Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f0607a85-59d4-41f8-a27e-6ca35a850925.roa
File:                     f0607a85-59d4-41f8-a27e-6ca35a850925.roa (raw, json)
Hash identifier:          US32mZ2Uct7F2CSTq3bHY9n9jpUPFdYcupLcuHg9RgQ=
Subject key identifier:   DF:83:13:E8:2F:C7:ED:2F:C6:C4:BC:D3:59:82:22:6A:4B:F8:BA:72
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1104459F778C1C547AE74B8D719FB5BE9E923D4D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f0607a85-59d4-41f8-a27e-6ca35a850925.roa
Signing time:             Tue 19 Aug 2025 00:11:38 +0000
ROA not before:           Tue 19 Aug 2025 00:11:38 +0000
ROA not after:            Tue 23 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.139.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:04:45:9f:77:8c:1c:54:7a:e7:4b:8d:71:9f:b5:be:9e:92:3d:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 19 00:11:38 2025 GMT
            Not After : Sep 23 23:59:59 2025 GMT
        Subject: serialNumber=5bb8053fba7b75289f79d5ebf1c7de7e289e6e12d2663c3c6d1a5c4c2c086778, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:fa:6e:4e:df:c4:ff:91:0f:69:99:78:18:ba:
                    4a:71:99:53:aa:f3:b7:b5:88:47:08:f1:23:3f:f9:
                    d4:75:0c:4c:51:8f:55:92:55:0d:fa:70:63:15:e7:
                    f2:95:1d:73:c9:43:d1:d7:4e:d1:e2:89:13:e2:53:
                    75:6b:8e:5f:56:c8:70:cf:fe:59:b9:56:a7:60:33:
                    32:1a:6d:23:04:85:10:d0:51:e2:76:a2:9c:14:2a:
                    d9:a4:bc:d1:a9:0a:48:e9:4b:8f:10:cb:69:e2:5f:
                    9c:56:00:cd:17:7a:27:81:09:a0:f2:69:06:02:7e:
                    25:45:48:72:ff:de:c8:77:a4:a4:e9:3e:a3:e2:c7:
                    ec:af:16:26:70:f9:cb:ad:11:ae:31:81:a6:3f:60:
                    a3:50:b3:c7:21:93:76:f6:8f:af:8b:f8:3f:88:bb:
                    87:5c:26:a1:17:b4:4b:ec:bc:c6:79:fb:58:93:2b:
                    df:11:29:28:00:43:0e:ef:d4:de:44:02:a2:50:ac:
                    33:6a:7b:e0:71:72:28:5b:17:10:2d:81:ce:d2:38:
                    37:3d:b7:56:df:67:29:a0:47:3c:53:fc:5f:e7:02:
                    22:fe:9b:fe:b2:8a:66:bb:7b:a1:ee:64:96:c8:92:
                    e8:9f:a0:2a:3b:5b:12:65:e1:22:e2:75:f1:04:45:
                    88:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:83:13:E8:2F:C7:ED:2F:C6:C4:BC:D3:59:82:22:6A:4B:F8:BA:72
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f0607a85-59d4-41f8-a27e-6ca35a850925.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.139.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         25:e0:37:75:64:a5:f6:ca:0f:d9:5e:c5:8c:2e:06:f4:c0:1c:
         03:a6:eb:92:6c:f1:f8:e1:af:5c:6f:31:0e:6d:e2:2b:b6:8e:
         7b:ec:df:d2:1d:8f:0b:9e:4e:d9:94:8b:0e:74:e9:61:7e:a2:
         c6:4d:a4:ee:31:b1:3f:29:06:d3:9a:b6:e7:23:b7:d3:05:be:
         4f:2e:fe:09:24:6d:7f:26:5f:ce:74:55:5f:40:3b:48:2f:2c:
         0f:d1:60:8f:8e:59:e4:75:32:bd:06:6a:5f:c8:93:a3:26:be:
         ec:fc:c4:21:32:6a:d8:16:fa:27:f7:64:b5:21:1e:f3:b4:91:
         a1:ac:b5:c5:6f:6d:e0:2b:ac:e2:c6:26:c5:c0:59:f3:30:27:
         26:70:01:05:17:fb:2a:81:5c:61:87:c4:02:9b:4a:f4:b6:5e:
         6f:25:3b:cb:bd:6e:cd:f7:92:53:4a:47:6d:7a:0b:d1:be:1f:
         b3:7b:07:18:3e:c5:dc:56:df:11:4f:b1:19:e5:2f:a5:df:bd:
         60:62:3e:20:4a:03:75:54:30:e3:09:f3:7a:bf:79:5e:23:ca:
         36:ce:a5:03:34:25:2c:f1:55:03:b0:5a:d5:fc:9f:39:31:2c:
         5a:1f:cf:ca:85:6f:23:75:cc:dc:95:4c:ff:b0:6e:68:37:c7:
         15:ee:dd:93
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUEQRFn3eMHFR650uNcZ+1vp6SPU0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODE5MDAxMTM4WhcNMjUwOTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A1YmI4MDUzZmJhN2I3NTI4OWY3OWQ1ZWJmMWM3ZGU3ZTI4
OWU2ZTEyZDI2NjNjM2M2ZDFhNWM0YzJjMDg2Nzc4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDW+m5O38T/kQ9pmXgYukpxmVOq87e1iEcI8SM/+dR1DExR
j1WSVQ36cGMV5/KVHXPJQ9HXTtHiiRPiU3Vrjl9WyHDP/lm5VqdgMzIabSMEhRDQ
UeJ2opwUKtmkvNGpCkjpS48Qy2niX5xWAM0XeieBCaDyaQYCfiVFSHL/3sh3pKTp
PqPix+yvFiZw+cutEa4xgaY/YKNQs8chk3b2j6+L+D+Iu4dcJqEXtEvsvMZ5+1iT
K98RKSgAQw7v1N5EAqJQrDNqe+BxcihbFxAtgc7SODc9t1bfZymgRzxT/F/nAiL+
m/6yima7e6HuZJbIkuifoCo7WxJl4SLidfEERYgvAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU34MT6C/H7S/GxLzTWYIiakv4unIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2YwNjA3YTg1LTU5ZDQtNDFmOC1hMjdlLTZjYTM1YTg1MDkyNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4izANBgkqhkiG9w0BAQsFAAOCAQEAJeA3dWSl9soP2V7FjC4G9MAcA6br
kmzx+OGvXG8xDm3iK7aOe+zf0h2PC55O2ZSLDnTpYX6ixk2k7jGxPykG05q25yO3
0wW+Ty7+CSRtfyZfznRVX0A7SC8sD9Fgj45Z5HUyvQZqX8iToya+7PzEITJq2Bb6
J/dktSEe87SRoay1xW9t4Cus4sYmxcBZ8zAnJnABBRf7KoFcYYfEAptK9LZebyU7
y71uzfeSU0pHbXoL0b4fs3sHGD7F3FbfEU+xGeUvpd+9YGI+IEoDdVQw4wnzer95
XiPKNs6lAzQlLPFVA7Ba1fyfOTEsWh/PyoVvI3XM3JVM/7BuaDfHFe7dkw==
-----END CERTIFICATE-----