Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1c9d5620-aeb3-442d-ac52-b345961602c4.roa
File:                     1c9d5620-aeb3-442d-ac52-b345961602c4.roa (raw, json)
Hash identifier:          grOb7IhxLqec/sgCHUXcFKOadHp1k4Lu/6+2YmvVjK8=
Subject key identifier:   3C:50:CD:B1:DE:8B:47:AF:09:82:85:0E:02:07:8D:41:35:6B:EB:64
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       383C50017FCAEBBE50CC96FEE2130EDAD89BA91D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1c9d5620-aeb3-442d-ac52-b345961602c4.roa
Signing time:             Fri 25 Apr 2025 00:50:32 +0000
ROA not before:           Fri 25 Apr 2025 00:50:32 +0000
ROA not after:            Fri 30 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.56.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 27 Apr 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:3c:50:01:7f:ca:eb:be:50:cc:96:fe:e2:13:0e:da:d8:9b:a9:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 25 00:50:32 2025 GMT
            Not After : May 30 23:59:59 2025 GMT
        Subject: serialNumber=be6fa7b128f99c498b59e6a3f5bc4700f091831e795ecb416152ac9f00f50ab3, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:48:e1:f6:03:d2:88:7d:5d:30:df:03:d2:ce:
                    d2:65:4f:e5:11:ca:5e:23:e2:c0:71:bd:b2:4a:ec:
                    c5:bc:81:65:54:e9:de:eb:1d:74:28:70:5b:bf:95:
                    57:40:01:1d:54:7f:e8:bb:07:1b:b8:1d:7f:ca:de:
                    0d:75:27:6e:dc:c9:7c:ef:71:97:b8:e7:c4:9b:57:
                    60:3f:ad:4b:d9:e4:4f:51:7c:ff:66:10:af:67:c7:
                    60:ff:2b:ae:90:31:0a:cd:ca:2e:ac:db:92:e0:8d:
                    59:e2:73:aa:36:35:43:1f:24:18:63:09:aa:84:dd:
                    1c:d3:a1:e4:bd:ac:74:6e:3e:1e:d7:53:d7:e8:67:
                    60:57:79:b1:b3:ab:bd:63:03:7b:1e:0d:ce:33:f9:
                    39:85:2e:27:a4:1b:aa:21:e5:bf:f1:de:6d:cf:76:
                    1d:1b:5f:9a:2c:3e:02:07:55:3f:9d:91:bf:0d:e8:
                    31:3b:e3:2d:57:cf:c8:cb:f7:7c:b2:55:6f:d3:64:
                    6c:94:4a:ab:3e:4d:7d:cf:3a:3a:bf:2a:6e:5d:38:
                    f0:2f:fc:ea:a9:9c:5d:08:ae:d1:5c:61:08:85:b2:
                    02:47:db:63:9e:f1:01:28:82:43:d7:11:01:fd:66:
                    c5:cb:7a:bd:6f:4c:fe:31:d0:2d:af:1f:51:5f:36:
                    49:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:50:CD:B1:DE:8B:47:AF:09:82:85:0E:02:07:8D:41:35:6B:EB:64
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1c9d5620-aeb3-442d-ac52-b345961602c4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.56.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         1d:36:2e:a6:ee:2a:15:e0:20:f2:7e:e2:19:df:11:22:5e:40:
         de:8d:8e:12:ba:f2:3f:41:62:a7:bd:f1:61:9a:69:10:8d:0e:
         c2:fb:ab:d9:d5:c8:71:66:ce:79:84:0d:b6:e9:0c:19:42:46:
         b9:5e:5e:16:06:2f:ae:60:11:95:df:4f:1e:66:3c:5b:37:bd:
         95:09:aa:7a:b6:b1:8a:4b:b1:e4:d8:c9:31:01:f7:ed:a4:f0:
         05:3e:86:0a:ad:44:46:0b:26:6a:40:b4:40:d6:3f:36:2c:90:
         c7:ca:98:41:a8:70:8c:79:b8:48:bd:1c:02:68:ab:1d:4b:d5:
         65:79:a0:74:a0:f6:13:6b:58:ef:e5:3b:a3:ec:fc:c2:33:1d:
         01:2d:bb:75:24:47:7b:da:ac:82:6a:2f:7a:d5:7f:fa:bd:ca:
         66:16:4d:86:e9:78:ae:9e:a7:e5:49:1d:db:6a:2f:ae:15:a8:
         d1:1c:62:97:a8:03:eb:f0:93:79:de:e4:b3:2b:9a:a4:b8:41:
         64:5c:a5:1b:2f:74:56:5f:88:a4:21:30:04:61:10:6e:1c:cb:
         10:e6:aa:99:82:b6:45:4d:4a:bc:ad:0b:95:8a:51:98:fb:52:
         42:0a:aa:66:42:56:33:8e:37:79:ec:28:50:33:a5:5c:cb:61:
         24:c5:d1:60
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUODxQAX/K675QzJb+4hMO2tibqR0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDI1MDA1MDMyWhcNMjUwNTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BiZTZmYTdiMTI4Zjk5YzQ5OGI1OWU2YTNmNWJjNDcwMGYw
OTE4MzFlNzk1ZWNiNDE2MTUyYWM5ZjAwZjUwYWIzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCmSOH2A9KIfV0w3wPSztJlT+URyl4j4sBxvbJK7MW8gWVU
6d7rHXQocFu/lVdAAR1Uf+i7Bxu4HX/K3g11J27cyXzvcZe458SbV2A/rUvZ5E9R
fP9mEK9nx2D/K66QMQrNyi6s25LgjVnic6o2NUMfJBhjCaqE3RzToeS9rHRuPh7X
U9foZ2BXebGzq71jA3seDc4z+TmFLiekG6oh5b/x3m3Pdh0bX5osPgIHVT+dkb8N
6DE74y1Xz8jL93yyVW/TZGyUSqs+TX3POjq/Km5dOPAv/OqpnF0IrtFcYQiFsgJH
22Oe8QEogkPXEQH9ZsXLer1vTP4x0C2vH1FfNkk3AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUPFDNsd6LR68JgoUOAgeNQTVr62QwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzFjOWQ1NjIwLWFlYjMtNDQyZC1hYzUyLWIzNDU5NjE2MDJjNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4ODANBgkqhkiG9w0BAQsFAAOCAQEAHTYupu4qFeAg8n7iGd8RIl5A3o2O
ErryP0Fip73xYZppEI0Owvur2dXIcWbOeYQNtukMGUJGuV5eFgYvrmARld9PHmY8
Wze9lQmqeraxikux5NjJMQH37aTwBT6GCq1ERgsmakC0QNY/NiyQx8qYQahwjHm4
SL0cAmirHUvVZXmgdKD2E2tY7+U7o+z8wjMdAS27dSRHe9qsgmovetV/+r3KZhZN
hul4rp6n5Ukd22ovrhWo0Rxil6gD6/CTed7ksyuapLhBZFylGy90Vl+IpCEwBGEQ
bhzLEOaqmYK2RU1KvK0LlYpRmPtSQgqqZkJWM443eewoUDOlXMthJMXRYA==
-----END CERTIFICATE-----