Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8ea8bcc3-dbdd-4625-8fcb-b88f42d1cd0a.roa
File:                     8ea8bcc3-dbdd-4625-8fcb-b88f42d1cd0a.roa (raw, json)
Hash identifier:          Mv6yPeQQhFBFRJr3f4Eta4u7wF5/pzJsDngA7uDDjqQ=
Subject key identifier:   7F:46:FB:F5:39:C4:A8:F9:FF:A6:93:C7:1F:35:A6:E3:96:38:65:DD
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2F9D22A0C85F3934D74BCC6C5D97CFCC44593145
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8ea8bcc3-dbdd-4625-8fcb-b88f42d1cd0a.roa
Signing time:             Wed 25 Jun 2025 14:37:10 +0000
ROA not before:           Wed 25 Jun 2025 14:37:10 +0000
ROA not after:            Wed 30 Jul 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        216.244.0.0/18 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 30 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:9d:22:a0:c8:5f:39:34:d7:4b:cc:6c:5d:97:cf:cc:44:59:31:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 25 14:37:10 2025 GMT
            Not After : Jul 30 23:59:59 2025 GMT
        Subject: serialNumber=8bc28a98954c20202740f6bea0fe6b90752791544b576567cef7b9d70d410e99, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:49:b1:ca:51:9e:e8:3f:c4:b0:89:c1:a6:2c:
                    8b:86:cd:c2:93:22:75:85:3c:bb:e1:f9:d4:fb:d2:
                    e3:14:31:46:db:95:f3:e5:d5:7d:4c:8a:b4:40:11:
                    9f:96:6b:14:75:a5:65:24:d0:ee:cd:cb:53:b8:50:
                    0f:1a:23:86:b3:c1:7d:ec:f8:c2:f1:44:83:37:a7:
                    41:8c:a5:e8:b0:f4:c5:2b:b6:52:65:eb:ad:ec:90:
                    66:fe:84:e1:98:ba:42:4b:5a:c7:2d:44:3e:f4:b2:
                    66:30:a4:03:2f:1b:f3:91:69:4e:d5:6f:9f:3a:c5:
                    82:67:98:06:0d:2c:66:c7:6d:42:38:bf:25:79:5a:
                    1e:dd:6a:dd:9d:5f:c9:08:8c:62:5c:c4:fb:c2:f6:
                    a7:4a:29:5d:a8:5c:ba:84:78:71:9e:47:e9:3e:12:
                    ff:51:25:72:58:9c:5d:d9:81:59:e6:e0:82:af:f8:
                    44:8f:e2:f0:60:39:41:d6:49:72:85:d9:9a:ec:11:
                    05:1f:5d:93:23:6b:06:ea:78:2d:1d:75:04:62:42:
                    d4:b2:72:fe:4d:a5:50:89:90:30:12:38:87:43:99:
                    22:f6:36:7d:ca:27:3d:0b:f1:3f:22:91:3b:b6:f9:
                    0c:f0:6a:83:b0:db:78:40:6d:89:69:41:dd:a2:d4:
                    e7:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:46:FB:F5:39:C4:A8:F9:FF:A6:93:C7:1F:35:A6:E3:96:38:65:DD
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8ea8bcc3-dbdd-4625-8fcb-b88f42d1cd0a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.244.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         23:b7:31:24:08:7e:ab:0b:66:bf:40:0a:7d:cf:8d:e2:a5:98:
         e0:d2:67:b5:fc:b7:93:3a:03:7b:f9:01:fa:10:98:58:4a:16:
         91:51:cb:3d:cf:e7:32:7a:0e:dd:9c:52:15:37:eb:f0:4a:04:
         f5:21:a5:ec:c0:a3:3d:fc:61:b9:75:59:8d:38:8c:df:b6:76:
         99:c7:9a:ec:37:8b:fa:c0:44:4f:5f:07:b5:d6:fd:25:22:e2:
         07:9b:f2:b5:62:94:41:bc:f0:15:74:32:ab:c0:f4:2a:49:9c:
         7e:e6:af:0c:ef:53:e0:4b:20:14:7e:35:95:b2:f9:3e:0d:38:
         49:7a:a2:05:18:4d:3d:b1:f4:83:fd:8b:d5:49:f9:cb:9a:38:
         56:e1:ce:22:48:7f:62:45:df:6c:13:8b:1a:e3:41:99:3e:fb:
         94:18:7d:ae:cf:ed:63:d3:bd:5d:52:f2:b0:d6:94:ce:e9:8c:
         eb:3a:71:86:3f:ec:d0:75:33:4c:c5:ad:f3:2d:56:c0:19:30:
         19:9c:d2:f2:42:21:27:ed:de:61:6f:3d:fc:5c:a2:35:35:c3:
         2a:29:d2:55:fe:97:df:44:bd:37:c1:d7:e2:dd:54:75:46:e7:
         e7:c2:00:ea:ec:a7:b4:9b:d0:0a:21:c6:e2:4f:2e:09:89:ee:
         7d:d7:e7:df
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUL50ioMhfOTTXS8xsXZfPzERZMUUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjI1MTQzNzEwWhcNMjUwNzMwMjM1OTU5
WjB6MUkwRwYDVQQFE0A4YmMyOGE5ODk1NGMyMDIwMjc0MGY2YmVhMGZlNmI5MDc1
Mjc5MTU0NGI1NzY1NjdjZWY3YjlkNzBkNDEwZTk5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCtSbHKUZ7oP8SwicGmLIuGzcKTInWFPLvh+dT70uMUMUbb
lfPl1X1MirRAEZ+WaxR1pWUk0O7Ny1O4UA8aI4azwX3s+MLxRIM3p0GMpeiw9MUr
tlJl663skGb+hOGYukJLWsctRD70smYwpAMvG/ORaU7Vb586xYJnmAYNLGbHbUI4
vyV5Wh7dat2dX8kIjGJcxPvC9qdKKV2oXLqEeHGeR+k+Ev9RJXJYnF3ZgVnm4IKv
+ESP4vBgOUHWSXKF2ZrsEQUfXZMjawbqeC0ddQRiQtSycv5NpVCJkDASOIdDmSL2
Nn3KJz0L8T8ikTu2+QzwaoOw23hAbYlpQd2i1OeNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUf0b79TnEqPn/ppPHHzWm45Y4Zd0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhlYThiY2MzLWRiZGQtNDYyNS04ZmNiLWI4OGY0MmQxY2QwYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAbY9AAwDQYJKoZIhvcNAQELBQADggEBACO3MSQIfqsLZr9ACn3PjeKlmODS
Z7X8t5M6A3v5AfoQmFhKFpFRyz3P5zJ6Dt2cUhU36/BKBPUhpezAoz38Ybl1WY04
jN+2dpnHmuw3i/rARE9fB7XW/SUi4geb8rVilEG88BV0MqvA9CpJnH7mrwzvU+BL
IBR+NZWy+T4NOEl6ogUYTT2x9IP9i9VJ+cuaOFbhziJIf2JF32wTixrjQZk++5QY
fa7P7WPTvV1S8rDWlM7pjOs6cYY/7NB1M0zFrfMtVsAZMBmc0vJCISft3mFvPfxc
ojU1wyop0lX+l99EvTfB1+LdVHVG5+fCAOrsp7Sb0AohxuJPLgmJ7n3X598=
-----END CERTIFICATE-----