Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/825bfb63-e691-44c3-91b1-ef9cfe07ece2.roa
File:                     825bfb63-e691-44c3-91b1-ef9cfe07ece2.roa (raw, json)
Hash identifier:          V/v/YEt5IwATGFoe9lBPwF84u96mlCbTbMhboumcvC8=
Subject key identifier:   0C:26:D1:AF:1C:EF:AD:83:C6:49:C9:13:2D:F8:9E:6A:7C:EA:50:CA
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       58E2E9CD52B4EE27F10AA6F434EEEF59BD7F0DA1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/825bfb63-e691-44c3-91b1-ef9cfe07ece2.roa
Signing time:             Fri 25 Apr 2025 17:38:00 +0000
ROA not before:           Fri 25 Apr 2025 17:38:00 +0000
ROA not after:            Fri 30 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.29.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 27 Apr 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:e2:e9:cd:52:b4:ee:27:f1:0a:a6:f4:34:ee:ef:59:bd:7f:0d:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 25 17:38:00 2025 GMT
            Not After : May 30 23:59:59 2025 GMT
        Subject: serialNumber=018982e07a922d6231c20f67851c2b95f72266e0b2d91adde1cbb8f06a78d258, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:59:29:0d:3b:ec:49:d2:80:5f:41:99:37:4c:
                    24:9e:50:fb:85:db:0e:5b:6f:48:09:b2:69:57:b2:
                    43:17:ed:0c:5a:ab:72:dd:98:1f:db:3e:e6:6b:df:
                    47:cb:82:ad:8c:a1:d7:ea:30:85:ed:62:f5:de:31:
                    df:7b:43:f8:ba:57:ef:15:18:9e:bf:7e:b0:91:18:
                    cc:3c:15:bd:7b:f4:c3:d8:20:2f:f4:ec:ca:37:7a:
                    3b:23:92:37:d5:ec:ba:ec:9a:de:b3:e3:27:60:ce:
                    88:5b:ac:b7:d3:24:df:e9:92:a1:dc:3f:4a:57:38:
                    e6:46:40:59:b6:b9:d7:35:95:d8:74:66:42:dd:c3:
                    46:49:17:34:91:db:4d:b1:f4:96:63:39:e9:cb:32:
                    e1:92:8a:7d:8a:5a:f8:bf:e1:4e:59:d9:8b:e0:cc:
                    41:37:e0:83:2e:d3:b3:fa:23:d2:e0:0c:c0:5e:d6:
                    4d:c8:5b:7d:d1:a8:e8:01:fc:02:2b:f2:5e:7e:c6:
                    93:b5:5b:aa:b2:aa:39:c4:6b:83:b4:e7:51:5f:7e:
                    0b:7a:28:55:48:84:c1:82:0e:8d:a1:ba:62:fd:fa:
                    7a:84:74:bf:43:98:74:d0:d6:37:bc:41:e5:68:99:
                    59:1c:b8:a6:6e:91:f3:12:86:d1:26:99:40:f3:9d:
                    1b:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:26:D1:AF:1C:EF:AD:83:C6:49:C9:13:2D:F8:9E:6A:7C:EA:50:CA
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/825bfb63-e691-44c3-91b1-ef9cfe07ece2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.29.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         1c:82:7f:50:70:1e:d3:2b:9f:f6:0a:c8:a3:cd:6a:00:7d:3d:
         6c:b5:6a:33:aa:b4:f4:b3:96:de:d9:d8:b1:3c:fc:a7:60:6c:
         58:bd:10:4c:a4:ec:e3:81:b7:f7:b1:4d:78:50:1b:18:12:08:
         18:a8:08:20:ed:e9:44:d6:5e:42:77:c1:21:ce:b4:90:2e:b1:
         32:5b:50:31:ef:07:c2:c5:80:d7:79:c8:20:44:b0:63:d8:6f:
         50:90:f7:8c:e7:8b:53:4c:cf:40:96:2d:ea:76:5f:a4:3d:d1:
         a5:17:74:1c:7b:50:f4:d3:d9:00:65:2b:58:0d:52:83:3d:93:
         ea:79:47:9e:52:b2:3b:cf:f2:52:b7:8f:65:c0:f0:12:f7:bb:
         98:c3:fe:a6:3e:5e:2b:2e:86:93:11:4d:06:16:14:74:5c:cf:
         7d:72:cd:d0:2f:94:00:2a:af:ce:72:c4:9c:33:91:a0:db:66:
         3e:6d:01:96:6d:81:ad:32:91:10:3b:d5:42:5a:8d:78:9d:56:
         d9:8c:b0:61:9d:4e:ee:a5:e7:36:a9:13:5d:67:ef:8f:81:1f:
         ed:93:18:34:02:56:1b:19:b8:b1:24:44:8c:5f:b9:90:3f:66:
         63:85:74:d1:c9:81:1a:a8:88:ee:2a:0c:16:fe:59:63:93:51:
         ac:81:6c:5d
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUWOLpzVK07ifxCqb0NO7vWb1/DaEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDI1MTczODAwWhcNMjUwNTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0AwMTg5ODJlMDdhOTIyZDYyMzFjMjBmNjc4NTFjMmI5NWY3
MjI2NmUwYjJkOTFhZGRlMWNiYjhmMDZhNzhkMjU4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC9WSkNO+xJ0oBfQZk3TCSeUPuF2w5bb0gJsmlXskMX7Qxa
q3LdmB/bPuZr30fLgq2ModfqMIXtYvXeMd97Q/i6V+8VGJ6/frCRGMw8Fb179MPY
IC/07Mo3ejsjkjfV7Lrsmt6z4ydgzohbrLfTJN/pkqHcP0pXOOZGQFm2udc1ldh0
ZkLdw0ZJFzSR202x9JZjOenLMuGSin2KWvi/4U5Z2YvgzEE34IMu07P6I9LgDMBe
1k3IW33RqOgB/AIr8l5+xpO1W6qyqjnEa4O051Fffgt6KFVIhMGCDo2humL9+nqE
dL9DmHTQ1je8QeVomVkcuKZukfMShtEmmUDznRs3AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUDCbRrxzvrYPGSckTLfieanzqUMowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzgyNWJmYjYzLWU2OTEtNDRjMy05MWIxLWVmOWNmZTA3ZWNlMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4HTANBgkqhkiG9w0BAQsFAAOCAQEAHIJ/UHAe0yuf9grIo81qAH09bLVq
M6q09LOW3tnYsTz8p2BsWL0QTKTs44G397FNeFAbGBIIGKgIIO3pRNZeQnfBIc60
kC6xMltQMe8HwsWA13nIIESwY9hvUJD3jOeLU0zPQJYt6nZfpD3RpRd0HHtQ9NPZ
AGUrWA1Sgz2T6nlHnlKyO8/yUrePZcDwEve7mMP+pj5eKy6GkxFNBhYUdFzPfXLN
0C+UACqvznLEnDORoNtmPm0Blm2BrTKREDvVQlqNeJ1W2YywYZ1O7qXnNqkTXWfv
j4Ef7ZMYNAJWGxm4sSREjF+5kD9mY4V00cmBGqiI7ioMFv5ZY5NRrIFsXQ==
-----END CERTIFICATE-----