Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ed432fea-e545-4d6d-beae-21ab78adea7b.roa
File:                     ed432fea-e545-4d6d-beae-21ab78adea7b.roa (raw, json)
Hash identifier:          rmfzpLMBashcNCWARnbnXT379S6Uni9nRl6+K9nEeUE=
Subject key identifier:   5E:A6:5E:AF:2B:D6:AA:2E:B6:79:1E:DA:80:15:17:A0:AE:08:80:4C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0243E3404BDA541432DA716E994B8DFA021CF7A8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ed432fea-e545-4d6d-beae-21ab78adea7b.roa
Signing time:             Wed 13 Aug 2025 00:01:57 +0000
ROA not before:           Wed 13 Aug 2025 00:01:57 +0000
ROA not after:            Wed 17 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        173.246.160.0/19 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 07 Sep 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:43:e3:40:4b:da:54:14:32:da:71:6e:99:4b:8d:fa:02:1c:f7:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 13 00:01:57 2025 GMT
            Not After : Sep 17 23:59:59 2025 GMT
        Subject: serialNumber=076df33d12088a658874b0e2b6b1a11638928537c45d05f61cdf35c4bf8567e9, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:96:b7:d1:57:7c:f5:ce:fe:eb:4f:28:89:ec:
                    0a:f0:a2:a4:bc:21:1c:74:f2:43:22:da:dc:7b:10:
                    7a:38:9c:ba:ba:3d:a3:5e:5b:ae:98:2e:ce:7e:42:
                    31:6d:16:93:16:8d:d9:76:ea:cb:2f:6f:9f:2f:5b:
                    ae:33:67:1c:44:32:b9:28:c2:0c:6f:b9:1c:14:f1:
                    bf:99:30:d3:85:bf:bc:d9:56:7c:d6:3d:4b:44:7b:
                    5a:0d:94:6b:22:80:9e:0a:e2:7a:3b:f8:98:42:16:
                    5c:ed:00:4e:2d:ff:07:ea:20:40:47:58:76:3a:07:
                    93:57:39:6b:0f:08:8b:f7:76:22:ec:7d:7a:82:6b:
                    d1:a0:1b:30:c0:a5:b7:fa:c3:56:81:02:7b:28:61:
                    16:b4:2b:4c:d8:e0:4a:df:fa:94:d8:50:37:36:f6:
                    f6:5c:28:97:a4:b3:0e:c6:a1:0d:c9:a0:db:2f:e3:
                    22:c2:52:1b:3e:aa:b4:25:80:ec:89:fb:40:6e:c1:
                    b7:ff:9c:65:a2:83:da:8e:22:9e:ea:32:70:2a:71:
                    10:3e:39:25:5f:3b:76:f1:90:d3:70:28:48:88:dd:
                    a5:fb:ce:33:d6:5b:60:84:d1:f6:08:2d:82:65:fe:
                    05:90:e4:3f:6c:0f:74:77:e4:00:58:1c:6c:be:c0:
                    9f:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:A6:5E:AF:2B:D6:AA:2E:B6:79:1E:DA:80:15:17:A0:AE:08:80:4C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ed432fea-e545-4d6d-beae-21ab78adea7b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  173.246.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         8e:61:bc:70:03:0d:a2:d2:0e:49:56:c0:03:a0:89:b5:39:b2:
         d4:9c:08:6a:95:8f:63:3c:f5:3f:6b:69:fc:d9:db:5a:f4:06:
         3b:81:62:2e:28:d3:e1:ba:53:cb:69:62:c1:e6:4c:bb:66:d2:
         c1:84:3f:90:8f:80:71:25:28:f2:4a:5b:08:b2:de:bf:32:28:
         5d:ad:fc:45:fb:ee:75:fa:ec:fa:4e:4a:b8:fb:f6:eb:9b:21:
         af:b1:7b:54:4e:29:55:47:d0:f3:f1:01:85:f9:e7:2b:af:d6:
         f0:27:d4:7f:54:fc:9f:ed:57:e7:ff:bb:78:d6:cd:80:e6:de:
         31:8a:21:a0:15:3a:10:15:e5:d5:34:58:4d:2f:31:e0:12:42:
         c6:51:4c:b4:d1:d1:b5:38:2a:05:34:6b:b1:3c:4d:95:7e:7c:
         35:71:f7:ae:5b:a7:64:84:28:2e:d1:6b:30:16:78:c0:ff:d5:
         fe:91:f4:0b:b7:1e:c3:30:f5:cf:7b:6a:a6:63:b4:86:f9:ac:
         05:1b:e0:11:5d:fd:6a:56:2e:0c:6b:08:db:41:db:34:3c:32:
         82:0c:9f:7c:8a:e1:87:21:eb:17:27:97:63:a1:04:30:a7:56:
         a1:de:8e:b3:68:db:e3:93:bd:16:92:e8:9c:70:33:f7:5c:11:
         29:fd:a3:5e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAkPjQEvaVBQy2nFumUuN+gIc96gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODEzMDAwMTU3WhcNMjUwOTE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AwNzZkZjMzZDEyMDg4YTY1ODg3NGIwZTJiNmIxYTExNjM4
OTI4NTM3YzQ1ZDA1ZjYxY2RmMzVjNGJmODU2N2U5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDHlrfRV3z1zv7rTyiJ7ArwoqS8IRx08kMi2tx7EHo4nLq6
PaNeW66YLs5+QjFtFpMWjdl26ssvb58vW64zZxxEMrkowgxvuRwU8b+ZMNOFv7zZ
VnzWPUtEe1oNlGsigJ4K4no7+JhCFlztAE4t/wfqIEBHWHY6B5NXOWsPCIv3diLs
fXqCa9GgGzDApbf6w1aBAnsoYRa0K0zY4Erf+pTYUDc29vZcKJeksw7GoQ3JoNsv
4yLCUhs+qrQlgOyJ+0Buwbf/nGWig9qOIp7qMnAqcRA+OSVfO3bxkNNwKEiI3aX7
zjPWW2CE0fYILYJl/gWQ5D9sD3R35ABYHGy+wJ+dAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUXqZeryvWqi62eR7agBUXoK4IgEwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2VkNDMyZmVhLWU1NDUtNGQ2ZC1iZWFlLTIxYWI3OGFkZWE3Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAWt9qAwDQYJKoZIhvcNAQELBQADggEBAI5hvHADDaLSDklWwAOgibU5stSc
CGqVj2M89T9rafzZ21r0BjuBYi4o0+G6U8tpYsHmTLtm0sGEP5CPgHElKPJKWwiy
3r8yKF2t/EX77nX67PpOSrj79uubIa+xe1ROKVVH0PPxAYX55yuv1vAn1H9U/J/t
V+f/u3jWzYDm3jGKIaAVOhAV5dU0WE0vMeASQsZRTLTR0bU4KgU0a7E8TZV+fDVx
965bp2SEKC7RazAWeMD/1f6R9Au3HsMw9c97aqZjtIb5rAUb4BFd/WpWLgxrCNtB
2zQ8MoIMn3yK4Ych6xcnl2OhBDCnVqHejrNo2+OTvRaS6JxwM/dcESn9o14=
-----END CERTIFICATE-----