Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8d9d5bd7-2808-4dcf-96a8-29fc3a603307.roa
File:                     8d9d5bd7-2808-4dcf-96a8-29fc3a603307.roa (raw, json)
Hash identifier:          /9HyCwE/LbladlQBPBAZcq5VHr467ewiNpWyfeaTZ2E=
Subject key identifier:   B7:75:C3:CE:56:2F:04:42:8C:DA:26:DF:E6:37:02:CD:BA:8E:B3:62
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7F1F38753421DA81F3C223671F520BEFD40219B9
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8d9d5bd7-2808-4dcf-96a8-29fc3a603307.roa
Signing time:             Fri 13 Jun 2025 15:51:52 +0000
ROA not before:           Fri 13 Jun 2025 15:51:52 +0000
ROA not after:            Fri 18 Jul 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        174.129.44.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 02 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:1f:38:75:34:21:da:81:f3:c2:23:67:1f:52:0b:ef:d4:02:19:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 13 15:51:52 2025 GMT
            Not After : Jul 18 23:59:59 2025 GMT
        Subject: serialNumber=f0a97ba71e6fe05287b0b94c6666b908fc9a499b7884bce750fb20ce11ff6586, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:6e:33:4c:9d:eb:a3:27:38:8e:d5:c4:49:93:
                    ca:17:96:ab:a0:81:5d:0f:fd:58:97:fe:24:ac:95:
                    da:c3:b0:d7:1d:58:db:86:5c:74:08:69:d6:a2:43:
                    e7:f2:5a:9c:45:d6:b7:2f:a0:56:85:d5:68:b2:49:
                    1d:5d:bd:05:02:4d:e9:2e:16:09:1b:c5:08:33:fa:
                    1f:a3:39:58:a7:db:8b:79:39:26:e2:3a:41:7e:79:
                    28:ee:8b:c4:cd:db:5e:e7:d6:07:9a:e6:79:b7:e6:
                    78:83:10:39:ae:5a:80:a8:2b:a9:5c:e0:bc:f2:e6:
                    db:a1:8e:36:56:7e:6e:1b:e0:2b:94:83:cc:8c:f9:
                    12:9d:1a:de:eb:f5:ca:59:5c:02:bf:bf:9e:3b:ac:
                    7b:66:57:bd:76:6a:f3:a9:df:8f:d5:c5:cb:66:70:
                    da:ec:b4:57:f0:ef:73:26:f9:be:6b:2e:5e:52:74:
                    29:ad:5a:a8:a5:9a:4a:a4:1f:ea:d7:ba:69:2d:9a:
                    20:2f:55:18:b7:2e:0b:ab:02:1e:f5:6b:dc:5f:14:
                    4a:77:af:54:be:df:66:06:a7:3b:a4:f3:fa:dc:2a:
                    0a:c6:93:6f:9d:57:bf:33:94:26:36:93:c0:92:a8:
                    49:0f:1f:69:90:c0:1e:49:9d:c0:66:38:2b:a4:7e:
                    d7:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:75:C3:CE:56:2F:04:42:8C:DA:26:DF:E6:37:02:CD:BA:8E:B3:62
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8d9d5bd7-2808-4dcf-96a8-29fc3a603307.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  174.129.44.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0e:bc:6d:a9:d0:22:2c:98:4b:8a:23:c3:19:de:da:e9:fb:8f:
         a3:6a:86:b4:96:91:de:49:db:96:ed:47:4d:ff:b7:83:59:18:
         f1:b5:7f:a3:e9:41:5d:07:50:63:db:3a:cc:5e:4c:61:19:1c:
         3d:7c:11:02:c3:6b:85:c3:b5:5f:bb:1c:b1:66:10:96:b1:18:
         44:17:8c:ed:65:c2:a2:22:dd:f1:31:39:9f:df:9b:ba:e3:cf:
         92:95:5f:ab:43:5a:9d:01:fd:ce:5e:c7:5b:11:ad:c0:b3:ba:
         e4:a4:ad:15:9a:e8:c9:1f:05:7a:43:f1:4e:7c:7f:7f:64:ea:
         bd:7e:b0:a1:6b:41:33:d5:11:a2:c2:f8:70:66:06:69:d4:4c:
         ca:2d:ba:9d:cd:ac:7e:b9:b2:df:5e:77:89:d8:20:44:4c:12:
         bf:bd:4a:d2:97:77:4b:7e:06:1c:8b:07:5b:99:c8:bd:1a:5c:
         26:d0:c7:0b:6b:54:e8:10:5a:d1:27:61:a0:73:ca:b7:ed:14:
         50:29:20:8a:06:ae:46:b4:e7:93:8a:35:75:0e:47:6b:8c:34:
         27:a6:83:6a:fb:01:90:e7:d0:df:dc:75:cd:83:70:1a:ff:0b:
         dc:9c:1b:36:e0:77:2b:8d:07:9d:2e:35:2c:e8:b8:58:a0:5f:
         14:3e:c6:4e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfx84dTQh2oHzwiNnH1IL79QCGbkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjEzMTU1MTUyWhcNMjUwNzE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BmMGE5N2JhNzFlNmZlMDUyODdiMGI5NGM2NjY2YjkwOGZj
OWE0OTliNzg4NGJjZTc1MGZiMjBjZTExZmY2NTg2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDebjNMneujJziO1cRJk8oXlquggV0P/ViX/iSsldrDsNcd
WNuGXHQIadaiQ+fyWpxF1rcvoFaF1WiySR1dvQUCTekuFgkbxQgz+h+jOVin24t5
OSbiOkF+eSjui8TN217n1gea5nm35niDEDmuWoCoK6lc4Lzy5tuhjjZWfm4b4CuU
g8yM+RKdGt7r9cpZXAK/v547rHtmV712avOp34/VxctmcNrstFfw73Mm+b5rLl5S
dCmtWqilmkqkH+rXumktmiAvVRi3LgurAh71a9xfFEp3r1S+32YGpzuk8/rcKgrG
k2+dV78zlCY2k8CSqEkPH2mQwB5JncBmOCukfteLAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUt3XDzlYvBEKM2ibf5jcCzbqOs2IwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhkOWQ1YmQ3LTI4MDgtNGRjZi05NmE4LTI5ZmMzYTYwMzMwNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAKugSwwDQYJKoZIhvcNAQELBQADggEBAA68banQIiyYS4ojwxne2un7j6Nq
hrSWkd5J25btR03/t4NZGPG1f6PpQV0HUGPbOsxeTGEZHD18EQLDa4XDtV+7HLFm
EJaxGEQXjO1lwqIi3fExOZ/fm7rjz5KVX6tDWp0B/c5ex1sRrcCzuuSkrRWa6Mkf
BXpD8U58f39k6r1+sKFrQTPVEaLC+HBmBmnUTMotup3NrH65st9ed4nYIERMEr+9
StKXd0t+BhyLB1uZyL0aXCbQxwtrVOgQWtEnYaBzyrftFFApIIoGrka055OKNXUO
R2uMNCemg2r7AZDn0N/cdc2DcBr/C9ycGzbgdyuNB50uNSzouFigXxQ+xk4=
-----END CERTIFICATE-----