Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a2950804-7ecf-4e52-b51b-6db4cd2e1605.roa
File:                     a2950804-7ecf-4e52-b51b-6db4cd2e1605.roa (raw, json)
Hash identifier:          /KyyMf8VEEGhhhcOQyzHyEODuBgJVShEJBr0uSekkRo=
Subject key identifier:   17:C4:27:29:C9:B4:AF:18:EF:D6:E3:FA:22:A0:5C:17:BE:F8:E4:71
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2821B1C741A29CA3F33C7C8BA27BC6B69C5717C4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a2950804-7ecf-4e52-b51b-6db4cd2e1605.roa
Signing time:             Sat 16 Aug 2025 00:30:30 +0000
ROA not before:           Sat 16 Aug 2025 00:30:30 +0000
ROA not after:            Sat 20 Sep 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        44.215.116.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:21:b1:c7:41:a2:9c:a3:f3:3c:7c:8b:a2:7b:c6:b6:9c:57:17:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 16 00:30:30 2025 GMT
            Not After : Sep 20 23:59:59 2025 GMT
        Subject: serialNumber=1ce924fd75d51ed6bfe4980c88f28dae70a070d333db5575c10c428e1ddcd3cc, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:c5:b3:92:74:ea:76:7d:17:05:ef:8e:ae:57:
                    7b:3d:ae:c3:b9:c7:b1:ca:c3:39:56:b8:b4:77:eb:
                    0d:a3:c4:cf:5d:62:86:e2:f0:05:14:81:85:ae:49:
                    5a:7d:0e:07:a8:64:41:fe:03:bf:31:77:e4:2b:47:
                    68:6c:26:a0:12:ef:98:64:13:69:6d:79:24:46:7e:
                    a7:33:b6:ba:2c:18:07:06:38:ad:bd:f3:6f:a0:f5:
                    0d:73:21:e8:d3:4a:a5:f4:e3:15:2a:f4:4f:a9:8f:
                    f0:88:15:0a:5d:6a:d3:22:ff:e4:08:1d:5b:ed:b6:
                    c6:bd:81:40:85:4e:fa:e4:5c:d1:44:52:ce:bc:68:
                    fc:d3:7a:eb:df:b6:b2:76:87:bc:e5:78:43:f0:67:
                    e2:95:90:93:f8:b7:90:79:d3:8c:b1:73:c3:9e:98:
                    8f:c1:1c:25:79:01:fd:23:ee:33:a2:97:35:df:17:
                    a9:ac:57:2d:93:5e:7f:9c:8a:c4:32:b3:28:7e:09:
                    6e:b8:9e:cc:b4:14:f4:0d:0c:33:14:a8:3d:bb:71:
                    66:be:35:a0:98:41:f7:28:ed:2b:94:40:67:72:72:
                    56:43:fd:2b:16:5b:46:82:9b:39:f5:b1:a8:08:ac:
                    0c:08:66:91:57:a9:55:88:87:6b:81:4b:01:6f:8b:
                    3b:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:C4:27:29:C9:B4:AF:18:EF:D6:E3:FA:22:A0:5C:17:BE:F8:E4:71
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a2950804-7ecf-4e52-b51b-6db4cd2e1605.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  44.215.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         34:d6:53:72:75:f4:37:4a:f4:16:02:d9:5f:e4:15:e3:06:fa:
         06:d4:c2:5f:9b:fe:56:66:0e:b3:f5:1a:ed:12:7a:63:12:ba:
         e5:ea:46:c6:86:29:b8:e3:cf:f9:d6:4b:59:b3:39:a1:72:c8:
         a8:58:78:95:38:f7:a1:68:3a:4a:e7:44:b3:b5:d5:24:95:cc:
         02:82:ac:ba:1b:8c:93:92:fb:d5:cb:d7:08:83:83:e3:a6:05:
         7c:e8:10:5f:33:af:c0:8f:92:7d:4b:1a:5b:00:a3:4d:6b:a8:
         30:70:13:06:42:2e:9d:ab:5e:dd:58:6e:89:42:6d:32:59:fc:
         37:78:72:38:33:34:7e:3f:95:9e:4d:49:42:cc:6d:36:67:da:
         8b:a0:90:64:4a:0d:01:e0:69:78:4a:0d:af:3f:83:72:9e:84:
         7f:e4:30:81:5b:b5:50:75:62:ff:f9:47:fc:b3:af:8a:6a:63:
         d9:30:95:75:56:13:c5:70:b1:1a:a2:88:2a:c4:c4:e7:e8:4d:
         8b:c3:e3:2c:24:eb:1d:57:34:89:72:4a:7e:50:fc:61:88:ea:
         a8:dc:78:e1:b2:f2:c2:3f:b8:87:bc:46:cd:d3:2b:84:5b:67:
         fe:7b:71:08:8b:67:4e:f4:cc:ec:29:53:de:fb:b6:df:9a:c4:
         44:6e:86:79
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKCGxx0GinKPzPHyLonvGtpxXF8QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODE2MDAzMDMwWhcNMjUwOTIwMjM1OTU5
WjB6MUkwRwYDVQQFE0AxY2U5MjRmZDc1ZDUxZWQ2YmZlNDk4MGM4OGYyOGRhZTcw
YTA3MGQzMzNkYjU1NzVjMTBjNDI4ZTFkZGNkM2NjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDExbOSdOp2fRcF746uV3s9rsO5x7HKwzlWuLR36w2jxM9d
Yobi8AUUgYWuSVp9DgeoZEH+A78xd+QrR2hsJqAS75hkE2lteSRGfqcztrosGAcG
OK2982+g9Q1zIejTSqX04xUq9E+pj/CIFQpdatMi/+QIHVvttsa9gUCFTvrkXNFE
Us68aPzTeuvftrJ2h7zleEPwZ+KVkJP4t5B504yxc8OemI/BHCV5Af0j7jOilzXf
F6msVy2TXn+cisQysyh+CW64nsy0FPQNDDMUqD27cWa+NaCYQfco7SuUQGdyclZD
/SsWW0aCmzn1sagIrAwIZpFXqVWIh2uBSwFvizt1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUF8QnKcm0rxjv1uP6IqBcF7745HEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2EyOTUwODA0LTdlY2YtNGU1Mi1iNTFiLTZkYjRjZDJlMTYwNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIs13QwDQYJKoZIhvcNAQELBQADggEBADTWU3J19DdK9BYC2V/kFeMG+gbU
wl+b/lZmDrP1Gu0SemMSuuXqRsaGKbjjz/nWS1mzOaFyyKhYeJU496FoOkrnRLO1
1SSVzAKCrLobjJOS+9XL1wiDg+OmBXzoEF8zr8CPkn1LGlsAo01rqDBwEwZCLp2r
Xt1YbolCbTJZ/Dd4cjgzNH4/lZ5NSULMbTZn2ougkGRKDQHgaXhKDa8/g3KehH/k
MIFbtVB1Yv/5R/yzr4pqY9kwlXVWE8VwsRqiiCrExOfoTYvD4ywk6x1XNIlySn5Q
/GGI6qjceOGy8sI/uIe8Rs3TK4RbZ/57cQiLZ070zOwpU977tt+axERuhnk=
-----END CERTIFICATE-----