6:d0:
         eb:4e:ce:13:61:af:1d:ff:9b:99:3f:36:bc:17:75:4b:07:6c:
         bf:11:c2:a7:94:3e:00:4b:d2:ce:72:6d:eb:40:69:eb:2f:0a:
         46:bd:8b:3b:b3:e5:ed:3e:ec:4f:15:6e:b1:d3:c1:d6:2f:47:
         97:51:fe:33:63:7c:28:8f:b2:bf:16:e1:13:12:27:e2:27:67:
         ed:4e:59:60:14:c0:f1:87:a0:27:e2:49:a8:3c:c1:08:35:31:
         0a:9e:a8:cb:9f:19:89:dd:ce:3a:d8:d8:d9:93:75:23:f0:e8:
         7c:19:39:13:31:21:bb:3b:25:0e:90:a1:ba:82:51:fc:10:c0:
         d3:e7:ec:25:7c:92:7f:f8:ca:bd:de:71:c9:2e:a1:10:d3:85:
         f2:7b:e1:e2:22:9c:49:1a:c1:b3:3c:10:a1:ec:b0:ba:17:13:
         24:7b:b3:af
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUNNlRpAX1Zd2kv1f/C5RrNhQ0D6QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjE2MTU1MTEwWhcNMjUwNzIxMjM1OTU5
WjB6MUkwRwYDVQQFE0A0ZTBkODIyZTMyYzBlMmI5ZWM4NzRkYjNmZjk4Y2JkYzZl
Y2Y1MjlhYTg3ZGZhYmQ0YmYyZGVjYjY5MGJlN2VhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1OV/v7TqcCWPHlzjki4CrAsHuiI+Ywhz0tiSzcA85+26E
6enwFY5Ri8mDNh51Sa/eZhqycDPI8P7ife0LN0fBTcl8qKZSk20AI34j/ScigKXX
fCS0hBFG0/NskiPgoToO02C264+U1vi1kk4hI+BOvSefL+OdKDTniq2V2ZkWpwuQ
01eZJLrTfGE3klJPkZIlSwNQXLgRStv9xK0SvFll9nhEHM3do8IgTEh4yrD41u9L
moIaMcLWryYQaQfzHvHCGDHnSGrm7/3OVWxkrvoI1fTQfHYqLSg2LTV2eyEZZngd
+yvomjQfxUhSHLz7pRcWeznRLjb9luEUze7dsP+bAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUccXimCBIlv2MsHJ2dxH8hQTHK24wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI1YjQxYTRjLTdhOGItNDFlNi04ZDBjLTJkYzdjZWU4YWZkMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwFODDANBgkqhkiG9w0BAQsFAAOCAQEAzGh6RTMcOMdZz+nxF/nrkz4yMnpl
g6ow3uoT4Q9fz7GEOPaouj6vcT7aF3BIC5uuBAfRKllSuXfq+a+eF3v6y/2Sz3et
HyeiW2j0VYXG5n6S61vp22JNw+bQ607OE2GvHf+bmT82vBd1SwdsvxHCp5Q+AEvS
znJt60Bp6y8KRr2LO7Pl7T7sTxVusdPB1i9Hl1H+M2N8KI+yvxbhExIn4idn7U5Z
YBTA8YegJ+JJqDzBCDUxCp6oy58Zid3OOtjY2ZN1I/DofBk5EzEhuzslDpChuoJR
/BDA0+fsJXySf/jKvd5xyS6hENOF8nvh4iKcSRrBszwQoeywuhcTJHuzrw==
-----END CERTIFICATE-----