Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d65e4b0d-a594-4fe5-a8f5-a6caf62234da.roa
File:                     d65e4b0d-a594-4fe5-a8f5-a6caf62234da.roa (raw, json)
Hash identifier:          PHE3dozQ+5ydeVVX1DpR2eqjEHvja8vBcJvOQdog3uk=
Subject key identifier:   08:6C:86:31:39:07:4A:A4:D1:FE:68:8B:E3:3E:28:0F:9B:0F:39:3F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7442B075AA1AB37775A19BEBD0DDCF437E080D4E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d65e4b0d-a594-4fe5-a8f5-a6caf62234da.roa
Signing time:             Tue 20 May 2025 15:01:56 +0000
ROA not before:           Tue 20 May 2025 15:01:56 +0000
ROA not after:            Tue 24 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.232.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:42:b0:75:aa:1a:b3:77:75:a1:9b:eb:d0:dd:cf:43:7e:08:0d:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 20 15:01:56 2025 GMT
            Not After : Jun 24 23:59:59 2025 GMT
        Subject: serialNumber=26ef98adc64131560d24d5d4a2978079da430b17aab02e5fa7ecef1a6233200c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:25:8d:40:db:90:40:b3:3d:0f:d5:08:39:c9:
                    7d:66:92:72:83:d6:5e:72:ba:ce:70:80:1b:4c:18:
                    6a:a4:0c:cb:c5:12:57:00:66:c1:41:f1:13:81:79:
                    9a:62:29:7c:4f:da:17:eb:86:56:3c:a0:d2:7a:90:
                    3d:2d:86:f0:ed:df:a2:3d:f3:d5:09:4c:6c:1f:2a:
                    6a:b9:07:b6:67:ab:34:0e:bb:a3:8b:33:2a:50:f4:
                    a9:6e:66:46:55:2c:1c:bd:f3:4e:d1:ec:37:b4:1a:
                    7c:98:a4:2a:39:d8:79:a7:1b:04:5e:73:d1:74:c6:
                    59:83:f5:59:28:2a:c0:0b:99:d3:75:46:32:03:5b:
                    e9:9b:22:96:04:df:b4:8f:f9:d6:5c:b2:c9:7a:77:
                    bc:12:08:25:43:07:22:b8:56:86:74:e0:d0:5f:71:
                    a1:b8:b7:c4:10:95:4a:e3:1e:28:56:29:a7:8f:ab:
                    32:ee:e6:30:05:1c:c9:e2:fb:89:85:2e:1f:37:8d:
                    f9:0a:4a:91:3b:b2:42:b2:81:c6:b8:79:d2:40:7e:
                    5c:72:56:88:b6:f6:45:40:bc:a2:ae:aa:a0:bf:fb:
                    7a:ae:be:36:b0:5e:db:ae:f5:44:3c:30:cc:83:7a:
                    24:b0:d8:a4:4a:a0:83:23:10:0e:77:54:45:4c:2c:
                    28:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:6C:86:31:39:07:4A:A4:D1:FE:68:8B:E3:3E:28:0F:9B:0F:39:3F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d65e4b0d-a594-4fe5-a8f5-a6caf62234da.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.232.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         08:d4:91:ed:03:e3:72:c3:c5:97:69:f9:5a:73:15:97:2d:d1:
         b3:6f:25:d9:fc:22:3a:2b:c2:18:5c:b5:3c:d8:69:8a:14:45:
         65:5e:68:a7:2a:22:a9:b9:39:c2:34:61:a9:f0:83:25:06:ce:
         66:ae:14:63:c3:90:eb:de:93:41:73:6b:06:db:72:a3:4b:c5:
         f2:a1:0d:89:4c:1a:70:5f:1e:92:ca:b2:d9:2a:0a:47:d4:e2:
         86:ba:8a:cf:e3:78:ac:15:96:fc:cc:51:c0:83:0a:8f:5f:f9:
         ea:e6:3a:ed:e2:da:49:4c:9b:12:2d:b9:be:c6:49:7b:1f:9c:
         e5:6c:20:84:5c:ac:f9:7a:da:a0:91:59:25:84:83:c4:ef:a9:
         f8:ca:95:b6:d1:b7:30:bd:38:e6:b5:0f:0f:48:9b:31:dc:64:
         bb:71:00:3e:93:8b:9e:34:8b:a4:08:a7:3b:3a:d7:ca:02:3b:
         a4:c9:89:8a:a0:53:73:4c:0e:7f:25:76:e9:42:94:e0:3c:d9:
         b9:4d:55:b6:06:f4:d1:f3:11:d7:44:68:a3:6d:93:18:78:b0:
         02:3a:65:cb:f8:91:2e:a0:f9:e3:da:dc:5e:20:03:37:31:db:
         d4:c8:18:53:23:48:78:e7:a0:07:9d:88:d6:07:d1:1a:2e:22:
         8b:bb:f4:af
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUdEKwdaoas3d1oZvr0N3PQ34IDU4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTIwMTUwMTU2WhcNMjUwNjI0MjM1OTU5
WjB6MUkwRwYDVQQFE0AyNmVmOThhZGM2NDEzMTU2MGQyNGQ1ZDRhMjk3ODA3OWRh
NDMwYjE3YWFiMDJlNWZhN2VjZWYxYTYyMzMyMDBjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+JY1A25BAsz0P1Qg5yX1mknKD1l5yus5wgBtMGGqkDMvF
ElcAZsFB8ROBeZpiKXxP2hfrhlY8oNJ6kD0thvDt36I989UJTGwfKmq5B7ZnqzQO
u6OLMypQ9KluZkZVLBy9807R7De0GnyYpCo52HmnGwRec9F0xlmD9VkoKsALmdN1
RjIDW+mbIpYE37SP+dZcssl6d7wSCCVDByK4VoZ04NBfcaG4t8QQlUrjHihWKaeP
qzLu5jAFHMni+4mFLh83jfkKSpE7skKygca4edJAflxyVoi29kVAvKKuqqC/+3qu
vjawXtuu9UQ8MMyDeiSw2KRKoIMjEA53VEVMLChpAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUCGyGMTkHSqTR/miL4z4oD5sPOT8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Q2NWU0YjBkLWE1OTQtNGZlNS1hOGY1LWE2Y2FmNjIyMzRkYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA46DANBgkqhkiG9w0BAQsFAAOCAQEACNSR7QPjcsPFl2n5WnMVly3Rs28l
2fwiOivCGFy1PNhpihRFZV5opyoiqbk5wjRhqfCDJQbOZq4UY8OQ696TQXNrBtty
o0vF8qENiUwacF8eksqy2SoKR9TihrqKz+N4rBWW/MxRwIMKj1/56uY67eLaSUyb
Ei25vsZJex+c5WwghFys+XraoJFZJYSDxO+p+MqVttG3ML045rUPD0ibMdxku3EA
PpOLnjSLpAinOzrXygI7pMmJiqBTc0wOfyV26UKU4DzZuU1Vtgb00fMR10Roo22T
GHiwAjply/iRLqD549rcXiADNzHb1MgYUyNIeOegB52I1gfRGi4ii7v0rw==
-----END CERTIFICATE-----