Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bfc06570-1c08-42bc-91fd-3d5ee81024c4.roa
File:                     bfc06570-1c08-42bc-91fd-3d5ee81024c4.roa (raw, json)
Hash identifier:          vc7F4Leko1wMGmNW3+C76ZRjJE78sYcSx64S2y/bx3o=
Subject key identifier:   CD:6A:D5:F6:05:CE:33:D1:6C:22:5A:E6:7C:F1:50:FD:8E:91:A7:AE
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0A8CBA359DE63CAFCE94A69B652E285938695627
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bfc06570-1c08-42bc-91fd-3d5ee81024c4.roa
Signing time:             Sat 17 May 2025 00:00:32 +0000
ROA not before:           Sat 17 May 2025 00:00:32 +0000
ROA not after:            Sat 21 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        110.238.4.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:8c:ba:35:9d:e6:3c:af:ce:94:a6:9b:65:2e:28:59:38:69:56:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 17 00:00:32 2025 GMT
            Not After : Jun 21 23:59:59 2025 GMT
        Subject: serialNumber=cda628c3b4fc93c97a525b521ce6dfb660fc4f7f1ecd2e9d575fcdbf428df9d8, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:e5:78:82:62:ef:2f:4f:cf:0b:df:52:17:e9:
                    1f:79:37:eb:f1:48:b0:fa:6e:42:1b:5c:eb:e2:cb:
                    73:ab:40:65:a6:24:3a:70:d6:94:6b:a4:18:47:90:
                    5c:b1:f1:c4:5d:a7:68:6f:d3:c8:49:b1:64:46:7e:
                    c4:94:c2:ab:a5:29:99:cb:3b:01:57:17:bf:4b:22:
                    fc:53:32:32:be:06:9c:1c:02:3d:fc:34:b6:90:a9:
                    78:ec:e0:23:28:c4:b4:41:ae:de:88:06:4a:b4:c9:
                    f7:3c:70:e5:d9:9a:04:66:30:c9:6e:c7:42:1a:c0:
                    9d:97:e3:e2:fe:d2:79:21:5d:ad:fd:26:7f:57:bf:
                    68:f2:4f:3c:99:c8:40:a9:cc:3f:0e:7b:94:d8:fc:
                    23:64:4b:0e:c9:b4:0e:3f:1a:9c:cb:63:3f:d2:66:
                    31:cb:91:71:a5:57:6b:c7:67:85:14:f3:2d:6e:55:
                    b5:17:33:f3:25:5c:cc:54:e6:d5:46:e8:63:5a:fe:
                    f3:2d:fe:03:df:fb:f0:f7:e7:a6:60:77:38:6e:dd:
                    3e:6c:f5:b8:72:fd:31:37:4e:43:cb:fe:25:04:42:
                    a9:a3:9c:f2:ba:19:a7:19:74:0a:42:89:f1:01:c7:
                    5d:da:48:41:cd:5d:d5:0a:72:cc:2e:1a:f0:b5:f5:
                    db:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:6A:D5:F6:05:CE:33:D1:6C:22:5A:E6:7C:F1:50:FD:8E:91:A7:AE
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bfc06570-1c08-42bc-91fd-3d5ee81024c4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  110.238.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         bc:3f:8c:15:3e:f9:52:7f:5d:4c:d3:e7:44:31:e8:47:4f:c7:
         36:a4:29:7f:5a:53:36:1b:08:11:a6:7b:a5:ed:aa:bd:70:ff:
         68:3e:56:a2:6c:73:45:15:2d:db:93:4d:b3:b8:9f:79:98:4b:
         a1:31:67:43:71:89:6e:9d:07:64:f6:ca:ca:4d:b1:25:e1:bf:
         71:76:d7:92:26:7b:64:c7:d6:43:b2:4c:07:41:e7:4e:79:e4:
         31:9e:2c:c2:00:d9:7e:63:01:cf:cc:53:31:dd:af:0c:b0:39:
         96:27:27:13:b8:8f:4e:0a:8b:a6:ea:9c:fa:39:6c:b5:45:85:
         54:d5:5a:9e:c1:bb:e6:5a:4e:96:82:23:7e:3a:43:da:5a:f6:
         f0:cd:b5:f2:88:86:e0:0d:12:90:11:c9:10:7c:90:9e:f0:aa:
         71:0e:00:ce:08:7c:2c:97:7d:ac:df:9a:73:c3:be:89:1d:03:
         6f:4e:83:bb:02:d1:95:b8:70:52:d7:4f:92:4e:15:f4:95:c2:
         24:da:59:88:fd:15:53:0c:ab:b3:7c:f9:81:e0:22:3f:78:ae:
         78:5f:c7:25:6a:75:98:5f:e0:f0:63:a8:e3:eb:da:94:cc:9e:
         ac:99:f0:94:a5:46:25:fb:e2:28:6a:ab:b2:8e:e7:b8:f7:4a:
         f1:a6:b4:46
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCoy6NZ3mPK/OlKabZS4oWThpVicwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTE3MDAwMDMyWhcNMjUwNjIxMjM1OTU5
WjB6MUkwRwYDVQQFE0BjZGE2MjhjM2I0ZmM5M2M5N2E1MjViNTIxY2U2ZGZiNjYw
ZmM0ZjdmMWVjZDJlOWQ1NzVmY2RiZjQyOGRmOWQ4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCL5XiCYu8vT88L31IX6R95N+vxSLD6bkIbXOviy3OrQGWm
JDpw1pRrpBhHkFyx8cRdp2hv08hJsWRGfsSUwqulKZnLOwFXF79LIvxTMjK+Bpwc
Aj38NLaQqXjs4CMoxLRBrt6IBkq0yfc8cOXZmgRmMMlux0IawJ2X4+L+0nkhXa39
Jn9Xv2jyTzyZyECpzD8Oe5TY/CNkSw7JtA4/GpzLYz/SZjHLkXGlV2vHZ4UU8y1u
VbUXM/MlXMxU5tVG6GNa/vMt/gPf+/D356Zgdzhu3T5s9bhy/TE3TkPL/iUEQqmj
nPK6GacZdApCifEBx13aSEHNXdUKcswuGvC19dtzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUzWrV9gXOM9FsIlrmfPFQ/Y6Rp64wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JmYzA2NTcwLTFjMDgtNDJiYy05MWZkLTNkNWVlODEwMjRjNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJu7gQwDQYJKoZIhvcNAQELBQADggEBALw/jBU++VJ/XUzT50Qx6EdPxzak
KX9aUzYbCBGme6Xtqr1w/2g+VqJsc0UVLduTTbO4n3mYS6ExZ0NxiW6dB2T2yspN
sSXhv3F215Ime2TH1kOyTAdB50555DGeLMIA2X5jAc/MUzHdrwywOZYnJxO4j04K
i6bqnPo5bLVFhVTVWp7Bu+ZaTpaCI346Q9pa9vDNtfKIhuANEpARyRB8kJ7wqnEO
AM4IfCyXfazfmnPDvokdA29Og7sC0ZW4cFLXT5JOFfSVwiTaWYj9FVMMq7N8+YHg
Ij94rnhfxyVqdZhf4PBjqOPr2pTMnqyZ8JSlRiX74ihqq7KO57j3SvGmtEY=
-----END CERTIFICATE-----