Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6256fa50-0c45-4c1f-83fa-55a665592759.roa
File:                     6256fa50-0c45-4c1f-83fa-55a665592759.roa (raw, json)
Hash identifier:          4RGWwSHbTDafTqtt0CKAY91mgLswBWAJ22SedmtZ2hw=
Subject key identifier:   92:37:D5:33:C6:37:54:C1:C7:F0:96:1B:4B:F3:9F:01:CB:FA:15:C2
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5CCFDA9820C748813F435522677EB597B50D8233
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6256fa50-0c45-4c1f-83fa-55a665592759.roa
Signing time:             Wed 16 Jul 2025 00:12:03 +0000
ROA not before:           Wed 16 Jul 2025 00:12:03 +0000
ROA not after:            Wed 20 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.30.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:cf:da:98:20:c7:48:81:3f:43:55:22:67:7e:b5:97:b5:0d:82:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 16 00:12:03 2025 GMT
            Not After : Aug 20 23:59:59 2025 GMT
        Subject: serialNumber=856ec73435095001487a5f0fa3ddc78f7ccef13165ab088422821ea5d3bd5e61, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:cb:08:a8:12:62:c1:94:02:6e:96:0b:27:20:
                    2f:b5:56:35:21:90:ba:8f:75:4f:b7:4f:8c:7b:92:
                    32:8a:f7:57:72:02:73:b7:fe:96:dc:1b:54:57:95:
                    2a:46:e7:6a:b6:a3:5c:41:8c:ba:20:2f:0f:a4:0d:
                    16:ed:fa:8e:1e:c6:b0:50:b9:61:1d:79:63:a9:4c:
                    ae:70:e4:bd:25:92:78:c0:76:ea:46:9f:87:33:3a:
                    80:aa:62:84:48:7c:b7:fa:d6:f0:77:e1:86:46:d9:
                    b2:97:d5:ac:de:74:5c:2c:8d:52:83:b7:3e:ab:81:
                    30:28:fd:47:a7:77:2a:37:c7:0b:a8:7a:fd:1c:04:
                    1b:fd:f2:08:86:dc:78:79:24:e8:b0:5a:5b:51:29:
                    17:ab:11:3e:41:88:ce:da:bf:c2:d8:57:05:5e:a3:
                    aa:41:fe:ae:97:b7:b9:13:12:22:bc:99:46:65:3c:
                    d0:57:fb:0e:3a:90:e0:85:7d:26:4f:44:c8:97:e2:
                    69:53:4d:e5:a7:cf:f7:17:26:e3:fd:37:56:75:62:
                    ad:ed:36:f8:f7:1c:cf:41:a4:85:58:9a:98:9b:ca:
                    cf:e6:cd:85:35:55:46:40:8a:00:20:67:67:bf:16:
                    c3:f4:92:83:ee:b1:06:4e:f7:77:29:ea:88:5d:db:
                    1f:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:37:D5:33:C6:37:54:C1:C7:F0:96:1B:4B:F3:9F:01:CB:FA:15:C2
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6256fa50-0c45-4c1f-83fa-55a665592759.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.30.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         77:c8:0d:9e:73:ba:9e:82:cd:c4:f4:d7:c4:b6:68:dd:bf:37:
         43:31:07:56:64:a3:98:a0:93:d5:4a:4f:0f:79:6c:59:b1:88:
         af:b9:09:88:d9:b0:8d:78:6f:af:78:e5:5a:99:57:f5:c4:a2:
         64:ac:41:ed:dc:90:8e:8f:2c:5d:0c:f1:6d:6c:e3:0a:2c:07:
         7e:c5:fb:37:30:66:bb:a1:cf:b3:f9:dd:96:c7:7d:8e:33:05:
         5a:ca:fb:94:35:41:00:2b:b3:e7:9a:2e:9f:b6:39:0a:ec:72:
         54:7d:45:83:27:8e:40:bc:0f:4b:92:6d:24:76:26:2c:72:b0:
         29:bf:cb:56:23:55:fa:ea:b5:9f:f1:e9:31:a3:c4:d7:22:7d:
         37:bc:af:43:3e:1a:cb:a3:63:10:d1:b6:a5:1a:63:3f:0a:1a:
         b8:96:c1:b3:cf:01:3d:6b:3f:d0:4f:3e:2a:20:b5:6a:df:6c:
         c6:7e:22:dc:e9:05:e4:d0:df:65:f0:16:7a:04:31:5a:c4:66:
         1e:3f:fe:f6:92:14:67:a4:53:aa:4b:1c:6f:cd:d2:03:a4:0b:
         60:b7:f1:9f:f0:6b:33:05:c9:25:8c:63:37:96:e6:12:31:c9:
         d2:9e:84:e1:78:26:21:4a:91:45:f4:ca:f7:65:78:b8:1f:f7:
         ea:0a:c5:7c
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUXM/amCDHSIE/Q1UiZ361l7UNgjMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzE2MDAxMjAzWhcNMjUwODIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A4NTZlYzczNDM1MDk1MDAxNDg3YTVmMGZhM2RkYzc4Zjdj
Y2VmMTMxNjVhYjA4ODQyMjgyMWVhNWQzYmQ1ZTYxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC6ywioEmLBlAJulgsnIC+1VjUhkLqPdU+3T4x7kjKK91dy
AnO3/pbcG1RXlSpG52q2o1xBjLogLw+kDRbt+o4exrBQuWEdeWOpTK5w5L0lknjA
dupGn4czOoCqYoRIfLf61vB34YZG2bKX1azedFwsjVKDtz6rgTAo/Uendyo3xwuo
ev0cBBv98giG3Hh5JOiwWltRKRerET5BiM7av8LYVwVeo6pB/q6Xt7kTEiK8mUZl
PNBX+w46kOCFfSZPRMiX4mlTTeWnz/cXJuP9N1Z1Yq3tNvj3HM9BpIVYmpibys/m
zYU1VUZAigAgZ2e/FsP0koPusQZO93cp6ohd2x8ZAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUkjfVM8Y3VMHH8JYbS/OfAcv6FcIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzYyNTZmYTUwLTBjNDUtNGMxZi04M2ZhLTU1YTY2NTU5Mjc1OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQHjANBgkqhkiG9w0BAQsFAAOCAQEAd8gNnnO6noLNxPTXxLZo3b83QzEH
VmSjmKCT1UpPD3lsWbGIr7kJiNmwjXhvr3jlWplX9cSiZKxB7dyQjo8sXQzxbWzj
CiwHfsX7NzBmu6HPs/ndlsd9jjMFWsr7lDVBACuz55oun7Y5CuxyVH1FgyeOQLwP
S5JtJHYmLHKwKb/LViNV+uq1n/HpMaPE1yJ9N7yvQz4ay6NjENG2pRpjPwoauJbB
s88BPWs/0E8+KiC1at9sxn4i3OkF5NDfZfAWegQxWsRmHj/+9pIUZ6RTqkscb83S
A6QLYLfxn/BrMwXJJYxjN5bmEjHJ0p6E4XgmIUqRRfTK92V4uB/36grFfA==
-----END CERTIFICATE-----