Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2d9d7bd3-1ddb-48f0-b445-7c3d44fa09af.roa
File:                     2d9d7bd3-1ddb-48f0-b445-7c3d44fa09af.roa (raw, json)
Hash identifier:          BR+jJMT3edXUekVHLdyyYusfZdp/+zwDwHPK7gaQdxY=
Subject key identifier:   FF:5C:D4:20:F3:E5:1F:11:F3:E9:B8:4F:0E:4D:3C:3F:48:09:7A:E1
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0DE1DE56C5C890F09FB39C63EF0EA07DC5ACEFBA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2d9d7bd3-1ddb-48f0-b445-7c3d44fa09af.roa
Signing time:             Tue 19 Aug 2025 00:21:11 +0000
ROA not before:           Tue 19 Aug 2025 00:21:11 +0000
ROA not after:            Tue 23 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        64.113.192.0/19 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:e1:de:56:c5:c8:90:f0:9f:b3:9c:63:ef:0e:a0:7d:c5:ac:ef:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 19 00:21:11 2025 GMT
            Not After : Sep 23 23:59:59 2025 GMT
        Subject: serialNumber=9848095701f2a3d5a74c048d055a92f2acb43bf7255d85a2c3a1cf7838f79a3d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:ce:51:b7:e7:ae:ee:9e:89:fd:dd:7e:24:22:
                    75:04:cf:45:90:be:0c:cf:f4:1c:db:3c:00:34:2c:
                    d3:a4:99:ac:dc:4d:b9:7f:28:ec:7b:13:f8:5d:bd:
                    34:80:c4:84:a6:cc:c2:6e:40:27:3e:b3:1d:35:ca:
                    52:04:26:ac:91:74:46:ec:9d:13:54:6f:32:fd:60:
                    4c:18:69:b5:23:99:69:c4:61:0f:9f:68:c1:00:02:
                    08:be:ce:a4:4f:10:ee:be:14:db:39:5d:70:e2:01:
                    08:9f:87:23:02:49:6d:af:ea:79:69:bf:33:b8:ca:
                    af:31:d7:e0:09:66:25:d9:c5:ab:8f:3a:98:67:0e:
                    37:c8:d9:7c:60:88:23:e4:79:bf:fd:41:ae:42:a7:
                    03:4f:51:d2:79:13:47:e3:73:2e:57:3f:18:2b:ac:
                    1d:39:68:48:25:df:53:7c:51:87:ba:41:f4:06:fc:
                    48:e7:54:e0:4f:bc:b2:2d:79:ca:f8:bc:47:12:dd:
                    c0:4e:a8:a4:e0:f0:33:1e:4a:8b:e7:d3:92:af:94:
                    f3:12:78:87:51:1c:57:56:36:fe:20:55:42:a7:7a:
                    44:a7:d2:46:53:03:a2:09:09:f8:5c:ce:d6:45:04:
                    9a:b8:d4:95:8f:de:1b:f1:4a:96:c8:1c:b9:4e:f7:
                    07:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:5C:D4:20:F3:E5:1F:11:F3:E9:B8:4F:0E:4D:3C:3F:48:09:7A:E1
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2d9d7bd3-1ddb-48f0-b445-7c3d44fa09af.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.113.192.0/19

    Signature Algorithm: sha256WithRSAEncryption
         4f:f7:3a:ed:f4:34:bf:f8:04:86:93:6a:a3:0d:6b:76:46:08:
         93:25:80:df:6d:ae:da:8c:fe:0a:4f:86:b0:e1:ed:d9:3a:8a:
         97:6d:a7:1e:46:b0:a8:f7:2b:e9:95:f2:7c:c6:35:a2:35:3c:
         41:f8:3c:06:16:6d:c9:e0:b7:3f:43:ec:78:a2:e8:2b:60:83:
         9c:f1:b6:d5:de:dc:7d:17:40:94:76:18:f5:2b:0a:e4:76:9a:
         47:b7:a5:be:7e:3f:95:dc:33:5a:2b:6d:e2:d0:61:63:f6:65:
         f9:14:b9:9f:62:3b:ae:7b:ef:3c:47:e5:80:14:97:8e:33:af:
         bf:f4:88:9a:58:f4:2e:7a:71:9d:19:59:a6:f3:9f:3f:a3:6c:
         5f:66:9c:76:94:41:26:c7:26:17:b0:20:bf:99:7a:35:50:cd:
         c0:05:a0:44:ef:a5:d0:24:5b:f4:4a:56:27:b0:a6:bd:38:bf:
         7d:fd:19:f0:0b:51:80:e3:e4:01:8c:91:cc:2b:f6:7a:f0:ee:
         d5:5f:c6:da:22:c7:3f:d8:8f:c2:1e:cb:ad:3b:45:13:40:6c:
         87:0b:00:bc:ae:d8:bf:3e:2a:65:e1:7d:6d:20:1e:05:f3:d3:
         db:66:95:b0:ae:ff:4d:a2:c4:2a:18:33:d4:5c:7e:5c:6d:74:
         25:60:ca:12
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDeHeVsXIkPCfs5xj7w6gfcWs77owDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODE5MDAyMTExWhcNMjUwOTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A5ODQ4MDk1NzAxZjJhM2Q1YTc0YzA0OGQwNTVhOTJmMmFj
YjQzYmY3MjU1ZDg1YTJjM2ExY2Y3ODM4Zjc5YTNkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0zlG3567unon93X4kInUEz0WQvgzP9BzbPAA0LNOkmazc
Tbl/KOx7E/hdvTSAxISmzMJuQCc+sx01ylIEJqyRdEbsnRNUbzL9YEwYabUjmWnE
YQ+faMEAAgi+zqRPEO6+FNs5XXDiAQifhyMCSW2v6nlpvzO4yq8x1+AJZiXZxauP
OphnDjfI2XxgiCPkeb/9Qa5CpwNPUdJ5E0fjcy5XPxgrrB05aEgl31N8UYe6QfQG
/EjnVOBPvLItecr4vEcS3cBOqKTg8DMeSovn05KvlPMSeIdRHFdWNv4gVUKnekSn
0kZTA6IJCfhcztZFBJq41JWP3hvxSpbIHLlO9wdbAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU/1zUIPPlHxHz6bhPDk08P0gJeuEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJkOWQ3YmQzLTFkZGItNDhmMC1iNDQ1LTdjM2Q0NGZhMDlhZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAVAccAwDQYJKoZIhvcNAQELBQADggEBAE/3Ou30NL/4BIaTaqMNa3ZGCJMl
gN9trtqM/gpPhrDh7dk6ipdtpx5GsKj3K+mV8nzGNaI1PEH4PAYWbcngtz9D7Hii
6Ctgg5zxttXe3H0XQJR2GPUrCuR2mke3pb5+P5XcM1orbeLQYWP2ZfkUuZ9iO657
7zxH5YAUl44zr7/0iJpY9C56cZ0ZWabznz+jbF9mnHaUQSbHJhewIL+ZejVQzcAF
oETvpdAkW/RKViewpr04v339GfALUYDj5AGMkcwr9nrw7tVfxtoixz/Yj8Iey607
RRNAbIcLALyu2L8+KmXhfW0gHgXz09tmlbCu/02ixCoYM9RcflxtdCVgyhI=
-----END CERTIFICATE-----