Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/8bae045f-365b-43cf-99fc-12cbcbce5f67.roa
File:                     8bae045f-365b-43cf-99fc-12cbcbce5f67.roa (raw, json)
Hash identifier:          ob84O2kG6WP3A5Io1QpgiNMhkpi5lPbyk9WQ0OpTvNE=
Subject key identifier:   14:6F:9E:1F:DB:FC:79:8C:43:2E:A9:BE:B6:B7:8F:AB:6F:A1:38:0C
Certificate issuer:       /CN=0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d
Certificate serial:       56FDA54E02556AC41D3C2CBD7D6CE34E786CF9E4
Authority key identifier: 7D:84:47:C4:97:8A:0B:4C:73:9B:EB:F6:92:E2:4C:75:DD:3F:BC:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/8bae045f-365b-43cf-99fc-12cbcbce5f67.roa
Signing time:             Fri 06 Jun 2025 00:20:29 +0000
ROA not before:           Fri 06 Jun 2025 00:20:29 +0000
ROA not after:            Fri 11 Jul 2025 23:59:59 +0000
asID:                     62785
IP address blocks:        172.96.104.0/21 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/b4e4fec5-3510-4017-90ef-8391412ecd6c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/b4e4fec5-3510-4017-90ef-8391412ecd6c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 08 Jun 2025 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:fd:a5:4e:02:55:6a:c4:1d:3c:2c:bd:7d:6c:e3:4e:78:6c:f9:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d
        Validity
            Not Before: Jun  6 00:20:29 2025 GMT
            Not After : Jul 11 23:59:59 2025 GMT
        Subject: serialNumber=0e5c8f4381068aa316b4c058ef9f69b06f73f2e3cd9ffe77c7356f457eb4534d, CN=b0dbbb6a-5472-4b68-ae4d-401518603039
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:72:e9:0d:46:ea:40:32:92:f2:88:7a:08:b4:
                    2c:63:5d:b0:7c:a6:47:07:3d:f5:e4:b5:ca:6e:e1:
                    9d:c2:d6:a5:9a:52:e2:56:bb:0b:e3:03:4f:54:38:
                    3f:63:96:8a:72:3c:34:5a:60:76:c6:e0:a9:b4:c9:
                    4b:f1:3b:7e:10:d0:87:bd:f5:af:ee:f1:49:e7:ee:
                    04:5d:96:39:53:4c:c8:29:df:d4:27:b7:e1:7f:33:
                    c1:56:31:11:bb:62:d1:78:0c:fc:d4:4f:32:f5:43:
                    10:e0:95:a6:aa:d0:15:6f:67:88:e4:46:1e:b3:90:
                    15:c5:b2:f7:11:06:22:d6:eb:84:2f:c9:6d:4a:78:
                    fc:6b:18:a0:dc:c2:27:95:fe:c9:26:8d:77:b3:64:
                    9f:66:bb:de:cf:c5:87:91:88:3d:ce:80:92:92:43:
                    c1:fd:fa:7f:3c:7f:0a:de:06:0b:ac:2d:2f:63:e7:
                    5a:cc:ba:15:cc:be:96:65:13:d7:84:5d:9d:f1:da:
                    17:2e:75:80:27:14:c7:64:64:b5:2a:a8:75:1e:a5:
                    57:03:e6:81:57:e8:36:0c:02:d9:f3:c0:c6:05:e1:
                    6d:77:c5:03:69:01:64:ca:90:ab:f5:a7:ac:5c:49:
                    73:13:7b:cd:8b:9c:e0:d0:33:7d:8f:f3:57:f5:88:
                    c7:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:6F:9E:1F:DB:FC:79:8C:43:2E:A9:BE:B6:B7:8F:AB:6F:A1:38:0C
            X509v3 Authority Key Identifier:
