Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7c7c07ee-0917-41f8-997b-d5253ad56cb3.roa
File:                     7c7c07ee-0917-41f8-997b-d5253ad56cb3.roa (raw, json)
Hash identifier:          pHNoc9s6n+2x1882g/tbU0W70YU7zLXNcRKQKUMiLNc=
Subject key identifier:   5B:72:AA:D8:CE:14:D7:C0:8C:EA:FD:70:88:39:B3:03:3F:F3:D9:2A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2EFB52DA1D80CD0AF71FA41CA26053E65E2498FB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7c7c07ee-0917-41f8-997b-d5253ad56cb3.roa
Signing time:             Mon 26 May 2025 15:02:03 +0000
ROA not before:           Mon 26 May 2025 15:02:03 +0000
ROA not after:            Mon 30 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        137.160.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:fb:52:da:1d:80:cd:0a:f7:1f:a4:1c:a2:60:53:e6:5e:24:98:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 26 15:02:03 2025 GMT
            Not After : Jun 30 23:59:59 2025 GMT
        Subject: serialNumber=21a104a248558144c58acc3ca184392fad6dc3105dcebb24a29f5f96d974b637, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:81:ba:db:86:a5:48:5c:6e:ce:8d:12:bf:e7:
                    35:5a:a0:8d:5b:7b:32:9c:36:4c:0f:c5:8f:8c:a9:
                    1a:b3:4c:2b:71:c6:44:c7:f5:d7:96:a5:71:11:72:
                    21:23:56:cb:5d:d0:e6:3b:13:bb:dc:e1:4d:5d:eb:
                    b1:e3:df:33:93:07:e0:14:63:88:90:86:d7:28:ca:
                    32:29:16:2f:85:5e:f0:f8:1b:a7:0b:02:bb:0e:16:
                    f2:17:7a:e0:49:61:3f:af:f3:4d:97:8e:06:aa:ef:
                    29:6e:57:61:63:30:0a:d8:2b:c4:9f:33:09:cb:f8:
                    01:fb:28:0f:e3:85:56:22:39:d2:e9:bd:69:54:ff:
                    95:9c:21:82:e4:c5:bb:77:c3:0f:c6:3e:2b:6f:23:
                    42:79:bf:bb:46:0c:60:cc:97:30:01:5a:0a:b8:1f:
                    ab:95:42:7d:4c:e2:fb:e5:52:a1:69:78:4f:9f:c8:
                    e8:3b:c4:31:92:05:82:70:e4:09:1e:29:0e:aa:74:
                    de:3c:0c:20:82:4b:b3:31:05:3f:3c:18:72:8d:d4:
                    39:fd:5e:55:f2:7d:2a:96:a9:fe:69:5b:e6:f0:c4:
                    e8:d3:35:d1:87:24:37:d4:b4:71:81:ec:76:44:60:
                    c5:8e:b6:5a:cf:14:f4:35:1d:95:b6:b1:dd:f1:97:
                    ac:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:72:AA:D8:CE:14:D7:C0:8C:EA:FD:70:88:39:B3:03:3F:F3:D9:2A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7c7c07ee-0917-41f8-997b-d5253ad56cb3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  137.160.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         5d:e7:68:c1:2a:1e:69:76:7f:c7:7e:ed:3f:1e:60:e7:06:9f:
         f7:28:69:41:07:8a:9c:03:97:7d:e2:33:ff:5f:43:87:b5:4d:
         18:c8:e5:1c:51:8b:e8:f4:cb:d2:81:5c:18:22:88:d6:48:5d:
         64:dc:9b:95:66:10:0d:ba:11:a7:c6:9f:7b:92:4b:cf:91:0d:
         62:48:88:da:7e:53:33:db:21:27:18:a8:e1:41:30:51:8b:0d:
         00:0e:bd:c3:61:de:6d:9b:75:45:6f:d6:4d:b7:45:b2:90:d5:
         57:d0:7a:2b:23:00:dc:55:4b:9a:f1:9f:f7:55:ae:6c:6d:3d:
         36:ae:e9:5c:8f:42:35:b4:99:ac:ab:13:33:1b:fe:6e:de:29:
         67:d4:6c:03:ce:d1:2d:8e:fd:79:5c:4d:56:64:8c:25:3f:37:
         2b:9b:07:f4:37:6d:f6:c0:1c:3a:f1:54:81:20:ca:11:e7:82:
         4c:18:58:2c:5e:86:32:f6:73:cf:06:bd:0d:32:ac:be:12:17:
         39:3e:68:67:9f:45:0f:73:4d:84:e0:6d:f0:67:18:3c:a5:91:
         5d:fe:cb:80:4a:a9:ee:37:ab:ff:af:99:94:3e:9b:f7:e7:a4:
         00:57:7f:ed:1e:07:46:ae:62:e3:d5:3f:74:c5:1d:17:90:cb:
         ce:f5:08:6c
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIULvtS2h2AzQr3H6QcomBT5l4kmPswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTI2MTUwMjAzWhcNMjUwNjMwMjM1OTU5
WjB6MUkwRwYDVQQFE0AyMWExMDRhMjQ4NTU4MTQ0YzU4YWNjM2NhMTg0MzkyZmFk
NmRjMzEwNWRjZWJiMjRhMjlmNWY5NmQ5NzRiNjM3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvgbrbhqVIXG7OjRK/5zVaoI1bezKcNkwPxY+MqRqzTCtx
xkTH9deWpXERciEjVstd0OY7E7vc4U1d67Hj3zOTB+AUY4iQhtcoyjIpFi+FXvD4
G6cLArsOFvIXeuBJYT+v802Xjgaq7yluV2FjMArYK8SfMwnL+AH7KA/jhVYiOdLp
vWlU/5WcIYLkxbt3ww/GPitvI0J5v7tGDGDMlzABWgq4H6uVQn1M4vvlUqFpeE+f
yOg7xDGSBYJw5AkeKQ6qdN48DCCCS7MxBT88GHKN1Dn9XlXyfSqWqf5pW+bwxOjT
NdGHJDfUtHGB7HZEYMWOtlrPFPQ1HZW2sd3xl6yFAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUW3Kq2M4U18CM6v1wiDmzAz/z2SowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdjN2MwN2VlLTA5MTctNDFmOC05OTdiLWQ1MjUzYWQ1NmNiMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCJoDANBgkqhkiG9w0BAQsFAAOCAQEAXedowSoeaXZ/x37tPx5g5waf9yhp
QQeKnAOXfeIz/19Dh7VNGMjlHFGL6PTL0oFcGCKI1khdZNyblWYQDboRp8afe5JL
z5ENYkiI2n5TM9shJxio4UEwUYsNAA69w2HebZt1RW/WTbdFspDVV9B6KyMA3FVL
mvGf91WubG09Nq7pXI9CNbSZrKsTMxv+bt4pZ9RsA87RLY79eVxNVmSMJT83K5sH
9Ddt9sAcOvFUgSDKEeeCTBhYLF6GMvZzzwa9DTKsvhIXOT5oZ59FD3NNhOBt8GcY
PKWRXf7LgEqp7jer/6+ZlD6b9+ekAFd/7R4HRq5i49U/dMUdF5DLzvUIbA==
-----END CERTIFICATE-----