Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c157daeb-02b3-4c76-8856-8cd67b712856.roa
File:                     c157daeb-02b3-4c76-8856-8cd67b712856.roa (raw, json)
Hash identifier:          EstiZ6uVE6ViggyaX/sHAvNORh8cpYYiATPJO1Esq+I=
Subject key identifier:   65:90:AC:0E:18:EA:65:C5:1B:0C:D9:2A:1E:A1:7D:F4:F6:00:32:C1
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3D6F22B4BBE5F823CD9DE945320E553F36B854AB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c157daeb-02b3-4c76-8856-8cd67b712856.roa
Signing time:             Wed 28 May 2025 00:31:13 +0000
ROA not before:           Wed 28 May 2025 00:31:13 +0000
ROA not after:            Wed 02 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        57.75.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:6f:22:b4:bb:e5:f8:23:cd:9d:e9:45:32:0e:55:3f:36:b8:54:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 28 00:31:13 2025 GMT
            Not After : Jul  2 23:59:59 2025 GMT
        Subject: serialNumber=6e6f7b37f9f2e875764c26d28a5f398b0df83373d629422a5d4c8b2839227c86, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:aa:8e:da:70:08:51:5c:a7:ac:f9:93:af:61:
                    c5:5e:74:a3:b2:82:7e:e5:fc:ef:2f:4b:4a:9a:d1:
                    83:dd:3f:65:90:05:99:c1:b9:67:54:f1:2a:28:b9:
                    4a:a8:0d:a5:ab:62:c6:cc:13:91:75:e1:ff:5b:4a:
                    a1:e1:97:cd:a9:07:cc:9d:79:4b:0f:98:f5:8c:bf:
                    56:ef:b1:cb:d6:c4:2a:52:a3:17:f8:26:64:ce:ce:
                    ab:40:7b:35:91:ba:ef:49:3b:4e:6c:cb:b5:c6:5f:
                    00:ab:0e:c5:1c:6b:74:d8:39:2c:6a:6b:6a:8b:68:
                    19:4e:99:72:72:8e:20:bb:c1:f4:e9:1d:b6:59:eb:
                    94:df:ed:b2:55:bf:4c:c5:5b:3e:e1:21:e7:30:6f:
                    cc:a5:50:89:1b:81:fd:21:24:7c:26:ef:a5:8b:ff:
                    4b:d3:2e:30:13:9b:5a:64:21:ac:ac:89:5d:1e:b3:
                    24:df:8e:88:95:42:f6:6d:2f:88:a3:51:f3:bf:4b:
                    7b:a4:e0:57:2f:fd:28:78:7c:77:fc:39:10:93:24:
                    0f:49:bd:93:ab:58:f2:2c:54:63:26:d6:be:b4:7f:
                    3d:ef:0b:dd:23:c7:ac:29:61:a7:73:6f:8b:18:a9:
                    c7:2b:98:b0:72:19:cd:9a:86:f8:01:2d:9f:8d:ad:
                    52:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:90:AC:0E:18:EA:65:C5:1B:0C:D9:2A:1E:A1:7D:F4:F6:00:32:C1
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c157daeb-02b3-4c76-8856-8cd67b712856.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  57.75.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         05:d6:3a:3d:4d:a7:10:ca:b6:90:77:c7:ea:08:2c:47:c1:b4:
         f8:70:45:5b:e6:02:1d:9d:c1:84:a7:c5:1f:c5:35:c4:ec:fd:
         60:de:c6:9a:b4:8f:cc:5a:d9:d3:80:52:bd:7f:9a:f0:b0:1c:
         91:a9:8b:ae:6d:90:32:71:fe:24:12:44:20:2c:96:b6:f2:5e:
         a0:6c:67:07:05:31:b3:c4:4f:10:9f:af:6c:8f:1f:a8:93:e8:
         dc:c7:93:62:51:fe:1c:51:39:60:f5:9b:32:b7:3e:6d:77:f9:
         a0:3b:2f:39:40:77:12:35:32:8a:aa:d5:53:98:3e:e1:1e:aa:
         b4:de:89:76:d9:69:b9:1d:cd:a9:56:a2:e5:c3:55:53:c9:e5:
         e7:0f:6f:01:c8:1f:d3:5c:8d:94:d5:8f:44:11:ae:0e:3d:50:
         c6:68:38:6c:37:ce:c7:2a:d3:9e:3f:98:f3:6d:de:44:fe:fe:
         8d:da:bd:bd:36:92:b6:83:73:18:ae:8e:94:9d:43:b2:13:bf:
         48:7e:f3:53:f7:2d:99:08:0d:59:24:c9:bc:27:2b:ce:8d:d5:
         c4:3e:f7:42:d0:40:2d:2e:67:72:4d:ad:ca:53:50:91:10:d9:
         47:23:02:68:b2:c7:b3:88:48:83:30:12:0f:af:b6:bd:af:90:
         bb:9e:2c:6c
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUPW8itLvl+CPNnelFMg5VPza4VKswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTI4MDAzMTEzWhcNMjUwNzAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A2ZTZmN2IzN2Y5ZjJlODc1NzY0YzI2ZDI4YTVmMzk4YjBk
ZjgzMzczZDYyOTQyMmE1ZDRjOGIyODM5MjI3Yzg2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDHqo7acAhRXKes+ZOvYcVedKOygn7l/O8vS0qa0YPdP2WQ
BZnBuWdU8SoouUqoDaWrYsbME5F14f9bSqHhl82pB8ydeUsPmPWMv1bvscvWxCpS
oxf4JmTOzqtAezWRuu9JO05sy7XGXwCrDsUca3TYOSxqa2qLaBlOmXJyjiC7wfTp
HbZZ65Tf7bJVv0zFWz7hIecwb8ylUIkbgf0hJHwm76WL/0vTLjATm1pkIaysiV0e
syTfjoiVQvZtL4ijUfO/S3uk4Fcv/Sh4fHf8ORCTJA9JvZOrWPIsVGMm1r60fz3v
C90jx6wpYadzb4sYqccrmLByGc2ahvgBLZ+NrVJjAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUZZCsDhjqZcUbDNkqHqF99PYAMsEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2MxNTdkYWViLTAyYjMtNGM3Ni04ODU2LThjZDY3YjcxMjg1Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA5SzANBgkqhkiG9w0BAQsFAAOCAQEABdY6PU2nEMq2kHfH6ggsR8G0+HBF
W+YCHZ3BhKfFH8U1xOz9YN7GmrSPzFrZ04BSvX+a8LAckamLrm2QMnH+JBJEICyW
tvJeoGxnBwUxs8RPEJ+vbI8fqJPo3MeTYlH+HFE5YPWbMrc+bXf5oDsvOUB3EjUy
iqrVU5g+4R6qtN6JdtlpuR3NqVai5cNVU8nl5w9vAcgf01yNlNWPRBGuDj1Qxmg4
bDfOxyrTnj+Y823eRP7+jdq9vTaStoNzGK6OlJ1DshO/SH7zU/ctmQgNWSTJvCcr
zo3VxD73QtBALS5nck2tylNQkRDZRyMCaLLHs4hIgzASD6+2va+Qu54sbA==
-----END CERTIFICATE-----