Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/646c43c0-5fb0-40e1-9466-05bdc0cdc3f1.roa
File:                     646c43c0-5fb0-40e1-9466-05bdc0cdc3f1.roa (raw, json)
Hash identifier:          1T37CR4Tkr3tD0G0Aen1/qmFWHtvHzblz+1IZe9P8Q8=
Subject key identifier:   C0:74:3D:14:63:2C:DF:2E:26:BD:1E:CA:6F:5F:08:08:E3:12:A1:DE
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       233F3CB74889A4BB28C66F486A49E1FB15ED6C62
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/646c43c0-5fb0-40e1-9466-05bdc0cdc3f1.roa
Signing time:             Mon 19 May 2025 16:52:03 +0000
ROA not before:           Mon 19 May 2025 16:52:03 +0000
ROA not after:            Mon 23 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        174.129.192.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 05 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:3f:3c:b7:48:89:a4:bb:28:c6:6f:48:6a:49:e1:fb:15:ed:6c:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 19 16:52:03 2025 GMT
            Not After : Jun 23 23:59:59 2025 GMT
        Subject: serialNumber=654369fafcdbb5644b7326df243dd765fc9561bb07ecae9592ee4f6273f9bd6f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:f1:fa:72:cd:01:b9:b3:f3:cb:bc:63:7a:78:
                    ec:c6:1b:c6:d0:a4:0e:d4:d1:f7:e2:ad:b2:e5:e7:
                    f2:88:92:d3:5a:62:ca:8d:1b:b4:5c:aa:95:48:31:
                    60:75:b2:03:e8:c9:64:e5:02:a7:c8:a5:48:8e:cf:
                    14:db:ed:18:0c:02:3d:fb:9b:0b:1f:9d:75:d1:e5:
                    12:98:e1:95:cc:43:ef:d7:89:fa:43:91:42:9e:f5:
                    ed:a6:d4:31:35:b2:dc:22:28:2f:6e:4b:8a:8e:0c:
                    46:de:f0:1e:0e:57:50:6e:03:b5:1c:0f:b2:90:0b:
                    08:99:cf:48:8e:0b:6a:a4:9f:df:f5:a2:b7:af:7c:
                    70:bf:be:74:01:70:3d:d7:2b:cd:57:a8:a8:90:77:
                    a4:4a:41:3d:d2:8e:c6:0c:ba:31:95:4c:26:5b:09:
                    2c:dd:5f:2e:82:c1:e5:69:92:2e:b9:d8:dd:98:71:
                    a9:ee:e7:f0:f0:f1:f3:60:34:38:d5:25:ac:0a:31:
                    a9:28:18:b8:ba:37:d4:fe:b8:d6:f5:1c:9f:98:65:
                    7b:a2:9a:4b:01:9f:28:d8:b5:05:64:44:c0:ab:9c:
                    f8:f2:1a:77:0b:29:03:ac:3f:87:ee:87:03:49:26:
                    6a:f0:34:5e:b6:6e:cb:68:58:63:cf:ed:e8:8e:de:
                    44:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:74:3D:14:63:2C:DF:2E:26:BD:1E:CA:6F:5F:08:08:E3:12:A1:DE
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/646c43c0-5fb0-40e1-9466-05bdc0cdc3f1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  174.129.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         7d:e7:b7:65:d1:fb:f2:c0:dc:40:56:bb:24:da:ff:8f:2e:b7:
         2c:ed:4e:09:ee:7b:f1:26:ae:55:28:c3:07:4a:db:11:ff:b5:
         6a:87:a7:c6:c4:45:02:c2:ef:e2:17:17:44:63:12:4f:f1:eb:
         02:c8:83:27:d7:50:d2:de:4c:0e:d5:52:9c:bc:7e:a8:7d:45:
         5b:9b:8b:95:e1:d8:67:59:20:d2:50:ad:93:70:15:ec:d3:5f:
         73:52:2c:a9:7b:95:54:e6:10:fe:09:d1:b9:ff:35:09:84:6f:
         58:2d:ed:27:1d:a9:f4:e6:0a:71:cc:54:63:00:57:f6:aa:e0:
         b5:96:41:05:7d:25:f7:02:0d:78:54:0e:71:a0:c8:7f:e8:13:
         2b:c7:be:8a:f8:69:d2:94:88:dc:d4:12:6e:5e:a8:38:5c:8a:
         c5:dc:6b:15:a5:1b:65:37:5d:8f:ba:bc:6e:1f:c7:3b:a8:2e:
         3a:c0:64:e4:6a:66:32:ba:c2:96:cf:99:ea:d7:0b:21:7c:b9:
         cf:71:c1:98:e7:a8:ba:f0:16:af:77:73:7a:bc:16:24:aa:12:
         c2:26:b7:d0:32:8f:a9:57:89:1e:67:6c:1c:c2:e0:d6:d2:7c:
         5d:04:49:76:5a:05:b3:56:72:8a:2d:b4:8e:aa:d8:20:d2:0e:
         5d:ef:15:e1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIz88t0iJpLsoxm9Iaknh+xXtbGIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTE5MTY1MjAzWhcNMjUwNjIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A2NTQzNjlmYWZjZGJiNTY0NGI3MzI2ZGYyNDNkZDc2NWZj
OTU2MWJiMDdlY2FlOTU5MmVlNGY2MjczZjliZDZmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCa8fpyzQG5s/PLvGN6eOzGG8bQpA7U0ffirbLl5/KIktNa
YsqNG7RcqpVIMWB1sgPoyWTlAqfIpUiOzxTb7RgMAj37mwsfnXXR5RKY4ZXMQ+/X
ifpDkUKe9e2m1DE1stwiKC9uS4qODEbe8B4OV1BuA7UcD7KQCwiZz0iOC2qkn9/1
orevfHC/vnQBcD3XK81XqKiQd6RKQT3SjsYMujGVTCZbCSzdXy6CweVpki652N2Y
canu5/Dw8fNgNDjVJawKMakoGLi6N9T+uNb1HJ+YZXuimksBnyjYtQVkRMCrnPjy
GncLKQOsP4fuhwNJJmrwNF62bstoWGPP7eiO3kS3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUwHQ9FGMs3y4mvR7Kb18ICOMSod4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY0NmM0M2MwLTVmYjAtNDBlMS05NDY2LTA1YmRjMGNkYzNmMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAaugcAwDQYJKoZIhvcNAQELBQADggEBAH3nt2XR+/LA3EBWuyTa/48utyzt
Tgnue/EmrlUowwdK2xH/tWqHp8bERQLC7+IXF0RjEk/x6wLIgyfXUNLeTA7VUpy8
fqh9RVubi5Xh2GdZINJQrZNwFezTX3NSLKl7lVTmEP4J0bn/NQmEb1gt7ScdqfTm
CnHMVGMAV/aq4LWWQQV9JfcCDXhUDnGgyH/oEyvHvor4adKUiNzUEm5eqDhcisXc
axWlG2U3XY+6vG4fxzuoLjrAZORqZjK6wpbPmerXCyF8uc9xwZjnqLrwFq93c3q8
FiSqEsImt9Ayj6lXiR5nbBzC4NbSfF0ESXZaBbNWcoottI6q2CDSDl3vFeE=
-----END CERTIFICATE-----