Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a3275665-17d9-4bb2-8f2d-df1421f7adfe.roa
File:                     a3275665-17d9-4bb2-8f2d-df1421f7adfe.roa (raw, json)
Hash identifier:          pMJokNWX8fPP64AlbL5oRRqrVPOK7F2f9aUlQnVT+Os=
Subject key identifier:   55:58:1C:E8:45:DA:9A:E3:F0:50:9D:55:E2:37:68:FC:7D:CF:D9:63
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       15B473F6D1709ED54590A4938B38464D71934BB2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a3275665-17d9-4bb2-8f2d-df1421f7adfe.roa
Signing time:             Tue 24 Jun 2025 00:40:18 +0000
ROA not before:           Tue 24 Jun 2025 00:40:18 +0000
ROA not after:            Tue 29 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.191.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 02 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:b4:73:f6:d1:70:9e:d5:45:90:a4:93:8b:38:46:4d:71:93:4b:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 24 00:40:18 2025 GMT
            Not After : Jul 29 23:59:59 2025 GMT
        Subject: serialNumber=41e79042371b167a1b5d094986a7e679dc828be46bca24a3ca9bd8b1a16fa02f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:4f:35:21:88:27:97:a4:54:b9:79:6e:02:fd:
                    15:48:89:65:40:33:e6:e4:00:c2:56:6a:d7:72:f2:
                    dd:9a:6d:06:9b:9c:c5:d3:04:46:9e:61:9d:d3:b0:
                    ec:36:e9:11:79:c7:0f:ef:a3:8f:fe:a1:bc:c6:79:
                    03:0f:a7:4c:74:ec:4f:d1:08:7a:1d:5b:4f:c2:96:
                    c7:9c:10:48:72:08:cf:0f:0a:fc:f4:e1:ed:86:6e:
                    fa:3a:29:2d:bc:b6:24:2c:3f:77:2a:82:2d:67:fd:
                    07:96:65:bf:1f:ec:c5:ae:b1:1d:3c:86:2b:20:a8:
                    ae:94:d0:e8:90:41:28:e7:f3:5d:ab:f8:f7:5b:31:
                    9d:cc:3f:db:08:5c:2e:d6:93:2c:54:cf:ae:96:7c:
                    fd:62:33:82:c1:ea:b9:21:61:09:5a:8f:ad:f4:a1:
                    dd:35:9a:c2:ad:b4:1b:e0:75:8f:58:e7:f0:f0:29:
                    7f:18:92:83:2b:32:81:7a:c8:9b:00:49:b0:fe:cc:
                    34:b0:ba:ec:be:8c:df:34:5a:69:c4:60:29:1b:a4:
                    bf:67:f2:7d:b4:44:60:14:82:a8:ba:0c:1d:66:76:
                    d9:86:6b:14:05:8d:9e:17:a7:f4:f4:9c:cd:83:5f:
                    eb:a1:ca:77:1e:54:49:7f:73:86:83:f7:36:7e:d4:
                    e7:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:58:1C:E8:45:DA:9A:E3:F0:50:9D:55:E2:37:68:FC:7D:CF:D9:63
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a3275665-17d9-4bb2-8f2d-df1421f7adfe.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.191.0/24

    Signature Algorithm: sha256WithRSAEncryption
         cc:32:1b:cb:de:3c:d6:b3:84:5f:c3:f4:a5:99:35:b1:b6:a5:
         80:7b:1b:14:87:84:fe:54:a4:8d:05:7a:8e:8d:96:48:cd:82:
         c0:1a:1f:9e:a7:e6:3c:e0:11:aa:2c:04:cf:1d:32:64:68:dc:
         bb:77:13:3a:d6:4c:61:06:ab:e6:3a:ef:7f:d3:77:c6:74:fd:
         30:ed:1e:2f:8f:fe:8a:8a:05:55:54:3d:6c:2b:99:93:f2:41:
         fa:cf:8a:7b:90:b9:d0:f7:b8:5b:97:00:c3:92:c1:01:11:4c:
         2f:c1:e4:6e:ed:3c:56:d7:b2:5b:aa:8e:85:ca:34:b0:7d:b9:
         a6:90:a7:f0:26:c5:1e:bc:25:2f:0d:1a:f7:37:8c:5b:bd:ca:
         2f:fa:a8:99:e3:04:c3:67:54:65:a4:3f:8b:f2:a0:3d:d1:c2:
         fb:21:38:88:b0:a4:c0:b9:46:a5:d9:57:0f:81:86:35:c2:fa:
         11:94:26:02:56:75:36:6a:c6:34:8b:8d:37:77:ac:e7:2e:b9:
         c4:f5:b1:10:ce:69:a4:df:c3:a8:77:f3:f1:3b:9c:9a:6b:e0:
         74:a2:f2:df:b7:cb:f2:38:a4:58:5c:8f:22:19:ff:ef:0c:ff:
         dd:92:35:c5:fb:ac:b9:00:c0:a8:47:4d:50:5b:f0:3b:53:98:
         0d:14:93:e0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFbRz9tFwntVFkKSTizhGTXGTS7IwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjI0MDA0MDE4WhcNMjUwNzI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A0MWU3OTA0MjM3MWIxNjdhMWI1ZDA5NDk4NmE3ZTY3OWRj
ODI4YmU0NmJjYTI0YTNjYTliZDhiMWExNmZhMDJmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCVTzUhiCeXpFS5eW4C/RVIiWVAM+bkAMJWatdy8t2abQab
nMXTBEaeYZ3TsOw26RF5xw/vo4/+obzGeQMPp0x07E/RCHodW0/ClsecEEhyCM8P
Cvz04e2Gbvo6KS28tiQsP3cqgi1n/QeWZb8f7MWusR08hisgqK6U0OiQQSjn812r
+PdbMZ3MP9sIXC7WkyxUz66WfP1iM4LB6rkhYQlaj630od01msKttBvgdY9Y5/Dw
KX8YkoMrMoF6yJsASbD+zDSwuuy+jN80WmnEYCkbpL9n8n20RGAUgqi6DB1mdtmG
axQFjZ4Xp/T0nM2DX+uhynceVEl/c4aD9zZ+1Oe3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUVVgc6EXamuPwUJ1V4jdo/H3P2WMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2EzMjc1NjY1LTE3ZDktNGJiMi04ZjJkLWRmMTQyMWY3YWRmZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTb8wDQYJKoZIhvcNAQELBQADggEBAMwyG8vePNazhF/D9KWZNbG2pYB7
GxSHhP5UpI0Feo6NlkjNgsAaH56n5jzgEaosBM8dMmRo3Lt3EzrWTGEGq+Y673/T
d8Z0/TDtHi+P/oqKBVVUPWwrmZPyQfrPinuQudD3uFuXAMOSwQERTC/B5G7tPFbX
sluqjoXKNLB9uaaQp/AmxR68JS8NGvc3jFu9yi/6qJnjBMNnVGWkP4vyoD3Rwvsh
OIiwpMC5RqXZVw+BhjXC+hGUJgJWdTZqxjSLjTd3rOcuucT1sRDOaaTfw6h38/E7
nJpr4HSi8t+3y/I4pFhcjyIZ/+8M/92SNcX7rLkAwKhHTVBb8DtTmA0Uk+A=
-----END CERTIFICATE-----