Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3a3bf936-3d01-4b4d-b4bb-05c306c81a95.roa
File:                     3a3bf936-3d01-4b4d-b4bb-05c306c81a95.roa (raw, json)
Hash identifier:          kShN2uyUWGbMc5IsO2lAkSc29Sa8vNkj32sWhICebHs=
Subject key identifier:   EB:B6:31:A6:B2:F8:BC:F5:82:5D:26:F9:16:69:7C:88:DD:53:D3:D9
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       13757B3E0FBF1147FEDBF6F905ACF9C79BDD9963
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3a3bf936-3d01-4b4d-b4bb-05c306c81a95.roa
Signing time:             Fri 08 Aug 2025 00:21:59 +0000
ROA not before:           Fri 08 Aug 2025 00:21:59 +0000
ROA not after:            Fri 12 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        57.139.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:75:7b:3e:0f:bf:11:47:fe:db:f6:f9:05:ac:f9:c7:9b:dd:99:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  8 00:21:59 2025 GMT
            Not After : Sep 12 23:59:59 2025 GMT
        Subject: serialNumber=a0056cf2bf13f24b912a46f53f1f410406de1834446d417fb8c6942de480e265, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:5f:42:05:ea:52:39:4b:aa:9c:4c:71:41:47:
                    d5:30:0e:ce:d1:af:61:8d:5a:d5:bc:6e:17:13:bb:
                    6f:55:d9:6e:c7:98:bf:63:82:1c:9f:7e:c6:63:7b:
                    64:6f:4e:09:c2:4a:7e:8d:7a:d7:5b:41:6b:10:a1:
                    ca:42:f0:8b:a0:5d:c8:3f:4a:b3:88:c5:47:63:69:
                    e7:e5:61:ca:1e:ec:65:23:47:99:8d:3f:c8:7f:2c:
                    00:5f:28:70:e0:cd:10:ce:9f:51:29:37:98:0e:ae:
                    e5:d7:e3:c7:90:28:2e:a1:d1:34:85:63:54:5d:32:
                    93:53:28:6b:53:90:42:7f:b5:a7:77:e2:e4:00:65:
                    fd:bd:a8:f9:f2:40:7b:7c:af:51:d7:ff:d6:f5:2c:
                    0b:cb:1e:d5:16:8b:fe:b3:8d:22:43:dd:7e:a9:9f:
                    1a:00:c2:d5:e1:ec:7e:77:96:20:50:e1:6f:10:9a:
                    d0:fa:c9:fc:6b:05:83:91:08:01:48:0c:22:15:32:
                    76:fb:2e:97:22:03:84:8a:fd:42:89:60:38:1c:ac:
                    49:d0:e8:aa:b4:20:28:8e:89:96:87:ad:e6:66:d9:
                    e8:41:ae:b4:59:7a:3f:b4:16:6e:97:2a:1f:01:f7:
                    71:55:86:26:7d:10:15:00:05:3f:44:e7:31:06:2e:
                    7b:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:B6:31:A6:B2:F8:BC:F5:82:5D:26:F9:16:69:7C:88:DD:53:D3:D9
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3a3bf936-3d01-4b4d-b4bb-05c306c81a95.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  57.139.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         ba:b6:5e:82:46:51:f5:34:72:6e:60:d9:b7:b8:e7:f1:ea:49:
         35:9a:2d:af:14:43:e8:db:75:b9:23:de:f8:3b:c4:1b:71:ea:
         39:ea:6d:51:f8:0c:a9:93:4b:2e:20:4a:ed:e2:5a:7f:5d:a0:
         45:35:f6:7a:98:99:85:71:b9:9f:ee:d4:8e:76:4e:40:65:73:
         04:d0:31:da:69:ea:63:a7:7f:8f:2e:1e:8e:d8:fc:32:c9:97:
         4a:8b:d7:93:79:15:09:31:6e:d7:19:91:90:b1:85:f4:7b:66:
         8a:cd:d4:aa:76:2f:77:d2:e2:14:80:b3:83:70:3d:a7:c2:0d:
         ca:ce:0f:b4:83:e7:fc:e7:b2:5a:ee:12:db:bb:38:98:9f:12:
         ad:03:08:c7:9e:e3:eb:61:bc:63:9e:a3:91:46:86:db:1e:9a:
         77:bc:00:09:b8:05:66:ab:e5:1b:84:37:cf:1f:44:e7:65:c5:
         01:22:3b:20:34:12:9a:fa:5b:34:02:b2:c1:d7:35:e1:11:8c:
         dc:89:5e:41:a3:64:19:cf:85:5a:c8:7b:e0:e2:f7:1d:1e:bc:
         ff:54:a3:9a:b2:d3:cc:3a:8b:11:4a:71:da:4b:c3:4e:57:81:
         08:79:61:e9:1f:49:71:38:45:80:b5:d4:c1:66:f3:f1:9c:42:
         9c:35:7f:5f
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUE3V7Pg+/EUf+2/b5Baz5x5vdmWMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA4MDAyMTU5WhcNMjUwOTEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BhMDA1NmNmMmJmMTNmMjRiOTEyYTQ2ZjUzZjFmNDEwNDA2
ZGUxODM0NDQ2ZDQxN2ZiOGM2OTQyZGU0ODBlMjY1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCXX0IF6lI5S6qcTHFBR9UwDs7Rr2GNWtW8bhcTu29V2W7H
mL9jghyffsZje2RvTgnCSn6NetdbQWsQocpC8IugXcg/SrOIxUdjaeflYcoe7GUj
R5mNP8h/LABfKHDgzRDOn1EpN5gOruXX48eQKC6h0TSFY1RdMpNTKGtTkEJ/tad3
4uQAZf29qPnyQHt8r1HX/9b1LAvLHtUWi/6zjSJD3X6pnxoAwtXh7H53liBQ4W8Q
mtD6yfxrBYORCAFIDCIVMnb7LpciA4SK/UKJYDgcrEnQ6Kq0ICiOiZaHreZm2ehB
rrRZej+0Fm6XKh8B93FVhiZ9EBUABT9E5zEGLnsDAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU67YxprL4vPWCXSb5Fml8iN1T09kwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNhM2JmOTM2LTNkMDEtNGI0ZC1iNGJiLTA1YzMwNmM4MWE5NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA5izANBgkqhkiG9w0BAQsFAAOCAQEAurZegkZR9TRybmDZt7jn8epJNZot
rxRD6Nt1uSPe+DvEG3HqOeptUfgMqZNLLiBK7eJaf12gRTX2epiZhXG5n+7UjnZO
QGVzBNAx2mnqY6d/jy4ejtj8MsmXSovXk3kVCTFu1xmRkLGF9Htmis3UqnYvd9Li
FICzg3A9p8INys4PtIPn/OeyWu4S27s4mJ8SrQMIx57j62G8Y56jkUaG2x6ad7wA
CbgFZqvlG4Q3zx9E52XFASI7IDQSmvpbNAKywdc14RGM3IleQaNkGc+FWsh74OL3
HR68/1SjmrLTzDqLEUpx2kvDTleBCHlh6R9JcThFgLXUwWbz8ZxCnDV/Xw==
-----END CERTIFICATE-----