Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6e4bae46-b367-48d0-8831-12876cafbdbd.roa
File:                     6e4bae46-b367-48d0-8831-12876cafbdbd.roa (raw, json)
Hash identifier:          Gtou5BEZbrip8xYMSpZwn3fwhINPc9XxPgvFnS3Q7Sc=
Subject key identifier:   93:7C:66:65:B2:2E:AA:75:E9:64:8A:96:13:6F:EC:8C:49:16:B5:0C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5A3A0C897997259BD13AF7DB1E1E8B9D0EF45060
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6e4bae46-b367-48d0-8831-12876cafbdbd.roa
Signing time:             Fri 22 Aug 2025 00:21:00 +0000
ROA not before:           Fri 22 Aug 2025 00:21:00 +0000
ROA not after:            Fri 26 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.64.0.0/17 maxlen: 17
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:3a:0c:89:79:97:25:9b:d1:3a:f7:db:1e:1e:8b:9d:0e:f4:50:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 22 00:21:00 2025 GMT
            Not After : Sep 26 23:59:59 2025 GMT
        Subject: serialNumber=455ae9523be16670a1998f80cdd8e8d4a5b63792c698e109e6b48e76a4119b30, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:fb:54:02:d3:f2:e2:49:b3:7a:ee:ae:9d:4e:
                    7a:56:81:ab:97:61:37:b6:44:83:11:f2:fc:08:0e:
                    96:28:b7:dd:ad:c7:e1:a5:2b:54:77:03:72:5f:7f:
                    83:77:36:a9:ac:9a:63:f1:94:66:cc:e6:12:42:56:
                    4d:2e:f3:93:dd:f6:99:0f:ab:df:aa:cf:82:2b:d9:
                    5f:16:8b:16:92:d1:03:02:8a:97:50:61:1e:38:09:
                    3a:e9:92:93:1b:e7:4e:30:22:5f:ae:86:cd:a2:8e:
                    9c:24:c8:26:df:b1:ae:33:72:89:0d:15:6d:b7:ce:
                    b6:22:7b:51:35:df:ce:04:a0:f1:57:15:7c:1e:6e:
                    2d:81:32:bc:85:14:9d:32:b4:df:0b:f3:19:b2:65:
                    4a:c3:e9:a0:12:ac:75:c2:22:aa:a7:07:12:6a:78:
                    26:7d:96:96:aa:a7:7a:9c:ab:bf:81:f7:7c:ad:d4:
                    99:1d:cd:78:7b:63:69:35:0c:7e:60:8d:c7:f6:76:
                    10:2a:65:05:72:6b:4c:be:67:75:ee:b1:df:6f:ec:
                    17:60:87:a9:cb:b0:38:78:6c:83:b2:76:98:c6:92:
                    69:aa:b1:fc:9c:47:3c:7e:43:67:8b:98:ec:c3:11:
                    bf:40:88:4e:37:5c:4e:fb:a3:39:07:9c:83:e2:3f:
                    eb:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:7C:66:65:B2:2E:AA:75:E9:64:8A:96:13:6F:EC:8C:49:16:B5:0C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6e4bae46-b367-48d0-8831-12876cafbdbd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.64.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         09:7d:8b:4a:c8:e5:b4:ff:b3:44:81:eb:b1:f6:19:6a:77:02:
         94:42:99:35:ca:9c:21:7e:fa:61:b0:30:d7:5b:2c:01:77:34:
         b7:7b:37:e0:9b:54:0f:99:dd:e8:94:dd:7a:ac:dc:93:f9:b6:
         14:63:e6:60:36:0e:45:3d:8f:08:00:e7:15:d2:b8:8d:d2:ed:
         86:41:1c:9b:02:c9:6c:4e:ab:18:da:61:a7:81:e6:a2:36:3a:
         bf:00:05:83:4e:66:04:a2:74:64:45:24:2f:a2:e7:54:b5:13:
         0c:e1:69:78:62:ef:6a:34:15:b4:3f:6e:c9:6f:6c:96:90:80:
         5a:a9:e3:e7:78:c0:42:33:85:3f:34:98:03:6b:0d:f8:8e:cf:
         5d:6d:36:dd:c2:7f:27:b1:eb:09:63:1e:e4:d4:46:82:f3:c4:
         47:0b:53:a8:a7:3b:fe:ee:2d:4a:9f:c1:ae:ef:9a:60:4f:98:
         df:3f:b2:82:6f:fe:0c:a6:ab:77:10:97:95:ef:22:07:ff:8c:
         8a:7f:3c:77:67:58:9c:88:57:97:08:fa:3f:29:aa:63:d8:82:
         03:e3:aa:5b:6f:99:e8:d9:d4:ef:c9:97:ed:97:d6:1d:20:53:
         e9:e1:6b:29:cf:96:91:63:d4:57:7c:c3:05:ae:8c:35:57:e8:
         f7:e5:92:68
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUWjoMiXmXJZvROvfbHh6LnQ70UGAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODIyMDAyMTAwWhcNMjUwOTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0A0NTVhZTk1MjNiZTE2NjcwYTE5OThmODBjZGQ4ZThkNGE1
YjYzNzkyYzY5OGUxMDllNmI0OGU3NmE0MTE5YjMwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDD+1QC0/LiSbN67q6dTnpWgauXYTe2RIMR8vwIDpYot92t
x+GlK1R3A3Jff4N3NqmsmmPxlGbM5hJCVk0u85Pd9pkPq9+qz4Ir2V8WixaS0QMC
ipdQYR44CTrpkpMb504wIl+uhs2ijpwkyCbfsa4zcokNFW23zrYie1E1384EoPFX
FXwebi2BMryFFJ0ytN8L8xmyZUrD6aASrHXCIqqnBxJqeCZ9lpaqp3qcq7+B93yt
1JkdzXh7Y2k1DH5gjcf2dhAqZQVya0y+Z3Xusd9v7Bdgh6nLsDh4bIOydpjGkmmq
sfycRzx+Q2eLmOzDEb9AiE43XE77ozkHnIPiP+s5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUk3xmZbIuqnXpZIqWE2/sjEkWtQwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZlNGJhZTQ2LWIzNjctNDhkMC04ODMxLTEyODc2Y2FmYmRiZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAcQQAAwDQYJKoZIhvcNAQELBQADggEBAAl9i0rI5bT/s0SB67H2GWp3ApRC
mTXKnCF++mGwMNdbLAF3NLd7N+CbVA+Z3eiU3Xqs3JP5thRj5mA2DkU9jwgA5xXS
uI3S7YZBHJsCyWxOqxjaYaeB5qI2Or8ABYNOZgSidGRFJC+i51S1EwzhaXhi72o0
FbQ/bslvbJaQgFqp4+d4wEIzhT80mANrDfiOz11tNt3Cfyex6wljHuTURoLzxEcL
U6inO/7uLUqfwa7vmmBPmN8/soJv/gymq3cQl5XvIgf/jIp/PHdnWJyIV5cI+j8p
qmPYggPjqltvmejZ1O/Jl+2X1h0gU+nhaynPlpFj1Fd8wwWujDVX6Pflkmg=
-----END CERTIFICATE-----