                keyid:7D:84:47:C4:97:8A:0B:4C:73:9B:EB:F6:92:E2:4C:75:DD:3F:BC:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/8bae045f-365b-43cf-99fc-12cbcbce5f67.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  172.96.104.0/21

    Signature Algorithm: sha256WithRSAEncryption
         66:c4:ae:b5:36:70:9d:8a:42:e7:5f:f9:1a:31:6f:00:3b:26:
         6c:e2:be:4b:61:6e:9d:7d:4a:ab:c2:0d:94:e7:85:32:37:92:
         28:2c:57:d0:6e:48:c0:a7:38:db:5f:5c:3f:c1:40:a5:98:b7:
         ee:54:d1:b9:d6:40:9e:65:96:c4:58:77:06:64:e3:59:fa:8f:
         d8:f4:f3:94:6d:43:c4:7c:5b:9c:e7:00:26:c6:72:12:8f:10:
         54:04:9f:2b:52:13:a9:24:8e:d6:b4:46:32:75:aa:65:fb:dd:
         7d:b6:6d:ce:f9:dd:34:a3:bd:cc:7a:71:81:5d:a1:fc:f5:ec:
         4f:a0:3a:8d:fe:8a:38:76:c6:41:b7:9f:dc:fd:07:e4:42:ac:
         ec:c7:85:9a:77:37:f4:c6:25:f4:db:28:ed:87:43:cb:07:70:
         64:b7:48:c9:56:91:97:20:51:a1:ff:66:25:fa:72:f0:62:2d:
         57:3e:02:09:60:8a:a3:fe:52:12:42:4c:74:33:b7:27:39:d2:
         0b:94:9c:27:2b:e8:cb:eb:32:86:cf:a7:35:83:94:f2:0b:ea:
         bc:37:16:b8:3d:bd:97:1d:aa:cb:a1:52:d3:ef:e5:bc:b5:97:
         06:38:2c:70:25:8b:a5:24:12:03:92:f4:7b:14:f8:e5:b0:69:
         0d:5e:84:d6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVv2lTgJVasQdPCy9fWzjTnhs+eQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMGVlNDU4M2Q4NGQ5YjRmMDgyNGNiODBiYThmYzEyNDBi
NDc5NGI1MTUwNzFlOTc1MWQwHhcNMjUwNjA2MDAyMDI5WhcNMjUwNzExMjM1OTU5
WjB6MUkwRwYDVQQFE0AwZTVjOGY0MzgxMDY4YWEzMTZiNGMwNThlZjlmNjliMDZm
NzNmMmUzY2Q5ZmZlNzdjNzM1NmY0NTdlYjQ1MzRkMS0wKwYDVQQDEyRiMGRiYmI2
YS01NDcyLTRiNjgtYWU0ZC00MDE1MTg2MDMwMzkwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDOcukNRupAMpLyiHoItCxjXbB8pkcHPfXktcpu4Z3C1qWa
UuJWuwvjA09UOD9jlopyPDRaYHbG4Km0yUvxO34Q0Ie99a/u8Unn7gRdljlTTMgp
39Qnt+F/M8FWMRG7YtF4DPzUTzL1QxDglaaq0BVvZ4jkRh6zkBXFsvcRBiLW64Qv
yW1KePxrGKDcwieV/skmjXezZJ9mu97PxYeRiD3OgJKSQ8H9+n88fwreBgusLS9j
51rMuhXMvpZlE9eEXZ3x2hcudYAnFMdkZLUqqHUepVcD5oFX6DYMAtnzwMYF4W13
xQNpAWTKkKv1p6xcSXMTe82LnODQM32P81f1iMetAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUFG+eH9v8eYxDLqm+trePq2+hOAwwHwYDVR0jBBgwFoAUfYRHxJeKC0xz
m+v2kuJMdd0/vK4wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS9iNGU0ZmVjNS0z
NTEwLTQwMTctOTBlZi04MzkxNDEyZWNkNmMvMGVlNDU4M2Q4NGQ5YjRmMDgyNGNi
ODBiYThmYzEyNDBiNDc5NGI1MTUwNzFlOTc1MWQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZGZkN2Y2ZDMtZTZlOS00OTg3LTlhZTctZDA1
MmM1MzUzODk4LzhiYWUwNDVmLTM2NWItNDNjZi05OWZjLTEyY2JjYmNlNWY2Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2RmZDdmNmQzLWU2ZTktNDk4Ny05YWU3
LWQwNTJjNTM1Mzg5OC8yYlR3Z2t5NEM2ajhFa0MwZVV0UlVISHBkUjAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAOsYGgwDQYJKoZIhvcNAQELBQADggEBAGbErrU2cJ2KQudf+RoxbwA7Jmzi
vkthbp19SqvCDZTnhTI3kigsV9BuSMCnONtfXD/BQKWYt+5U0bnWQJ5llsRYdwZk
41n6j9j085RtQ8R8W5znACbGchKPEFQEnytSE6kkjta0RjJ1qmX73X22bc753TSj
vcx6cYFdofz17E+gOo3+ijh2xkG3n9z9B+RCrOzHhZp3N/TGJfTbKO2HQ8sHcGS3
SMlWkZcgUaH/ZiX6cvBiLVc+AglgiqP+UhJCTHQztyc50guUnCcr6MvrMobPpzWD
lPIL6rw3Frg9vZcdqsuhUtPv5by1lwY4LHAli6UkEgOS9HsU+OWwaQ1ehNY=
-----END CERTIFICATE-----