Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/71f17d70-39ce-4e36-ab82-115560d236c7.roa
File:                     71f17d70-39ce-4e36-ab82-115560d236c7.roa (raw, json)
Hash identifier:          h4N+KJjI2ihwYeXZw2IFNYdPQKtwbQouXBBljMdaJMk=
Subject key identifier:   76:22:D9:E3:30:D2:84:AA:90:5A:C6:BE:21:1C:5D:B8:80:C6:C3:AF
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3A7C65379FA22C7217C962E8B7587F086D8EC135
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/71f17d70-39ce-4e36-ab82-115560d236c7.roa
Signing time:             Fri 11 Jul 2025 00:30:25 +0000
ROA not before:           Fri 11 Jul 2025 00:30:25 +0000
ROA not after:            Fri 15 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.4.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:7c:65:37:9f:a2:2c:72:17:c9:62:e8:b7:58:7f:08:6d:8e:c1:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 11 00:30:25 2025 GMT
            Not After : Aug 15 23:59:59 2025 GMT
        Subject: serialNumber=cc76b3f36a3a93b0ab92bf4ad1156a002892d638ae1dadfa1ede7b4decb3634c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:2d:9e:cc:15:39:54:c3:b8:b2:c0:7c:3d:26:
                    8b:d2:ec:e7:7d:98:e6:14:20:60:db:5c:0b:e4:63:
                    96:b4:d8:85:62:95:15:3a:aa:ae:13:c4:ec:da:c6:
                    04:ff:89:af:5f:ec:58:12:67:cf:ed:7e:66:65:4d:
                    65:ae:d7:49:95:66:87:16:79:a4:a5:d4:81:2b:a8:
                    73:fc:4a:ee:c5:49:aa:ad:fa:5b:36:c5:21:69:81:
                    9f:9e:59:3f:32:30:56:f7:4e:a8:36:87:dd:f0:87:
                    5b:18:5d:ae:56:45:f8:9c:fb:ed:84:13:a2:69:2a:
                    34:ad:6c:a1:25:eb:83:b8:1d:66:33:62:86:45:7f:
                    a3:1d:26:b0:90:71:8b:4f:b9:a5:0c:ec:b8:1e:30:
                    00:1d:20:c2:df:45:24:d7:b9:f0:26:51:47:8e:b2:
                    fd:de:eb:c0:60:90:21:da:52:35:1d:38:a5:34:b0:
                    9e:1d:ba:50:05:eb:d3:bf:19:ed:eb:d2:f0:58:99:
                    95:e3:2f:2b:ba:3c:43:6f:f0:b3:ca:bc:51:97:84:
                    9a:c1:72:05:2d:55:aa:86:4f:bf:2c:92:f3:09:d9:
                    24:65:13:f9:8a:b2:8d:88:0d:69:29:0a:db:e1:8f:
                    7a:cb:a1:27:a3:32:99:c1:7e:0d:89:1e:29:4e:01:
                    02:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:22:D9:E3:30:D2:84:AA:90:5A:C6:BE:21:1C:5D:B8:80:C6:C3:AF
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/71f17d70-39ce-4e36-ab82-115560d236c7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.4.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         4b:6e:68:4e:af:95:fe:c7:f9:44:92:da:90:e2:3a:fa:59:01:
         90:fd:ef:7f:b1:8d:99:8d:e4:92:2f:9b:bb:9e:03:67:27:b8:
         bb:af:d4:ec:bb:62:d2:96:98:dd:9d:27:eb:b3:f5:e1:dd:96:
         07:4b:ef:b3:7a:5f:05:71:48:ac:7d:7b:14:2d:ad:7f:c0:a9:
         8d:a1:0e:d2:3d:7a:5b:0e:9f:f9:0f:cd:cd:7b:2e:f5:15:bb:
         ed:84:32:ce:cb:ab:60:92:d4:b5:25:25:30:89:35:eb:5c:8e:
         29:4e:c2:24:48:45:76:b4:21:da:68:c2:24:b2:f8:4d:ec:79:
         4a:d2:8e:9e:4a:ee:3f:e6:76:56:77:8c:9b:18:62:e8:32:46:
         00:2f:26:65:64:76:3f:c2:ab:07:6f:f5:6f:90:e8:d1:ef:39:
         fc:16:f8:33:9b:78:a4:07:59:69:49:17:4d:41:c7:58:90:98:
         82:8a:04:4a:47:5c:7e:18:38:f9:b1:13:91:6d:25:0f:f7:df:
         1f:1e:ff:9d:8e:d5:5e:7a:92:8a:1f:a4:24:36:ba:ed:e2:9f:
         9d:2f:65:c2:3c:dc:c1:f5:5f:63:af:4f:02:57:14:4b:42:d3:
         db:08:50:61:eb:bb:9e:81:32:73:3f:dd:0a:c3:6b:6a:94:e1:
         9e:61:2e:70
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUOnxlN5+iLHIXyWLot1h/CG2OwTUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzExMDAzMDI1WhcNMjUwODE1MjM1OTU5
WjB6MUkwRwYDVQQFE0BjYzc2YjNmMzZhM2E5M2IwYWI5MmJmNGFkMTE1NmEwMDI4
OTJkNjM4YWUxZGFkZmExZWRlN2I0ZGVjYjM2MzRjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCsLZ7MFTlUw7iywHw9JovS7Od9mOYUIGDbXAvkY5a02IVi
lRU6qq4TxOzaxgT/ia9f7FgSZ8/tfmZlTWWu10mVZocWeaSl1IErqHP8Su7FSaqt
+ls2xSFpgZ+eWT8yMFb3Tqg2h93wh1sYXa5WRfic++2EE6JpKjStbKEl64O4HWYz
YoZFf6MdJrCQcYtPuaUM7LgeMAAdIMLfRSTXufAmUUeOsv3e68BgkCHaUjUdOKU0
sJ4dulAF69O/Ge3r0vBYmZXjLyu6PENv8LPKvFGXhJrBcgUtVaqGT78skvMJ2SRl
E/mKso2IDWkpCtvhj3rLoSejMpnBfg2JHilOAQLDAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUdiLZ4zDShKqQWsa+IRxduIDGw68wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzcxZjE3ZDcwLTM5Y2UtNGUzNi1hYjgyLTExNTU2MGQyMzZjNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4BDANBgkqhkiG9w0BAQsFAAOCAQEAS25oTq+V/sf5RJLakOI6+lkBkP3v
f7GNmY3kki+bu54DZye4u6/U7Lti0paY3Z0n67P14d2WB0vvs3pfBXFIrH17FC2t
f8CpjaEO0j16Ww6f+Q/NzXsu9RW77YQyzsurYJLUtSUlMIk161yOKU7CJEhFdrQh
2mjCJLL4Tex5StKOnkruP+Z2VneMmxhi6DJGAC8mZWR2P8KrB2/1b5Do0e85/Bb4
M5t4pAdZaUkXTUHHWJCYgooESkdcfhg4+bETkW0lD/ffHx7/nY7VXnqSih+kJDa6
7eKfnS9lwjzcwfVfY69PAlcUS0LT2whQYeu7noEycz/dCsNrapThnmEucA==
-----END CERTIFICATE-----