Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1c135327-ca35-4503-a212-cddd775338fc.roa
File:                     1c135327-ca35-4503-a212-cddd775338fc.roa (raw, json)
Hash identifier:          AtbAyKueCsXh7L/G2mbtut8NGO6vANLrLc03E7OKT2w=
Subject key identifier:   DA:C4:32:1C:F5:69:3E:D7:3D:D9:E6:94:9B:47:7D:B6:88:5E:C8:75
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2BD4F2C755C47ECCA059FAB77A0D07E4F51CB49C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1c135327-ca35-4503-a212-cddd775338fc.roa
Signing time:             Tue 12 Aug 2025 00:41:01 +0000
ROA not before:           Tue 12 Aug 2025 00:41:01 +0000
ROA not after:            Tue 16 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        57.201.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 21 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:d4:f2:c7:55:c4:7e:cc:a0:59:fa:b7:7a:0d:07:e4:f5:1c:b4:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 12 00:41:01 2025 GMT
            Not After : Sep 16 23:59:59 2025 GMT
        Subject: serialNumber=cdf5f9a87955889e1490b638a0806891fd2b7c6cc7e397a7bc70673245990fa6, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:6b:1d:3f:fd:f7:dd:d3:24:c5:99:ab:72:4e:
                    4c:78:ea:8c:92:77:62:cf:40:ac:25:d8:11:6c:2a:
                    09:f4:d1:d8:8b:31:ef:15:d2:c6:73:f5:83:79:16:
                    b6:57:6f:7e:20:54:a9:2c:79:20:01:80:e6:c7:1a:
                    e6:a1:32:a5:22:5e:15:12:a6:9f:35:a6:fb:62:99:
                    92:ca:21:47:9c:f9:e7:94:5c:73:40:be:79:cd:af:
                    c5:b3:2e:34:a7:e2:c4:35:e1:a4:d7:88:53:0c:40:
                    fa:48:f0:65:16:a4:46:fa:53:a1:11:8b:d6:97:ba:
                    c5:a6:30:5a:aa:d0:c3:3c:ca:6c:c5:45:78:bf:12:
                    f3:fd:88:5c:40:c1:1e:8d:41:53:b0:a9:00:9a:7e:
                    44:b6:61:49:39:92:67:12:32:2c:66:2b:7d:fa:74:
                    f7:d5:ea:c3:ea:78:d0:28:5a:8d:6e:a4:22:5c:7c:
                    4b:cd:48:47:fa:0c:27:1a:b6:80:5c:67:70:98:f6:
                    d0:24:69:32:89:38:be:36:bf:76:48:62:66:2b:62:
                    6b:c2:13:4d:2c:26:c2:56:10:7b:fb:6c:59:bd:8f:
                    54:65:db:0d:d1:65:69:de:6f:8b:8e:73:41:b7:04:
                    68:1a:1d:a6:8f:e0:ab:1d:b9:0a:32:96:c1:00:89:
                    c9:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:C4:32:1C:F5:69:3E:D7:3D:D9:E6:94:9B:47:7D:B6:88:5E:C8:75
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1c135327-ca35-4503-a212-cddd775338fc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  57.201.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         27:8d:8d:0c:ec:ac:01:8c:30:b1:1b:b2:98:88:95:6c:ad:7e:
         7a:c7:8f:e3:01:30:e9:47:ae:a1:eb:20:2e:9a:96:43:f7:56:
         53:6d:05:4b:49:3d:9c:9d:ef:3d:57:45:3b:a8:10:74:50:de:
         08:ca:a1:bd:db:3a:5f:17:ee:16:33:1f:09:b1:90:09:b2:58:
         5c:0a:c5:8e:41:8f:ab:cb:2c:04:19:6a:55:5a:1a:27:eb:24:
         81:99:4f:03:17:df:86:bc:03:12:6b:e9:83:a3:d7:de:28:c3:
         85:d0:ef:66:76:66:51:ad:92:48:68:62:c3:7a:55:ab:a0:3d:
         e6:9c:8e:8c:b0:60:0b:6c:f7:79:cf:15:97:ce:5f:47:fd:aa:
         49:e9:5e:42:06:75:c8:11:30:f0:64:7f:91:77:18:76:d6:60:
         60:f4:a9:4e:d0:e1:a4:b8:3d:16:30:61:ef:17:35:29:58:bb:
         34:7d:1b:b5:b1:8c:80:ad:5e:45:8f:4d:ba:32:e9:c8:74:77:
         58:94:82:3e:06:6d:cb:2e:98:cc:f5:0f:59:23:0a:c8:c3:80:
         0f:4e:b7:25:8f:a6:9a:ed:04:19:7c:e9:3c:f8:30:80:5a:b1:
         c8:7d:71:41:11:b1:7a:81:84:be:8f:9d:ef:67:2a:ac:5e:31:
         ae:de:12:73
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUK9Tyx1XEfsygWfq3eg0H5PUctJwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODEyMDA0MTAxWhcNMjUwOTE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BjZGY1ZjlhODc5NTU4ODllMTQ5MGI2MzhhMDgwNjg5MWZk
MmI3YzZjYzdlMzk3YTdiYzcwNjczMjQ1OTkwZmE2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDOax0//ffd0yTFmatyTkx46oySd2LPQKwl2BFsKgn00diL
Me8V0sZz9YN5FrZXb34gVKkseSABgObHGuahMqUiXhUSpp81pvtimZLKIUec+eeU
XHNAvnnNr8WzLjSn4sQ14aTXiFMMQPpI8GUWpEb6U6ERi9aXusWmMFqq0MM8ymzF
RXi/EvP9iFxAwR6NQVOwqQCafkS2YUk5kmcSMixmK336dPfV6sPqeNAoWo1upCJc
fEvNSEf6DCcatoBcZ3CY9tAkaTKJOL42v3ZIYmYrYmvCE00sJsJWEHv7bFm9j1Rl
2w3RZWneb4uOc0G3BGgaHaaP4KsduQoylsEAicmPAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU2sQyHPVpPtc92eaUm0d9toheyHUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzFjMTM1MzI3LWNhMzUtNDUwMy1hMjEyLWNkZGQ3NzUzMzhmYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA5yTANBgkqhkiG9w0BAQsFAAOCAQEAJ42NDOysAYwwsRuymIiVbK1+eseP
4wEw6UeuoesgLpqWQ/dWU20FS0k9nJ3vPVdFO6gQdFDeCMqhvds6XxfuFjMfCbGQ
CbJYXArFjkGPq8ssBBlqVVoaJ+skgZlPAxffhrwDEmvpg6PX3ijDhdDvZnZmUa2S
SGhiw3pVq6A95pyOjLBgC2z3ec8Vl85fR/2qSeleQgZ1yBEw8GR/kXcYdtZgYPSp
TtDhpLg9FjBh7xc1KVi7NH0btbGMgK1eRY9NujLpyHR3WJSCPgZtyy6YzPUPWSMK
yMOAD063JY+mmu0EGXzpPPgwgFqxyH1xQRGxeoGEvo+d72cqrF4xrt4Scw==
-----END CERTIFICATE-----