Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/350219c3-2e2e-4c85-9195-aa282577ecee.roa
File:                     350219c3-2e2e-4c85-9195-aa282577ecee.roa (raw, json)
Hash identifier:          MzVyOXpVBdAk90b7Z4Mo2lYx0QBtcbv8xtArcYPfYYw=
Subject key identifier:   CD:57:98:62:85:9E:04:06:4B:23:27:DA:BF:79:17:3F:79:B3:14:93
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5BBDB7CC3E0C350F80F925E1A26B3AD9AB9AFCD0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/350219c3-2e2e-4c85-9195-aa282577ecee.roa
Signing time:             Mon 18 Aug 2025 15:10:20 +0000
ROA not before:           Mon 18 Aug 2025 15:10:20 +0000
ROA not after:            Mon 22 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        150.103.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:bd:b7:cc:3e:0c:35:0f:80:f9:25:e1:a2:6b:3a:d9:ab:9a:fc:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 18 15:10:20 2025 GMT
            Not After : Sep 22 23:59:59 2025 GMT
        Subject: serialNumber=a7cfa22e2240f80a549aa3cfa3a61539b0b724aa525c213d2e40130be1dfd3bd, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:7f:7b:d8:f1:62:11:e3:6b:7e:58:dc:9f:a2:
                    3e:d0:22:d3:12:37:3f:57:c9:2e:fb:81:64:aa:44:
                    e3:f8:20:85:59:a0:4c:32:dc:fd:93:cf:38:d3:43:
                    ae:17:e7:14:04:42:98:ea:b8:61:44:4b:b9:ad:88:
                    da:41:1c:63:54:96:3c:ee:20:6d:bc:d0:72:44:5d:
                    fe:fe:b2:04:18:bf:74:61:f7:19:60:2c:82:69:19:
                    d1:87:93:ec:9b:7f:69:d8:ff:86:c4:41:e0:0d:6d:
                    ba:d0:28:07:93:4f:83:6e:a5:b7:ca:a4:6b:b2:6b:
                    a6:3b:a2:04:e1:94:c8:d9:64:c9:50:f9:ed:94:38:
                    6d:87:0f:5a:e3:b6:1a:66:54:1e:f6:ea:6d:ff:da:
                    b3:c6:04:de:a9:ca:65:13:0e:c2:b1:07:d7:72:15:
                    a7:ce:ab:fa:e1:b3:cd:bb:50:23:e1:a9:d5:02:fa:
                    5e:be:fd:be:c1:8d:ca:1b:e8:ec:9a:65:78:0d:a9:
                    58:c5:43:4e:bb:88:9f:e6:d9:e9:16:2d:3c:a8:0c:
                    88:5d:48:9f:05:03:c7:00:d7:ec:1f:9a:3c:62:97:
                    d5:e1:1b:50:64:22:a6:ec:68:c6:cb:e6:1e:f2:4e:
                    80:2b:05:b1:69:e7:60:d4:25:8c:18:fc:4d:99:4e:
                    25:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:57:98:62:85:9E:04:06:4B:23:27:DA:BF:79:17:3F:79:B3:14:93
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/350219c3-2e2e-4c85-9195-aa282577ecee.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  150.103.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         5d:04:2d:e4:6e:5f:9c:01:59:c7:29:e4:be:53:47:9c:f5:9f:
         ae:13:3e:e0:8b:be:d3:13:c4:94:58:7a:68:46:fc:61:e2:0a:
         75:ef:bf:8e:07:1e:e0:c4:98:83:83:d6:6e:29:55:8a:7d:05:
         94:d8:41:e4:ea:26:c3:40:46:4a:a6:fe:98:93:80:85:1f:72:
         1a:d2:19:2c:87:f0:e9:20:01:d8:10:c6:1f:ba:9a:0a:b8:f1:
         0d:73:87:67:06:ba:61:9d:9a:7c:4c:80:2d:76:6f:b0:19:26:
         1d:a0:27:7c:33:01:b5:af:11:9a:16:20:87:83:ad:b4:b5:38:
         85:d1:61:99:3f:3a:72:b7:21:e2:d6:c3:6e:d6:f8:59:82:6f:
         e3:06:a3:ad:b4:07:e5:ff:b5:67:cc:1c:ad:7d:9b:e0:2f:14:
         fb:b6:03:a4:41:a8:19:56:d2:95:40:1c:28:b9:0c:d1:1a:c2:
         c5:12:44:92:36:04:5c:a3:bd:42:06:0c:5a:4a:59:aa:92:a0:
         fe:21:e5:0a:00:73:69:ce:74:6b:50:bb:9e:4d:60:f0:c4:60:
         d3:c0:6a:3b:aa:b0:f9:99:1c:a0:e9:b2:f7:a8:39:9f:1b:c2:
         0a:d9:b3:31:b5:f9:fa:0d:77:ec:5d:47:69:a1:7a:21:01:b1:
         1c:48:00:10
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUW723zD4MNQ+A+SXhoms62aua/NAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODE4MTUxMDIwWhcNMjUwOTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0BhN2NmYTIyZTIyNDBmODBhNTQ5YWEzY2ZhM2E2MTUzOWIw
YjcyNGFhNTI1YzIxM2QyZTQwMTMwYmUxZGZkM2JkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4f3vY8WIR42t+WNyfoj7QItMSNz9XyS77gWSqROP4IIVZ
oEwy3P2TzzjTQ64X5xQEQpjquGFES7mtiNpBHGNUljzuIG280HJEXf7+sgQYv3Rh
9xlgLIJpGdGHk+ybf2nY/4bEQeANbbrQKAeTT4NupbfKpGuya6Y7ogThlMjZZMlQ
+e2UOG2HD1rjthpmVB726m3/2rPGBN6pymUTDsKxB9dyFafOq/rhs827UCPhqdUC
+l6+/b7Bjcob6OyaZXgNqVjFQ067iJ/m2ekWLTyoDIhdSJ8FA8cA1+wfmjxil9Xh
G1BkIqbsaMbL5h7yToArBbFp52DUJYwY/E2ZTiX1AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUzVeYYoWeBAZLIyfav3kXP3mzFJMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM1MDIxOWMzLTJlMmUtNGM4NS05MTk1LWFhMjgyNTc3ZWNlZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCWZzANBgkqhkiG9w0BAQsFAAOCAQEAXQQt5G5fnAFZxynkvlNHnPWfrhM+
4Iu+0xPElFh6aEb8YeIKde+/jgce4MSYg4PWbilVin0FlNhB5Oomw0BGSqb+mJOA
hR9yGtIZLIfw6SAB2BDGH7qaCrjxDXOHZwa6YZ2afEyALXZvsBkmHaAnfDMBta8R
mhYgh4OttLU4hdFhmT86crch4tbDbtb4WYJv4wajrbQH5f+1Z8wcrX2b4C8U+7YD
pEGoGVbSlUAcKLkM0RrCxRJEkjYEXKO9QgYMWkpZqpKg/iHlCgBzac50a1C7nk1g
8MRg08BqO6qw+ZkcoOmy96g5nxvCCtmzMbX5+g137F1HaaF6IQGxHEgAEA==
-----END CERTIFICATE-----