Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f0dc6def-824b-44e4-953e-03bc03efa024.roa
File:                     f0dc6def-824b-44e4-953e-03bc03efa024.roa (raw, json)
Hash identifier:          RUn88ZXndzH4Z3f+oFKTGyFgN033sIkFinzhwwBuzcw=
Subject key identifier:   93:5B:B3:13:63:63:C6:00:8E:67:B8:39:90:FE:E7:6C:CC:83:12:DB
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6CCD409EA7686D38059FF1541C520D0F09932873
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f0dc6def-824b-44e4-953e-03bc03efa024.roa
Signing time:             Tue 12 Aug 2025 00:20:28 +0000
ROA not before:           Tue 12 Aug 2025 00:20:28 +0000
ROA not after:            Tue 16 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        40.229.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 21 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:cd:40:9e:a7:68:6d:38:05:9f:f1:54:1c:52:0d:0f:09:93:28:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 12 00:20:28 2025 GMT
            Not After : Sep 16 23:59:59 2025 GMT
        Subject: serialNumber=8c659cb13de228f49e14634569dd97f1d67e7ec2aaf606b10ce66ed70fb2fda7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:11:c8:87:30:5b:05:47:9e:55:11:30:07:ae:
                    89:65:f0:4d:1e:c9:ad:1a:45:d8:45:23:41:06:4b:
                    60:0a:e1:cd:41:76:0d:b0:b1:45:d2:c0:53:e8:a5:
                    7a:ec:c2:f0:f8:e9:96:f0:88:73:8b:c7:96:85:62:
                    af:28:ca:9b:d7:85:9e:5c:01:93:44:c3:c0:f6:54:
                    3e:3d:c6:fc:87:3a:84:df:0e:4a:10:28:1a:fe:a6:
                    ff:c7:73:af:69:99:b4:b1:3c:26:18:fa:74:e4:51:
                    84:30:7a:c7:b4:a0:24:97:bc:0a:a1:bd:11:4b:d7:
                    5e:20:10:b5:bb:75:9e:50:77:e5:da:da:b3:a7:de:
                    89:1f:13:3e:fe:ac:be:dd:1d:d1:3d:a0:8a:9f:47:
                    bc:c7:e5:d2:82:de:5f:31:38:41:68:9f:b3:0e:ae:
                    fd:9a:26:d6:d4:53:d7:10:f3:2d:f6:b3:48:48:ae:
                    4d:2a:ce:8c:bd:a1:cd:bb:3f:f2:a9:be:9f:67:9e:
                    ed:0f:eb:a0:ba:4f:ef:28:97:15:64:bc:10:be:00:
                    dc:c3:a1:95:66:89:dd:21:d5:af:87:6d:ed:73:32:
                    5a:c7:e7:57:ba:fc:ec:10:e4:6e:23:51:27:ed:63:
                    1c:eb:02:df:50:8c:d2:73:71:9b:2e:f2:99:5a:c0:
                    78:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:5B:B3:13:63:63:C6:00:8E:67:B8:39:90:FE:E7:6C:CC:83:12:DB
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f0dc6def-824b-44e4-953e-03bc03efa024.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  40.229.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         6e:b4:05:64:02:dd:8a:c2:28:fa:57:75:a8:ce:7b:b3:0d:dc:
         61:fc:73:1f:17:e8:d5:44:03:ed:03:e5:fc:61:aa:f4:25:29:
         2e:3a:5f:cf:8e:18:1c:b8:87:07:0a:f6:de:0f:ba:b9:45:cc:
         d7:50:96:9f:1f:d8:43:34:8b:ae:2c:74:e6:e8:15:aa:db:e3:
         10:ad:7d:58:e0:ba:73:88:49:33:92:f7:06:92:77:28:f2:fc:
         31:41:ed:e3:f2:e9:94:f7:1e:20:5d:ef:ae:b0:12:ce:01:b6:
         a7:db:07:27:7e:9a:20:ba:69:b4:f1:82:73:30:5c:be:52:98:
         67:67:66:e1:68:0c:5c:24:fb:2d:a7:ad:17:8b:fb:b3:bc:07:
         36:71:25:be:21:3e:65:53:84:28:97:03:be:21:0f:8c:26:9a:
         5d:e7:72:3d:eb:4f:31:7a:14:5a:52:dd:26:38:4a:dc:32:41:
         b7:46:3f:ef:ff:58:68:34:e4:5b:38:52:52:00:4e:b0:4f:b3:
         86:29:4a:65:2f:bc:f3:a2:4f:90:29:80:23:2f:f3:f3:37:dd:
         78:a8:bd:3b:04:43:16:38:d8:1c:d8:eb:c8:82:25:ef:35:00:
         b9:d2:a3:b6:75:eb:12:47:38:d2:d2:2b:f6:04:19:2a:bd:01:
         95:10:6a:53
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUbM1AnqdobTgFn/FUHFINDwmTKHMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODEyMDAyMDI4WhcNMjUwOTE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A4YzY1OWNiMTNkZTIyOGY0OWUxNDYzNDU2OWRkOTdmMWQ2
N2U3ZWMyYWFmNjA2YjEwY2U2NmVkNzBmYjJmZGE3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCGEciHMFsFR55VETAHroll8E0eya0aRdhFI0EGS2AK4c1B
dg2wsUXSwFPopXrswvD46ZbwiHOLx5aFYq8oypvXhZ5cAZNEw8D2VD49xvyHOoTf
DkoQKBr+pv/Hc69pmbSxPCYY+nTkUYQwese0oCSXvAqhvRFL114gELW7dZ5Qd+Xa
2rOn3okfEz7+rL7dHdE9oIqfR7zH5dKC3l8xOEFon7MOrv2aJtbUU9cQ8y32s0hI
rk0qzoy9oc27P/Kpvp9nnu0P66C6T+8olxVkvBC+ANzDoZVmid0h1a+Hbe1zMlrH
51e6/OwQ5G4jUSftYxzrAt9QjNJzcZsu8plawHjBAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUk1uzE2NjxgCOZ7g5kP7nbMyDEtswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2YwZGM2ZGVmLTgyNGItNDRlNC05NTNlLTAzYmMwM2VmYTAyNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAo5TANBgkqhkiG9w0BAQsFAAOCAQEAbrQFZALdisIo+ld1qM57sw3cYfxz
Hxfo1UQD7QPl/GGq9CUpLjpfz44YHLiHBwr23g+6uUXM11CWnx/YQzSLrix05ugV
qtvjEK19WOC6c4hJM5L3BpJ3KPL8MUHt4/LplPceIF3vrrASzgG2p9sHJ36aILpp
tPGCczBcvlKYZ2dm4WgMXCT7LaetF4v7s7wHNnElviE+ZVOEKJcDviEPjCaaXedy
PetPMXoUWlLdJjhK3DJBt0Y/7/9YaDTkWzhSUgBOsE+zhilKZS+886JPkCmAIy/z
8zfdeKi9OwRDFjjYHNjryIIl7zUAudKjtnXrEkc40tIr9gQZKr0BlRBqUw==
-----END CERTIFICATE-----