Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/113d5556-8776-4980-8481-4392894f76ea.roa
File:                     113d5556-8776-4980-8481-4392894f76ea.roa (raw, json)
Hash identifier:          yn1DPAqmK5mpehST1EHmf5U8vw9RRbFLO9Vb75Sz4+M=
Subject key identifier:   A9:62:C5:D8:87:21:C8:30:EA:F8:1A:E4:AD:6B:C8:D2:FD:7C:D9:17
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0AECD4B9A814AA4DE9A3CF1AF6F12B239B6CAAD4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/113d5556-8776-4980-8481-4392894f76ea.roa
Signing time:             Mon 07 Apr 2025 15:11:31 +0000
ROA not before:           Mon 07 Apr 2025 15:11:31 +0000
ROA not after:            Mon 12 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.94.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 17 Apr 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:ec:d4:b9:a8:14:aa:4d:e9:a3:cf:1a:f6:f1:2b:23:9b:6c:aa:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr  7 15:11:31 2025 GMT
            Not After : May 12 23:59:59 2025 GMT
        Subject: serialNumber=a8332fac360a359f060057071e89d968e7990868e9bea347f3e475a0576a9686, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:8d:98:1f:7c:18:af:6b:3c:43:f0:d7:a9:a7:
                    dd:d9:f4:e9:fd:07:53:37:a3:7a:74:de:00:2d:54:
                    57:19:1e:79:b1:ea:9a:18:85:c5:2e:a5:62:07:c6:
                    ac:bd:b6:59:72:b1:0f:99:9b:87:40:c8:73:3c:a2:
                    5d:56:ef:f4:c4:13:f6:86:94:04:d1:86:57:55:82:
                    43:7e:17:79:2a:ac:ff:3d:3e:e9:fb:be:e8:43:1a:
                    3f:3d:36:4b:95:f8:f5:be:72:dc:d8:a9:ad:cd:f3:
                    29:c9:de:c6:fe:97:07:00:54:7c:b0:10:76:92:28:
                    ce:ea:03:f9:c2:62:2d:65:41:f7:33:6e:99:e7:17:
                    bc:77:d0:96:f6:11:74:b8:92:7a:02:f6:58:6c:3e:
                    77:da:61:86:7d:76:41:cb:27:93:25:93:ac:72:ce:
                    b7:80:35:c3:b3:a2:7b:62:b2:64:d9:7b:25:7e:8e:
                    de:16:4a:e6:f2:88:c3:a8:59:ff:01:ce:32:72:8d:
                    87:65:a6:4b:33:a7:4b:19:97:a3:04:77:f2:b1:ac:
                    db:15:84:1a:ce:ef:d8:e9:ab:e9:ef:d0:92:e4:e4:
                    89:08:62:6a:8b:92:f1:3c:db:19:8e:2e:0d:f1:85:
                    e8:c0:56:63:54:b4:dc:0a:6b:5a:43:cc:99:8a:92:
                    27:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:62:C5:D8:87:21:C8:30:EA:F8:1A:E4:AD:6B:C8:D2:FD:7C:D9:17
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/113d5556-8776-4980-8481-4392894f76ea.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.94.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         72:c4:98:5c:e4:71:6f:f7:4f:78:dc:b4:13:20:ee:10:7c:de:
         60:0d:94:74:46:99:8d:f3:80:fa:0c:be:20:81:80:ff:c7:2f:
         59:9d:62:7c:e7:31:98:65:49:fe:6c:ff:a5:df:0c:78:62:72:
         d3:bb:2b:02:61:cd:1a:45:94:b4:51:f8:75:08:e0:2c:31:06:
         d1:4f:18:3c:f6:7b:2a:83:08:34:e0:97:87:82:c4:76:84:06:
         5d:fc:86:41:62:dc:dc:92:af:49:05:bf:17:2c:6f:f1:10:c5:
         be:50:43:3d:90:b5:78:3c:04:0f:8b:d2:84:a6:74:7e:75:84:
         9b:8b:b3:79:95:28:06:67:b8:a8:1e:2c:be:1c:c2:cd:1e:f7:
         bb:d3:fc:86:e2:11:d3:e2:57:3a:93:e8:ed:2d:48:ba:ba:b3:
         d5:2a:3b:a0:c0:12:7d:fd:ba:84:84:58:37:ab:41:5e:57:92:
         42:85:ae:0a:58:ac:ce:0b:38:93:e7:29:6d:37:d4:48:b3:87:
         3b:77:3a:9a:c1:19:76:08:a2:f0:a9:dd:33:f9:67:15:37:b3:
         54:a9:89:0b:6f:63:9b:da:88:60:1a:62:88:91:35:9a:59:4f:
         a6:67:b2:9a:37:d0:9b:e3:1a:b4:0a:03:02:2c:a0:a6:60:db:
         cf:b5:09:e7
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUCuzUuagUqk3po88a9vErI5tsqtQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDA3MTUxMTMxWhcNMjUwNTEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BhODMzMmZhYzM2MGEzNTlmMDYwMDU3MDcxZTg5ZDk2OGU3
OTkwODY4ZTliZWEzNDdmM2U0NzVhMDU3NmE5Njg2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC8jZgffBivazxD8Nepp93Z9On9B1M3o3p03gAtVFcZHnmx
6poYhcUupWIHxqy9tllysQ+Zm4dAyHM8ol1W7/TEE/aGlATRhldVgkN+F3kqrP89
Pun7vuhDGj89NkuV+PW+ctzYqa3N8ynJ3sb+lwcAVHywEHaSKM7qA/nCYi1lQfcz
bpnnF7x30Jb2EXS4knoC9lhsPnfaYYZ9dkHLJ5Mlk6xyzreANcOzontismTZeyV+
jt4WSubyiMOoWf8BzjJyjYdlpkszp0sZl6MEd/KxrNsVhBrO79jpq+nv0JLk5IkI
YmqLkvE82xmOLg3xhejAVmNUtNwKa1pDzJmKkic7AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUqWLF2IchyDDq+BrkrWvI0v182RcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzExM2Q1NTU2LTg3NzYtNDk4MC04NDgxLTQzOTI4OTRmNzZlYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQXjANBgkqhkiG9w0BAQsFAAOCAQEAcsSYXORxb/dPeNy0EyDuEHzeYA2U
dEaZjfOA+gy+IIGA/8cvWZ1ifOcxmGVJ/mz/pd8MeGJy07srAmHNGkWUtFH4dQjg
LDEG0U8YPPZ7KoMINOCXh4LEdoQGXfyGQWLc3JKvSQW/Fyxv8RDFvlBDPZC1eDwE
D4vShKZ0fnWEm4uzeZUoBme4qB4svhzCzR73u9P8huIR0+JXOpPo7S1Iurqz1So7
oMASff26hIRYN6tBXleSQoWuCliszgs4k+cpbTfUSLOHO3c6msEZdgii8KndM/ln
FTezVKmJC29jm9qIYBpiiJE1mllPpmeymjfQm+MatAoDAiygpmDbz7UJ5w==
-----END CERTIFICATE-----