Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0186970e-89aa-4c95-ae6f-6bb7b45d5b25.roa
File:                     0186970e-89aa-4c95-ae6f-6bb7b45d5b25.roa (raw, json)
Hash identifier:          4eiO/CGWeXqoOicxyaeKfUfDFY+IahSvTZYJvA+U8JI=
Subject key identifier:   28:F5:48:12:C2:F5:BC:4A:54:8F:E6:67:A8:D1:EA:64:47:E0:0D:38
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3E91D82379A4474BACA2E2DCA94208B3BE5DB921
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0186970e-89aa-4c95-ae6f-6bb7b45d5b25.roa
Signing time:             Sat 12 Jul 2025 00:31:12 +0000
ROA not before:           Sat 12 Jul 2025 00:31:12 +0000
ROA not after:            Sat 16 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.116.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 22 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:91:d8:23:79:a4:47:4b:ac:a2:e2:dc:a9:42:08:b3:be:5d:b9:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 12 00:31:12 2025 GMT
            Not After : Aug 16 23:59:59 2025 GMT
        Subject: serialNumber=e19c0b9a14d33e77dbb917a29666079bd660c2d34869dd2bc41b67059c717d6e, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:28:90:2e:29:4a:49:fe:21:a7:b7:3e:1f:a6:
                    c6:1f:69:9c:58:a1:15:cd:5a:a0:d5:60:7f:aa:58:
                    f8:8b:30:84:25:45:d5:15:c7:1b:0c:0e:39:85:e4:
                    fa:3d:6c:b2:28:e8:35:90:5c:d6:c9:73:16:cd:14:
                    a1:f7:64:a2:8f:36:b2:a8:99:9e:88:7f:54:2c:38:
                    58:85:b4:56:86:06:25:91:0b:d0:9a:00:28:78:57:
                    1a:78:df:e5:2d:8e:31:eb:e6:17:22:c9:16:7b:18:
                    29:f8:7c:07:15:34:34:c9:05:4e:a3:bb:a9:b2:c1:
                    9f:f5:0a:dd:d6:ed:1d:d7:d1:8e:8e:35:bd:37:97:
                    c7:d6:24:31:40:f8:af:fc:d5:7a:06:65:ba:4e:ed:
                    be:80:53:1b:59:c5:92:52:49:97:ca:dd:b7:4a:09:
                    18:75:4b:56:30:75:84:1d:1d:8d:fc:fb:6e:f5:52:
                    66:82:a0:39:e8:24:f5:7a:81:93:74:3f:e3:44:43:
                    5b:e9:7a:fc:e4:70:81:2c:86:f9:cc:c8:e8:33:6c:
                    a3:5a:d9:a3:7a:74:e0:15:d7:b7:44:c0:d0:1e:a3:
                    51:ec:8f:ea:2b:35:8b:a0:6e:58:dd:16:af:46:0b:
                    fb:01:54:eb:73:3e:c8:d4:df:4c:d1:30:29:f5:59:
                    81:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:F5:48:12:C2:F5:BC:4A:54:8F:E6:67:A8:D1:EA:64:47:E0:0D:38
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0186970e-89aa-4c95-ae6f-6bb7b45d5b25.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.116.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         3b:22:78:27:70:09:3f:15:e6:cb:ed:fd:10:05:69:a7:57:49:
         f7:71:29:cd:f5:20:37:48:ab:1b:92:a1:04:96:fa:6d:c7:71:
         e3:59:3d:98:21:c3:30:e9:3b:6c:5d:b7:70:d5:7c:72:93:5c:
         cd:4c:7a:6f:b7:9b:08:1c:8c:23:26:7d:96:f8:2c:4c:be:b6:
         2f:a7:de:b5:f8:8f:d3:4b:d9:e3:d0:34:e7:f6:12:8b:e5:c4:
         03:ac:56:b9:35:0d:20:31:4c:98:03:b6:82:fb:96:d8:d8:fe:
         1f:4a:1a:18:7f:f0:6b:50:a8:3d:7b:b0:8b:a2:d5:1a:db:17:
         9f:81:04:f9:d1:bf:98:e7:a6:d3:c7:35:8c:0c:00:0c:d4:bf:
         f6:3d:30:ce:13:78:79:61:37:67:80:d6:cd:f5:16:15:c8:cb:
         c4:29:39:1e:e9:ef:92:16:62:98:48:62:9c:bc:03:5d:2e:48:
         9e:55:ff:92:a0:bc:92:88:59:82:b3:7d:f9:be:3f:3e:c6:1d:
         79:18:b5:af:77:c4:18:db:ee:6b:19:e6:b8:f2:84:2c:6a:54:
         2b:c1:4c:80:79:2b:1d:82:87:a2:e2:b2:0c:53:b1:cb:f7:27:
         a2:8e:57:a5:f3:9f:e1:9d:dd:90:ae:6b:5d:41:ea:d7:3d:be:
         0f:4d:4b:77
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUPpHYI3mkR0usouLcqUIIs75duSEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzEyMDAzMTEyWhcNMjUwODE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BlMTljMGI5YTE0ZDMzZTc3ZGJiOTE3YTI5NjY2MDc5YmQ2
NjBjMmQzNDg2OWRkMmJjNDFiNjcwNTljNzE3ZDZlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD0KJAuKUpJ/iGntz4fpsYfaZxYoRXNWqDVYH+qWPiLMIQl
RdUVxxsMDjmF5Po9bLIo6DWQXNbJcxbNFKH3ZKKPNrKomZ6If1QsOFiFtFaGBiWR
C9CaACh4Vxp43+UtjjHr5hciyRZ7GCn4fAcVNDTJBU6ju6mywZ/1Ct3W7R3X0Y6O
Nb03l8fWJDFA+K/81XoGZbpO7b6AUxtZxZJSSZfK3bdKCRh1S1YwdYQdHY38+271
UmaCoDnoJPV6gZN0P+NEQ1vpevzkcIEshvnMyOgzbKNa2aN6dOAV17dEwNAeo1Hs
j+orNYugbljdFq9GC/sBVOtzPsjU30zRMCn1WYGZAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUKPVIEsL1vEpUj+ZnqNHqZEfgDTgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzAxODY5NzBlLTg5YWEtNGM5NS1hZTZmLTZiYjdiNDVkNWIyNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4dDANBgkqhkiG9w0BAQsFAAOCAQEAOyJ4J3AJPxXmy+39EAVpp1dJ93Ep
zfUgN0irG5KhBJb6bcdx41k9mCHDMOk7bF23cNV8cpNczUx6b7ebCByMIyZ9lvgs
TL62L6fetfiP00vZ49A05/YSi+XEA6xWuTUNIDFMmAO2gvuW2Nj+H0oaGH/wa1Co
PXuwi6LVGtsXn4EE+dG/mOem08c1jAwADNS/9j0wzhN4eWE3Z4DWzfUWFcjLxCk5
HunvkhZimEhinLwDXS5InlX/kqC8kohZgrN9+b4/PsYdeRi1r3fEGNvuaxnmuPKE
LGpUK8FMgHkrHYKHouKyDFOxy/cnoo5XpfOf4Z3dkK5rXUHq1z2+D01Ldw==
-----END CERTIFICATE-----