Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/65567a94-d95d-47b7-8408-7d05fa62f0ba.roa
File:                     65567a94-d95d-47b7-8408-7d05fa62f0ba.roa (raw, json)
Hash identifier:          GPF2OC80MRu0EqQQbWcV4PAQCFh2YxxiDtPREa0ClXc=
Subject key identifier:   84:02:AF:8A:07:57:2E:21:1B:7E:A1:9B:61:F1:B9:E7:01:CD:5A:DE
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0BFE985417FB9366DBA997BFDB73F5F859E1096D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/65567a94-d95d-47b7-8408-7d05fa62f0ba.roa
Signing time:             Fri 13 Jun 2025 00:21:23 +0000
ROA not before:           Fri 13 Jun 2025 00:21:23 +0000
ROA not after:            Fri 18 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        108.137.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:fe:98:54:17:fb:93:66:db:a9:97:bf:db:73:f5:f8:59:e1:09:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 13 00:21:23 2025 GMT
            Not After : Jul 18 23:59:59 2025 GMT
        Subject: serialNumber=cb3783234fea726911b16eee725b81d913f520e33026fa11caa7af16693fdd8d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:bb:0f:f7:3c:81:be:35:76:74:5e:ee:2d:90:
                    32:a6:88:71:b7:81:38:90:ef:a0:48:63:02:0b:f3:
                    28:1c:53:2e:4d:c3:e9:6a:af:5a:9e:c9:a4:32:35:
                    3c:7f:a0:f2:c4:88:86:5c:5b:9e:69:86:fc:8b:53:
                    d5:4b:6f:89:02:fd:09:a8:4e:33:20:ac:e7:dc:de:
                    f6:de:79:f1:82:92:de:5f:08:3b:94:0a:e5:89:12:
                    11:5b:ee:f8:6c:1c:82:cb:07:f0:68:d1:0a:1c:21:
                    c9:f1:a3:04:0c:30:71:90:9e:fc:23:25:4d:50:88:
                    81:22:aa:8e:8f:ee:5b:23:f6:c1:34:fe:0e:98:07:
                    34:0e:ce:25:7f:9d:f7:77:f1:94:3f:07:1f:f5:44:
                    35:c1:4c:1b:10:d6:b8:e7:89:11:be:6d:55:eb:a1:
                    a8:f1:c4:66:74:3e:fa:f2:ec:cc:8e:6c:ff:73:b7:
                    ed:fc:7c:6c:1c:d5:4b:e6:e6:ac:53:f0:15:ea:77:
                    02:b3:4b:c2:08:13:ad:a1:f5:76:4f:cf:62:d4:c1:
                    74:04:ec:da:1c:39:f5:b3:b3:98:f8:12:63:16:af:
                    20:23:cf:02:05:7b:eb:a0:24:3b:60:2c:b2:de:84:
                    31:76:e6:f4:69:fb:f9:d5:f5:a8:92:f1:0f:f9:b7:
                    ad:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:02:AF:8A:07:57:2E:21:1B:7E:A1:9B:61:F1:B9:E7:01:CD:5A:DE
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/65567a94-d95d-47b7-8408-7d05fa62f0ba.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  108.137.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         3c:87:4a:18:28:97:d0:14:6a:22:12:47:61:84:88:39:2a:e1:
         ef:93:39:e6:dc:19:d3:0c:9b:35:f4:d9:04:08:e1:d4:6b:c4:
         c6:38:96:3a:a5:72:c6:16:be:47:00:30:4c:de:10:5f:05:b5:
         f6:03:e6:19:59:e6:39:d5:71:cf:76:0d:66:0b:56:13:96:6d:
         4b:44:3c:e7:ab:ed:83:f4:03:e2:91:9e:9f:59:ef:e7:56:ab:
         1d:af:d7:3f:f9:ee:9b:18:45:5a:2c:ec:a5:69:64:9d:26:05:
         c5:c6:c9:df:99:f0:11:cc:3f:22:24:9e:48:f5:26:95:7b:e0:
         7d:23:dd:05:a6:bd:34:77:be:ac:ce:9e:e9:db:07:4a:ad:b9:
         f8:7d:63:b0:3b:ec:3f:31:fe:20:16:5f:77:e3:39:63:62:9b:
         be:c4:f7:e8:6d:c7:e3:11:6f:e7:77:f3:f7:0d:f7:74:e2:4e:
         0b:64:02:8e:df:90:06:20:7e:b6:4a:54:b1:fd:09:f3:c2:bc:
         a9:26:57:1c:cd:8c:7a:d2:58:9f:36:33:7e:63:18:90:48:6e:
         db:cc:9d:9c:17:81:dc:49:de:50:d4:9f:77:71:6e:9d:89:17:
         2c:6e:20:51:f4:4a:14:b2:a9:5c:5e:8b:e0:cb:9b:7d:d3:08:
         ca:c4:8c:aa
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUC/6YVBf7k2bbqZe/23P1+FnhCW0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjEzMDAyMTIzWhcNMjUwNzE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BjYjM3ODMyMzRmZWE3MjY5MTFiMTZlZWU3MjViODFkOTEz
ZjUyMGUzMzAyNmZhMTFjYWE3YWYxNjY5M2ZkZDhkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzuw/3PIG+NXZ0Xu4tkDKmiHG3gTiQ76BIYwIL8ygcUy5N
w+lqr1qeyaQyNTx/oPLEiIZcW55phvyLU9VLb4kC/QmoTjMgrOfc3vbeefGCkt5f
CDuUCuWJEhFb7vhsHILLB/Bo0QocIcnxowQMMHGQnvwjJU1QiIEiqo6P7lsj9sE0
/g6YBzQOziV/nfd38ZQ/Bx/1RDXBTBsQ1rjniRG+bVXroajxxGZ0Pvry7MyObP9z
t+38fGwc1Uvm5qxT8BXqdwKzS8IIE62h9XZPz2LUwXQE7NocOfWzs5j4EmMWryAj
zwIFe+ugJDtgLLLehDF25vRp+/nV9aiS8Q/5t627AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUhAKvigdXLiEbfqGbYfG55wHNWt4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY1NTY3YTk0LWQ5NWQtNDdiNy04NDA4LTdkMDVmYTYyZjBiYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBsiTANBgkqhkiG9w0BAQsFAAOCAQEAPIdKGCiX0BRqIhJHYYSIOSrh75M5
5twZ0wybNfTZBAjh1GvExjiWOqVyxha+RwAwTN4QXwW19gPmGVnmOdVxz3YNZgtW
E5ZtS0Q856vtg/QD4pGen1nv51arHa/XP/numxhFWizspWlknSYFxcbJ35nwEcw/
IiSeSPUmlXvgfSPdBaa9NHe+rM6e6dsHSq25+H1jsDvsPzH+IBZfd+M5Y2KbvsT3
6G3H4xFv53fz9w33dOJOC2QCjt+QBiB+tkpUsf0J88K8qSZXHM2MetJYnzYzfmMY
kEhu28ydnBeB3EneUNSfd3FunYkXLG4gUfRKFLKpXF6L4MubfdMIysSMqg==
-----END CERTIFICATE-----