Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2983c2e1-ba11-40a6-9ad5-b5b22db61183.roa
File:                     2983c2e1-ba11-40a6-9ad5-b5b22db61183.roa (raw, json)
Hash identifier:          yJHeB8KuUQHnhEHqB/u3bYvZ9owiZXRHRMwWEIBA/OY=
Subject key identifier:   7F:70:1E:C0:05:35:8B:5E:D1:D4:E5:F0:50:4B:53:F2:66:67:0E:B7
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       22107E97D5CE0E0069DA2869673299E69FDF2ED5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2983c2e1-ba11-40a6-9ad5-b5b22db61183.roa
Signing time:             Sat 06 Sep 2025 00:00:20 +0000
ROA not before:           Sat 06 Sep 2025 00:00:20 +0000
ROA not after:            Sat 11 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        136.1.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 20 Sep 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:10:7e:97:d5:ce:0e:00:69:da:28:69:67:32:99:e6:9f:df:2e:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep  6 00:00:20 2025 GMT
            Not After : Oct 11 23:59:59 2025 GMT
        Subject: serialNumber=c45179dcba0e67c8f7744f7222bacfaee426e1a43a8b5d590c08d020e9587fc7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:dc:23:eb:32:0b:0d:f5:55:1b:5a:32:12:5e:
                    65:bf:90:aa:41:f7:5a:0f:1d:2d:44:f6:f2:72:3d:
                    df:f8:df:78:cc:5a:80:d2:11:4a:ff:d1:86:44:3b:
                    2a:7f:6e:38:34:0c:cc:02:3b:0f:0a:0f:f2:99:5c:
                    29:ec:4e:c9:a5:99:d6:dc:44:83:f7:f0:bb:05:79:
                    ef:31:3d:36:1d:25:fe:90:94:ec:db:e0:d4:6c:26:
                    9b:8b:17:a9:f4:d8:25:86:07:7b:39:1e:12:79:98:
                    ef:18:26:16:11:f1:20:ed:06:68:67:7e:85:e4:4a:
                    e3:78:86:21:e4:d9:af:c9:9e:f0:24:55:65:d1:8f:
                    6a:2d:9a:3f:dd:b9:3e:19:ac:46:bc:12:11:c5:70:
                    15:ef:29:fb:23:3c:e2:f3:c6:f7:b8:0d:eb:b1:6e:
                    68:e3:51:a8:57:70:2e:d2:3e:2c:8b:2c:91:9c:f0:
                    62:fd:e3:f8:c6:a9:9c:d4:d7:e0:c5:e6:1a:bf:a4:
                    25:cd:25:5e:56:aa:4d:21:32:1d:5c:7f:f7:40:88:
                    a9:93:36:56:e2:7d:f5:31:e1:41:0d:73:24:9b:78:
                    1e:2a:60:de:e2:84:59:04:9c:50:96:6a:9f:f3:50:
                    da:c1:ab:9c:90:78:3d:1d:26:c4:ba:14:9e:ef:61:
                    da:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:70:1E:C0:05:35:8B:5E:D1:D4:E5:F0:50:4B:53:F2:66:67:0E:B7
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2983c2e1-ba11-40a6-9ad5-b5b22db61183.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  136.1.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         d7:bc:53:02:96:42:9f:62:eb:ca:68:09:69:c7:78:e6:7e:c8:
         b9:f7:66:32:f7:31:20:e4:89:75:9c:f9:62:6d:1c:10:eb:e9:
         2c:44:0d:11:34:a8:3b:3f:9a:60:30:3c:72:6f:75:08:5f:a2:
         b7:ef:df:dc:22:b3:6c:6e:13:42:97:a5:00:af:d8:76:7f:3c:
         0f:2c:28:ba:3d:e6:3d:e6:0f:e3:58:ca:72:6e:2f:96:da:0c:
         d7:21:96:12:3a:6c:d2:cd:da:22:6d:f9:98:58:31:26:1e:31:
         b5:95:1f:b2:c7:0d:b0:ce:99:74:27:99:86:c5:22:42:94:59:
         cb:0b:9e:2c:70:e0:72:0a:6f:87:90:b1:b4:22:9f:12:51:27:
         49:00:53:3b:e1:4d:aa:7d:01:3c:3b:d1:76:0c:51:2d:d0:96:
         17:5b:be:09:63:29:16:8c:dd:c7:21:23:91:54:1a:74:9e:8f:
         6f:9b:2f:03:13:24:20:bb:71:7c:49:23:fa:93:76:a9:8d:c0:
         59:c8:cc:f7:35:48:15:cd:b8:e6:3c:db:6a:b5:5b:d7:f3:e9:
         d6:81:8e:9b:ca:0b:7d:4c:ab:d9:6e:1d:df:85:e5:44:40:fc:
         cf:48:67:ad:88:2a:8d:f4:de:8d:d9:ff:19:8c:41:d8:f0:7a:
         a5:c3:fc:3a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUIhB+l9XODgBp2ihpZzKZ5p/fLtUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTA2MDAwMDIwWhcNMjUxMDExMjM1OTU5
WjB6MUkwRwYDVQQFE0BjNDUxNzlkY2JhMGU2N2M4Zjc3NDRmNzIyMmJhY2ZhZWU0
MjZlMWE0M2E4YjVkNTkwYzA4ZDAyMGU5NTg3ZmM3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDV3CPrMgsN9VUbWjISXmW/kKpB91oPHS1E9vJyPd/433jM
WoDSEUr/0YZEOyp/bjg0DMwCOw8KD/KZXCnsTsmlmdbcRIP38LsFee8xPTYdJf6Q
lOzb4NRsJpuLF6n02CWGB3s5HhJ5mO8YJhYR8SDtBmhnfoXkSuN4hiHk2a/JnvAk
VWXRj2otmj/duT4ZrEa8EhHFcBXvKfsjPOLzxve4DeuxbmjjUahXcC7SPiyLLJGc
8GL94/jGqZzU1+DF5hq/pCXNJV5Wqk0hMh1cf/dAiKmTNlbiffUx4UENcySbeB4q
YN7ihFkEnFCWap/zUNrBq5yQeD0dJsS6FJ7vYdo1AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUf3AewAU1i17R1OXwUEtT8mZnDrcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI5ODNjMmUxLWJhMTEtNDBhNi05YWQ1LWI1YjIyZGI2MTE4My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCIATANBgkqhkiG9w0BAQsFAAOCAQEA17xTApZCn2LrymgJacd45n7Iufdm
MvcxIOSJdZz5Ym0cEOvpLEQNETSoOz+aYDA8cm91CF+it+/f3CKzbG4TQpelAK/Y
dn88Dywouj3mPeYP41jKcm4vltoM1yGWEjps0s3aIm35mFgxJh4xtZUfsscNsM6Z
dCeZhsUiQpRZywueLHDgcgpvh5CxtCKfElEnSQBTO+FNqn0BPDvRdgxRLdCWF1u+
CWMpFozdxyEjkVQadJ6Pb5svAxMkILtxfEkj+pN2qY3AWcjM9zVIFc245jzbarVb
1/Pp1oGOm8oLfUyr2W4d34XlRED8z0hnrYgqjfTejdn/GYxB2PB6pcP8Og==
-----END CERTIFICATE-----