Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8324e9e8-14c6-44fc-9b12-6fbcf6328676.roa
File:                     8324e9e8-14c6-44fc-9b12-6fbcf6328676.roa (raw, json)
Hash identifier:          B4i/c3EembiP82IhxiUyjXWQs9RVsXRozsM6Y83E+c8=
Subject key identifier:   B9:01:A4:5D:33:60:6D:33:FC:97:A6:6E:EC:68:EF:8F:07:E0:94:02
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       04937060A806652089737ABF1362D4D608112202
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8324e9e8-14c6-44fc-9b12-6fbcf6328676.roa
Signing time:             Tue 08 Jul 2025 00:30:18 +0000
ROA not before:           Tue 08 Jul 2025 00:30:18 +0000
ROA not after:            Tue 12 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.78.0.0/15 maxlen: 15
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 26 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:93:70:60:a8:06:65:20:89:73:7a:bf:13:62:d4:d6:08:11:22:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  8 00:30:18 2025 GMT
            Not After : Aug 12 23:59:59 2025 GMT
        Subject: serialNumber=678e650b180812bc014fd98e399b88b9e4dfa3d23cbe5e36302a0ce4c29d73b2, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:46:10:ca:48:eb:1c:9f:99:92:e8:1b:8d:d0:
                    1f:75:ec:b6:c8:e4:2b:72:72:a4:52:29:f0:c1:66:
                    4b:5c:58:63:1d:03:17:33:e4:5e:bc:fa:17:bb:21:
                    a0:b8:4f:ee:27:bd:e4:c1:4d:39:aa:9f:38:22:b4:
                    0b:99:0b:e9:55:07:ef:2f:3c:e5:00:31:a8:9a:b2:
                    0b:bd:4a:76:51:cd:b5:15:1a:6a:05:93:98:2e:7a:
                    55:7c:33:b6:4f:fa:f8:fc:95:07:63:4e:d3:4c:3d:
                    30:75:bd:8e:bb:39:a7:ef:f3:69:b4:03:a9:5a:fd:
                    a7:d0:d9:e1:46:41:73:2d:ec:f2:f8:b5:bc:d9:18:
                    df:90:db:01:c6:77:48:79:56:86:fa:21:de:bc:59:
                    7b:59:90:29:d2:ba:28:ae:35:07:59:5d:8a:4e:bc:
                    c2:a6:d2:bf:08:34:4d:71:e5:24:34:91:f3:6b:93:
                    6f:f0:68:2a:a5:cf:f2:ba:21:da:56:a3:5b:77:28:
                    d7:a7:9c:47:d3:00:17:90:66:9d:28:78:26:cd:f1:
                    d6:75:b0:8a:a9:14:db:1a:72:c4:2b:36:1a:3c:a5:
                    1c:41:fa:2b:5f:d1:fd:5e:cb:e1:ae:97:4c:d8:1c:
                    9e:87:81:03:bf:9c:6e:53:8f:d8:1e:f4:a6:9d:00:
                    bf:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:01:A4:5D:33:60:6D:33:FC:97:A6:6E:EC:68:EF:8F:07:E0:94:02
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8324e9e8-14c6-44fc-9b12-6fbcf6328676.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.78.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         84:40:7c:74:5d:8a:8e:1b:43:13:84:e4:b4:db:c8:e4:4e:a3:
         d8:f1:cd:cd:1b:9c:7a:68:27:32:86:09:27:cc:f4:91:c0:97:
         6b:6d:29:e2:7f:e9:29:b1:05:43:1b:ed:d5:74:ec:7b:ba:d5:
         6b:0b:30:54:06:5f:2c:18:d2:7a:9d:32:d7:21:74:ec:b8:ab:
         cf:40:e8:f8:e8:bd:a8:2d:32:2f:fb:be:93:5a:cc:e9:d1:54:
         cd:6b:ec:5a:d1:51:41:05:41:94:3a:3d:ce:1c:a4:d2:10:41:
         0a:f5:55:48:a8:a0:f6:af:00:40:81:fe:5c:2b:03:90:c2:a8:
         73:2e:87:88:e3:ff:3b:4b:c8:a4:d0:5c:11:7c:8b:06:0f:e5:
         b4:32:11:d0:3d:17:47:84:4d:01:09:e4:c1:e6:bb:48:40:f4:
         43:25:7f:e4:8b:3c:1e:d5:f3:48:d2:53:cf:ef:c3:92:13:39:
         57:48:ae:3c:32:0f:76:95:1a:40:ce:ae:85:29:03:73:cd:72:
         e8:4a:69:37:35:bc:49:6b:2a:76:80:79:14:3b:a2:60:fb:e3:
         1f:c5:13:a9:a9:59:60:63:27:dc:f6:85:0a:7b:f4:a5:2b:4b:
         a1:79:8e:79:31:f1:9d:5e:b5:eb:2b:85:10:0c:60:4e:56:c8:
         84:c2:7f:3b
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUBJNwYKgGZSCJc3q/E2LU1ggRIgIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA4MDAzMDE4WhcNMjUwODEyMjM1OTU5
WjB6MUkwRwYDVQQFE0A2NzhlNjUwYjE4MDgxMmJjMDE0ZmQ5OGUzOTliODhiOWU0
ZGZhM2QyM2NiZTVlMzYzMDJhMGNlNGMyOWQ3M2IyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDERhDKSOscn5mS6BuN0B917LbI5CtycqRSKfDBZktcWGMd
Axcz5F68+he7IaC4T+4nveTBTTmqnzgitAuZC+lVB+8vPOUAMaiasgu9SnZRzbUV
GmoFk5guelV8M7ZP+vj8lQdjTtNMPTB1vY67Oafv82m0A6la/afQ2eFGQXMt7PL4
tbzZGN+Q2wHGd0h5Vob6Id68WXtZkCnSuiiuNQdZXYpOvMKm0r8INE1x5SQ0kfNr
k2/waCqlz/K6IdpWo1t3KNennEfTABeQZp0oeCbN8dZ1sIqpFNsacsQrNho8pRxB
+itf0f1ey+Gul0zYHJ6HgQO/nG5Tj9ge9KadAL+jAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUuQGkXTNgbTP8l6Zu7GjvjwfglAIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzgzMjRlOWU4LTE0YzYtNDRmYy05YjEyLTZmYmNmNjMyODY3Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEQTjANBgkqhkiG9w0BAQsFAAOCAQEAhEB8dF2KjhtDE4TktNvI5E6j2PHN
zRucemgnMoYJJ8z0kcCXa20p4n/pKbEFQxvt1XTse7rVawswVAZfLBjSep0y1yF0
7Lirz0Do+Oi9qC0yL/u+k1rM6dFUzWvsWtFRQQVBlDo9zhyk0hBBCvVVSKig9q8A
QIH+XCsDkMKocy6HiOP/O0vIpNBcEXyLBg/ltDIR0D0XR4RNAQnkwea7SED0QyV/
5Is8HtXzSNJTz+/DkhM5V0iuPDIPdpUaQM6uhSkDc81y6EppNzW8SWsqdoB5FDui
YPvjH8UTqalZYGMn3PaFCnv0pStLoXmOeTHxnV616yuFEAxgTlbIhMJ/Ow==
-----END CERTIFICATE-----