Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9dfe9c23-3390-44e3-853d-2a5c92562a64.roa
File:                     9dfe9c23-3390-44e3-853d-2a5c92562a64.roa (raw, json)
Hash identifier:          7tNp031/VdrWx8lA6YWMJ/w45QQtAlizygdYEkzDJAM=
Subject key identifier:   EA:19:89:A2:CE:2D:FB:B8:30:57:38:78:B9:7B:A4:6C:E6:DC:09:9F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7010D80782427383C3E2878CF4D2C0FE99CFA8A8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9dfe9c23-3390-44e3-853d-2a5c92562a64.roa
Signing time:             Wed 12 Mar 2025 00:11:34 +0000
ROA not before:           Wed 12 Mar 2025 00:11:34 +0000
ROA not after:            Wed 16 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.118.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 06 Apr 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:10:d8:07:82:42:73:83:c3:e2:87:8c:f4:d2:c0:fe:99:cf:a8:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 12 00:11:34 2025 GMT
            Not After : Apr 16 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:4b:19:05:36:f5:93:26:20:90:b5:08:b2:c9:
                    ca:45:dd:5e:e0:5c:fd:f7:70:07:84:06:a6:31:85:
                    b4:e2:4b:e0:f8:df:3c:27:56:52:b2:0a:95:af:ba:
                    74:0d:20:83:63:a6:41:d9:f1:4a:15:7f:f3:34:bd:
                    33:0c:0c:62:ec:25:04:f0:0e:6a:95:89:d7:8a:f7:
                    b3:54:f2:62:65:4e:ae:0f:21:a3:d1:3e:98:0c:72:
                    3b:08:a6:77:7d:ea:e9:42:54:e0:0a:01:83:7b:a6:
                    af:4c:2c:1a:79:68:cf:4f:d9:70:3e:77:57:94:c0:
                    f9:6f:e9:a8:cd:fd:a9:49:9f:86:2b:c1:9c:8b:81:
                    a1:3c:08:c3:25:c5:07:2a:58:37:aa:25:d3:e7:d4:
                    e1:51:63:0b:ab:17:ba:34:cb:ba:7a:6c:de:a9:39:
                    62:49:37:4c:f1:85:9c:62:11:45:6d:3e:88:e8:dd:
                    41:66:13:b4:03:e7:38:9a:b8:d1:d3:d0:cb:4f:bd:
                    8a:32:e2:9c:f1:47:91:9f:19:75:22:8d:1f:22:47:
                    3a:08:35:c5:43:89:7b:00:b9:cf:80:6a:0e:40:e3:
                    87:35:46:49:27:73:1a:b0:88:03:8f:15:cc:83:9a:
                    dd:0b:a4:1a:4d:25:0f:4c:ec:5a:08:b2:fe:98:67:
                    46:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:19:89:A2:CE:2D:FB:B8:30:57:38:78:B9:7B:A4:6C:E6:DC:09:9F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9dfe9c23-3390-44e3-853d-2a5c92562a64.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.118.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         13:7f:17:e4:f6:f1:da:92:87:9b:8d:17:f3:d7:46:57:87:f0:
         19:45:a7:95:fe:81:9d:c5:1f:79:97:2c:87:55:8e:4c:39:40:
         1a:56:93:1e:79:00:15:72:95:a3:36:98:05:48:19:e1:6b:59:
         8e:a4:ba:c1:bd:38:56:21:a1:96:22:a1:1c:2a:cd:4b:6f:fd:
         ce:91:54:37:b6:49:9a:f9:87:1a:32:12:1c:13:d2:3d:23:7d:
         eb:8a:e7:30:84:a4:a7:7a:01:5e:a2:4e:63:86:e7:aa:1c:c8:
         02:ba:a6:62:be:cb:8e:a7:87:51:7a:31:34:f3:9d:d2:c8:96:
         8c:57:f7:cd:71:72:ad:58:5f:56:30:fb:9f:12:08:dd:4b:0a:
         b2:7e:2b:91:70:3c:b0:09:41:ca:98:8e:da:c7:cf:e4:1f:cb:
         25:ec:65:81:66:9b:d2:ba:0f:d8:48:8d:9c:30:b5:2a:29:7b:
         a6:fa:24:2d:63:ac:54:04:0e:d9:b8:e7:4d:90:7a:4b:3e:cd:
         3c:42:01:c7:73:5e:11:4a:5b:9e:5c:77:55:e9:45:39:59:e8:
         2a:83:e1:3d:ed:b9:ae:3d:3c:27:4f:40:d6:a1:56:20:5c:a4:
         c7:3d:ad:6a:84:2e:b0:53:38:c3:c2:27:56:50:c5:85:49:b3:
         3e:c7:39:d5
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUcBDYB4JCc4PD4oeM9NLA/pnPqKgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzEyMDAxMTM0WhcNMjUwNDE2MjM1OTU5
WjB6MUkwRwYDVQQFE0AxZjZkODY3MGMyOTU2OWY0MjNiODc5YmE3Nzk3MTVlYWY5
NzJmOGIxZmU1ODY5MDI2MTczYTJjYzgyNzE5NTQ0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCdSxkFNvWTJiCQtQiyycpF3V7gXP33cAeEBqYxhbTiS+D4
3zwnVlKyCpWvunQNIINjpkHZ8UoVf/M0vTMMDGLsJQTwDmqVideK97NU8mJlTq4P
IaPRPpgMcjsIpnd96ulCVOAKAYN7pq9MLBp5aM9P2XA+d1eUwPlv6ajN/alJn4Yr
wZyLgaE8CMMlxQcqWDeqJdPn1OFRYwurF7o0y7p6bN6pOWJJN0zxhZxiEUVtPojo
3UFmE7QD5ziauNHT0MtPvYoy4pzxR5GfGXUijR8iRzoINcVDiXsAuc+Aag5A44c1
RkkncxqwiAOPFcyDmt0LpBpNJQ9M7FoIsv6YZ0bnAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU6hmJos4t+7gwVzh4uXukbObcCZ8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzlkZmU5YzIzLTMzOTAtNDRlMy04NTNkLTJhNWM5MjU2MmE2NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQdjANBgkqhkiG9w0BAQsFAAOCAQEAE38X5Pbx2pKHm40X89dGV4fwGUWn
lf6BncUfeZcsh1WOTDlAGlaTHnkAFXKVozaYBUgZ4WtZjqS6wb04ViGhliKhHCrN
S2/9zpFUN7ZJmvmHGjISHBPSPSN964rnMISkp3oBXqJOY4bnqhzIArqmYr7LjqeH
UXoxNPOd0siWjFf3zXFyrVhfVjD7nxII3UsKsn4rkXA8sAlBypiO2sfP5B/LJexl
gWab0roP2EiNnDC1Kil7pvokLWOsVAQO2bjnTZB6Sz7NPEIBx3NeEUpbnlx3VelF
OVnoKoPhPe25rj08J09A1qFWIFykxz2taoQusFM4w8InVlDFhUmzPsc51Q==
-----END CERTIFICATE-----