Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/78fa3972-5318-47b7-a9d6-d6ceecbc554e.roa
File:                     78fa3972-5318-47b7-a9d6-d6ceecbc554e.roa (raw, json)
Hash identifier:          ykpvk1GV6n8F2928S5D+p8VyvyBclls/lFL9Rolm4eI=
Subject key identifier:   D1:39:35:D7:99:23:D4:34:3A:6C:D1:AC:FD:DF:5A:2A:48:51:9B:84
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7C4B20DA08690BB9544A674180DEADB530349D4C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/78fa3972-5318-47b7-a9d6-d6ceecbc554e.roa
Signing time:             Tue 29 Apr 2025 00:10:28 +0000
ROA not before:           Tue 29 Apr 2025 00:10:28 +0000
ROA not after:            Tue 03 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        35.55.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 06 May 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:4b:20:da:08:69:0b:b9:54:4a:67:41:80:de:ad:b5:30:34:9d:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 29 00:10:28 2025 GMT
            Not After : Jun  3 23:59:59 2025 GMT
        Subject: serialNumber=d81b002888a7a368a4af03073fc72c6a4c395449c6de2e581a5c0357f4981a5a, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:39:ff:e5:6c:eb:b8:8d:b5:1b:05:51:b6:c8:
                    b6:c7:c8:94:a4:17:9b:81:11:b8:1b:40:42:e0:25:
                    5f:68:51:37:c0:e4:06:88:45:81:18:34:31:1f:bb:
                    2a:4d:40:56:d2:a8:e7:51:05:56:84:39:8d:30:0f:
                    dc:82:3f:fb:72:a4:59:52:aa:29:2e:d8:f2:bc:08:
                    94:d6:69:4f:c8:d3:da:21:dc:0c:70:2f:c3:a6:cc:
                    cc:fa:85:33:60:70:f1:50:a7:ae:10:10:fb:96:c0:
                    40:28:c9:44:ac:72:71:cd:ef:2d:51:c4:a6:13:5a:
                    61:59:43:40:8b:1d:dd:64:d1:cf:e5:de:0a:ab:7d:
                    50:a9:d1:63:f4:6a:f3:04:7e:10:7d:22:ea:76:85:
                    eb:f2:c1:6e:b6:b6:f3:6d:87:11:65:dd:65:76:a6:
                    0b:4f:58:b9:05:c4:ce:29:a0:59:7e:19:ed:fb:a5:
                    b5:5d:f3:d8:8e:8b:92:6a:f6:55:29:bf:9d:9d:11:
                    1f:59:29:aa:eb:77:a0:e6:36:af:d2:48:e0:52:10:
                    b0:4a:c3:b9:4a:20:08:f6:a3:35:93:f3:5b:f0:4f:
                    39:94:7d:0e:76:60:3b:05:cf:2f:7a:5c:67:c2:05:
                    5c:ca:61:71:a1:84:bc:c2:dd:d1:1a:82:a7:0d:8d:
                    83:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:39:35:D7:99:23:D4:34:3A:6C:D1:AC:FD:DF:5A:2A:48:51:9B:84
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/78fa3972-5318-47b7-a9d6-d6ceecbc554e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.55.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         15:9c:eb:97:2e:54:f0:cc:fa:02:a9:f2:79:4c:24:1e:5d:82:
         42:8c:bd:ff:7e:f2:27:42:71:dc:b4:41:29:33:ac:fe:1a:a1:
         80:fa:71:1f:f1:0b:30:b0:3b:dc:ce:60:14:49:8e:94:9c:b2:
         b2:32:74:2a:5c:47:6a:b3:26:0c:5a:76:06:3b:cb:0f:e0:18:
         b6:36:72:5e:85:1d:09:e9:96:cb:04:3f:32:d6:1c:e3:d3:3f:
         c2:49:dd:7f:32:54:18:8a:8c:6b:d5:0f:cc:1c:8c:79:4e:02:
         b5:40:9e:76:11:23:4e:63:ea:d6:95:cf:17:cd:e9:7b:5d:64:
         b7:b3:d8:ae:f2:3e:46:0b:99:01:cd:bd:0e:3e:f8:83:3e:6b:
         82:20:a2:e8:24:ce:5a:d0:5c:d7:31:de:2e:3b:fc:7b:e7:6f:
         92:20:cc:32:2c:42:b7:4f:3d:41:e0:93:8a:05:31:0e:8b:07:
         b2:ac:47:58:31:61:09:12:e8:8a:2e:21:06:b9:d0:7b:06:33:
         2d:5c:f3:b1:a0:5d:09:93:25:c3:1d:ec:27:d4:ea:72:3b:de:
         93:20:b9:81:74:ce:8b:2b:c5:03:b2:8c:e5:b2:35:22:fb:a9:
         05:62:ef:b8:ba:b3:ab:13:4e:69:8d:27:4e:db:46:8a:31:ad:
         cb:08:e0:23
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUfEsg2ghpC7lUSmdBgN6ttTA0nUwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDI5MDAxMDI4WhcNMjUwNjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0BkODFiMDAyODg4YTdhMzY4YTRhZjAzMDczZmM3MmM2YTRj
Mzk1NDQ5YzZkZTJlNTgxYTVjMDM1N2Y0OTgxYTVhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0Of/lbOu4jbUbBVG2yLbHyJSkF5uBEbgbQELgJV9oUTfA
5AaIRYEYNDEfuypNQFbSqOdRBVaEOY0wD9yCP/typFlSqiku2PK8CJTWaU/I09oh
3AxwL8OmzMz6hTNgcPFQp64QEPuWwEAoyUSscnHN7y1RxKYTWmFZQ0CLHd1k0c/l
3gqrfVCp0WP0avMEfhB9Iup2hevywW62tvNthxFl3WV2pgtPWLkFxM4poFl+Ge37
pbVd89iOi5Jq9lUpv52dER9ZKarrd6DmNq/SSOBSELBKw7lKIAj2ozWT81vwTzmU
fQ52YDsFzy96XGfCBVzKYXGhhLzC3dEagqcNjYOtAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU0Tk115kj1DQ6bNGs/d9aKkhRm4QwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc4ZmEzOTcyLTUzMTgtNDdiNy1hOWQ2LWQ2Y2VlY2JjNTU0ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAjNzANBgkqhkiG9w0BAQsFAAOCAQEAFZzrly5U8Mz6AqnyeUwkHl2CQoy9
/37yJ0Jx3LRBKTOs/hqhgPpxH/ELMLA73M5gFEmOlJyysjJ0KlxHarMmDFp2BjvL
D+AYtjZyXoUdCemWywQ/MtYc49M/wkndfzJUGIqMa9UPzByMeU4CtUCedhEjTmPq
1pXPF83pe11kt7PYrvI+RguZAc29Dj74gz5rgiCi6CTOWtBc1zHeLjv8e+dvkiDM
MixCt089QeCTigUxDosHsqxHWDFhCRLoii4hBrnQewYzLVzzsaBdCZMlwx3sJ9Tq
cjvekyC5gXTOiyvFA7KM5bI1IvupBWLvuLqzqxNOaY0nTttGijGtywjgIw==
-----END CERTIFICATE-----