Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e62661a5-503b-4b36-ac32-c96775083fd5.roa
File:                     e62661a5-503b-4b36-ac32-c96775083fd5.roa (raw, json)
Hash identifier:          uetu/ECBZkkboM4bMm5vLigbYFe3bkU7/VoABHE10to=
Subject key identifier:   AC:77:71:0B:F9:1D:69:CB:97:18:46:83:F9:2C:A7:2C:0D:39:90:01
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       146C4B86DF7BCD48F8C32231FE6CBC29A5D2B30D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e62661a5-503b-4b36-ac32-c96775083fd5.roa
Signing time:             Fri 22 Aug 2025 00:40:22 +0000
ROA not before:           Fri 22 Aug 2025 00:40:22 +0000
ROA not after:            Fri 26 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        49.128.224.0/19 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:6c:4b:86:df:7b:cd:48:f8:c3:22:31:fe:6c:bc:29:a5:d2:b3:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 22 00:40:22 2025 GMT
            Not After : Sep 26 23:59:59 2025 GMT
        Subject: serialNumber=31b263cf812d2e29960b2db3ec72354cee6a4aff49ebfbf362a719d7ca0d45a1, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:cb:be:49:ff:1d:23:ec:1a:4b:18:92:aa:04:
                    6c:3d:d2:03:aa:82:66:2d:ab:54:22:8e:c9:65:2f:
                    00:a9:82:9a:ae:07:99:62:ab:51:0b:b3:d1:57:7c:
                    53:4b:03:09:75:8e:e4:9f:03:6a:d4:65:1a:2b:94:
                    0b:6f:65:6f:17:5d:7e:d4:08:ef:0a:34:68:8a:e7:
                    d9:68:8f:14:fd:9d:bf:bf:07:b8:62:64:41:21:69:
                    47:2d:bc:44:87:88:4d:aa:90:16:da:ef:f3:00:52:
                    2c:1e:9f:3a:11:d7:76:29:bf:ef:ce:68:e4:89:c6:
                    5c:b3:24:58:3e:14:3a:4c:5a:5e:3b:9a:fc:29:ff:
                    80:8b:34:9a:32:db:59:d1:6c:1f:d0:af:18:69:d6:
                    1c:76:6f:a1:d0:73:30:a1:64:15:49:a3:ae:05:df:
                    78:e6:ad:e9:c9:e5:88:57:22:a3:8d:0c:1c:a3:57:
                    a3:f3:36:2f:f3:07:84:90:26:6d:5a:78:07:7a:ff:
                    f7:75:f3:50:d9:7a:31:b9:ed:20:b6:a0:e8:fd:92:
                    d3:32:05:a3:95:21:52:f8:91:b6:0a:0c:cf:08:fa:
                    0c:fa:25:66:15:0d:4a:7e:5e:b1:42:a0:22:50:93:
                    b6:d3:6b:13:53:e3:d3:32:1d:bd:8d:f2:24:cd:ae:
                    b6:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:77:71:0B:F9:1D:69:CB:97:18:46:83:F9:2C:A7:2C:0D:39:90:01
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e62661a5-503b-4b36-ac32-c96775083fd5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.128.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         65:0e:26:f5:48:32:20:fb:68:ba:50:1b:67:7d:01:84:1f:25:
         ad:92:e1:32:6d:1a:77:74:10:b2:cb:90:86:99:89:d8:d0:c7:
         dd:8b:c8:bc:5d:cc:7e:1a:89:eb:cc:5b:6b:66:13:d5:0b:d2:
         99:86:6a:c7:6e:b0:8b:e6:c2:61:76:03:fe:c0:c7:46:ce:3b:
         bf:22:40:43:a2:6a:f6:f6:f6:8d:79:78:9e:72:e1:4f:c4:8e:
         44:4a:11:05:69:b9:21:3f:90:1e:34:05:ad:fc:a5:b3:44:11:
         ff:b6:c5:b2:87:10:da:96:fe:38:2c:02:66:5d:37:d3:ff:f0:
         5a:46:3b:50:f2:87:ee:ee:51:1b:17:95:e0:a4:ad:3a:aa:b1:
         94:04:a4:12:14:98:2a:48:50:2c:41:9f:ee:8b:ac:5b:48:b5:
         a8:48:13:36:ad:cb:5e:15:57:05:71:f8:94:66:20:6d:55:99:
         4e:37:63:d5:46:3e:47:44:d2:4c:0c:c9:f0:44:21:08:68:2d:
         bf:17:2d:40:5d:26:d4:dc:db:4a:cd:fd:74:b0:a0:fb:8d:f6:
         00:ba:b7:de:7f:26:dd:af:02:f9:ba:9d:ad:3e:5a:8c:01:75:
         0f:e2:37:30:d6:af:e3:82:ca:38:f3:97:5e:15:70:53:4c:68:
         5c:e2:8d:55
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFGxLht97zUj4wyIx/my8KaXSsw0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODIyMDA0MDIyWhcNMjUwOTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0AzMWIyNjNjZjgxMmQyZTI5OTYwYjJkYjNlYzcyMzU0Y2Vl
NmE0YWZmNDllYmZiZjM2MmE3MTlkN2NhMGQ0NWExMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzy75J/x0j7BpLGJKqBGw90gOqgmYtq1QijsllLwCpgpqu
B5liq1ELs9FXfFNLAwl1juSfA2rUZRorlAtvZW8XXX7UCO8KNGiK59lojxT9nb+/
B7hiZEEhaUctvESHiE2qkBba7/MAUiwenzoR13Ypv+/OaOSJxlyzJFg+FDpMWl47
mvwp/4CLNJoy21nRbB/Qrxhp1hx2b6HQczChZBVJo64F33jmrenJ5YhXIqONDByj
V6PzNi/zB4SQJm1aeAd6//d181DZejG57SC2oOj9ktMyBaOVIVL4kbYKDM8I+gz6
JWYVDUp+XrFCoCJQk7bTaxNT49MyHb2N8iTNrrYHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUrHdxC/kdacuXGEaD+SynLA05kAEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U2MjY2MWE1LTUwM2ItNGIzNi1hYzMyLWM5Njc3NTA4M2ZkNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAUxgOAwDQYJKoZIhvcNAQELBQADggEBAGUOJvVIMiD7aLpQG2d9AYQfJa2S
4TJtGnd0ELLLkIaZidjQx92LyLxdzH4aievMW2tmE9UL0pmGasdusIvmwmF2A/7A
x0bOO78iQEOiavb29o15eJ5y4U/EjkRKEQVpuSE/kB40Ba38pbNEEf+2xbKHENqW
/jgsAmZdN9P/8FpGO1Dyh+7uURsXleCkrTqqsZQEpBIUmCpIUCxBn+6LrFtItahI
Ezaty14VVwVx+JRmIG1VmU43Y9VGPkdE0kwMyfBEIQhoLb8XLUBdJtTc20rN/XSw
oPuN9gC6t95/Jt2vAvm6na0+WowBdQ/iNzDWr+OCyjjzl14VcFNMaFzijVU=
-----END CERTIFICATE-----