Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ba899484-5882-499b-8b7f-4bcbdb569b44.roa
File:                     ba899484-5882-499b-8b7f-4bcbdb569b44.roa (raw, json)
Hash identifier:          sTO63uf3K0qWEsai1H5E08pCsdMyCAzYDuNaPrsGDNc=
Subject key identifier:   36:63:39:D0:A2:97:FE:F5:AE:A9:76:38:17:61:76:1B:28:9E:77:E8
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7A233C54B08FFFB7BBF9ECE2ABDD04F14D7C561B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ba899484-5882-499b-8b7f-4bcbdb569b44.roa
Signing time:             Tue 17 Jun 2025 00:20:25 +0000
ROA not before:           Tue 17 Jun 2025 00:20:25 +0000
ROA not after:            Tue 22 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        45.57.128.0/17 maxlen: 17
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 20 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:23:3c:54:b0:8f:ff:b7:bb:f9:ec:e2:ab:dd:04:f1:4d:7c:56:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 17 00:20:25 2025 GMT
            Not After : Jul 22 23:59:59 2025 GMT
        Subject: serialNumber=f6e6a03f59ac0f9166e5de1352ea0f5573a84b72e9467392ed5371bf17bb1247, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:05:46:66:37:92:5c:9a:a5:e0:e8:14:8e:35:
                    ca:3a:bc:8e:bb:9b:3f:8a:e0:e7:11:a2:d1:9f:11:
                    dc:70:35:64:cd:f0:50:a4:2a:95:64:89:6b:aa:51:
                    d4:d7:ab:c1:e6:87:88:72:d7:61:9e:0b:64:a6:d9:
                    8e:bc:b2:d6:aa:b8:c3:82:4c:3b:6c:53:17:59:1a:
                    58:f6:05:65:fa:71:52:8c:e5:d2:d3:52:75:2e:34:
                    31:d8:1f:c1:96:f4:73:2b:2a:9b:ab:58:db:f8:1b:
                    83:2d:4c:e6:e3:06:50:a1:bd:52:93:2b:e2:e9:0a:
                    4f:9b:c1:05:4d:c4:11:a1:31:68:62:2a:a3:79:40:
                    a6:91:08:ea:d7:aa:55:43:21:d8:65:d6:4a:af:5d:
                    cb:e6:bb:49:b6:08:23:09:1c:4f:0f:f6:95:65:f5:
                    3c:81:fb:04:e0:a8:b2:63:2d:cd:20:f6:9c:db:5d:
                    7b:15:e7:a3:26:68:68:42:6b:80:84:05:bb:08:e1:
                    68:57:8c:b4:06:0f:57:ab:ce:82:4d:e0:5c:d0:22:
                    e3:f6:d6:0a:71:32:da:7b:2a:74:64:cd:08:5d:9a:
                    65:77:11:61:d7:61:7c:0b:6b:ef:ef:ea:11:ed:88:
                    ec:43:bf:ca:de:cd:44:b4:5b:c5:f7:38:13:48:31:
                    e2:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:63:39:D0:A2:97:FE:F5:AE:A9:76:38:17:61:76:1B:28:9E:77:E8
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ba899484-5882-499b-8b7f-4bcbdb569b44.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.57.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         b1:a0:94:33:72:18:c0:10:c9:e0:07:5a:a1:a3:11:78:4a:0a:
         69:c1:ce:e5:1d:05:d1:79:ed:ff:57:2b:b1:c8:99:95:14:5a:
         3d:8f:b8:27:40:e4:d3:78:54:97:64:5b:68:fd:2c:62:54:ba:
         34:0e:4b:a9:7b:49:40:5a:59:f5:1a:60:98:3e:49:65:3c:43:
         c4:1c:18:18:d2:1c:74:47:b6:0b:27:69:40:a9:59:db:63:2e:
         9e:76:50:88:3d:fc:a5:bf:71:aa:5d:42:f8:0e:6c:d1:43:10:
         50:d7:89:1a:bc:55:8f:e0:cb:bb:a4:b5:f8:d3:ac:fd:8c:5c:
         e2:7c:47:8a:76:d3:c2:cb:4c:2b:4d:78:63:a1:01:91:a0:66:
         49:54:e1:0f:e5:5b:9c:4b:fb:15:1f:35:14:73:cd:1e:1b:3e:
         3c:2b:e3:90:87:9b:d5:0f:f3:75:31:f2:74:40:b1:cf:6b:93:
         05:16:f2:3b:7f:4f:60:c1:be:ad:1e:43:f7:19:08:3d:29:61:
         7c:40:e1:28:b4:29:23:f9:bc:ea:da:a8:49:7b:4c:10:07:76:
         5b:4c:c6:51:63:93:d3:9b:02:7b:fc:dc:7f:01:ca:5b:8c:da:
         7d:7e:eb:1c:c9:77:a2:45:b2:a0:5c:ce:88:6d:16:31:ab:14:
         ee:40:ac:d4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUeiM8VLCP/7e7+eziq90E8U18VhswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjE3MDAyMDI1WhcNMjUwNzIyMjM1OTU5
WjB6MUkwRwYDVQQFE0BmNmU2YTAzZjU5YWMwZjkxNjZlNWRlMTM1MmVhMGY1NTcz
YTg0YjcyZTk0NjczOTJlZDUzNzFiZjE3YmIxMjQ3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/BUZmN5JcmqXg6BSONco6vI67mz+K4OcRotGfEdxwNWTN
8FCkKpVkiWuqUdTXq8Hmh4hy12GeC2Sm2Y68staquMOCTDtsUxdZGlj2BWX6cVKM
5dLTUnUuNDHYH8GW9HMrKpurWNv4G4MtTObjBlChvVKTK+LpCk+bwQVNxBGhMWhi
KqN5QKaRCOrXqlVDIdhl1kqvXcvmu0m2CCMJHE8P9pVl9TyB+wTgqLJjLc0g9pzb
XXsV56MmaGhCa4CEBbsI4WhXjLQGD1erzoJN4FzQIuP21gpxMtp7KnRkzQhdmmV3
EWHXYXwLa+/v6hHtiOxDv8rezUS0W8X3OBNIMeL/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUNmM50KKX/vWuqXY4F2F2Gyied+gwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JhODk5NDg0LTU4ODItNDk5Yi04YjdmLTRiY2JkYjU2OWI0NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBActOYAwDQYJKoZIhvcNAQELBQADggEBALGglDNyGMAQyeAHWqGjEXhKCmnB
zuUdBdF57f9XK7HImZUUWj2PuCdA5NN4VJdkW2j9LGJUujQOS6l7SUBaWfUaYJg+
SWU8Q8QcGBjSHHRHtgsnaUCpWdtjLp52UIg9/KW/capdQvgObNFDEFDXiRq8VY/g
y7uktfjTrP2MXOJ8R4p208LLTCtNeGOhAZGgZklU4Q/lW5xL+xUfNRRzzR4bPjwr
45CHm9UP83Ux8nRAsc9rkwUW8jt/T2DBvq0eQ/cZCD0pYXxA4Si0KSP5vOraqEl7
TBAHdltMxlFjk9ObAnv83H8ByluM2n1+6xzJd6JFsqBczohtFjGrFO5ArNQ=
-----END CERTIFICATE-----