Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cb7f1187-36a4-49c8-a940-b8a58490830b.roa
File:                     cb7f1187-36a4-49c8-a940-b8a58490830b.roa (raw, json)
Hash identifier:          yjII8b/y+RV2mEu1K1nQBWnFWeZZY6a7VJdU4IKzvLk=
Subject key identifier:   BF:EE:F0:75:5B:E2:F9:D1:BC:30:46:46:E9:33:69:4E:82:2B:1B:67
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5DC5B60A125FCABBE725C4FF48098EED0114C0E5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cb7f1187-36a4-49c8-a940-b8a58490830b.roa
Signing time:             Tue 22 Jul 2025 00:10:30 +0000
ROA not before:           Tue 22 Jul 2025 00:10:30 +0000
ROA not after:            Tue 26 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.162.0.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:c5:b6:0a:12:5f:ca:bb:e7:25:c4:ff:48:09:8e:ed:01:14:c0:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 22 00:10:30 2025 GMT
            Not After : Aug 26 23:59:59 2025 GMT
        Subject: serialNumber=9c507570b70da0a712af499aebf81d54d62eaee8aa920e2b7aaa5820727226da, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:c9:67:c5:0d:cd:c2:0f:04:bc:05:13:26:1c:
                    94:fe:af:c5:02:63:e6:b7:a0:13:bd:e8:cf:22:1b:
                    fe:2c:d2:bd:39:16:1c:81:94:60:9f:04:e2:71:db:
                    92:06:ba:8a:21:67:ad:70:ee:dc:81:43:75:80:b0:
                    3e:b4:c7:5e:7d:bb:51:ca:5d:a8:f5:25:3e:04:83:
                    a1:a3:e5:bf:9d:aa:f7:7d:33:94:e2:d4:09:b4:34:
                    3a:fe:7b:e0:7a:59:c3:b8:cd:b6:21:31:78:f6:d7:
                    60:9c:e8:4b:a2:d1:84:9a:ed:86:41:95:9c:71:66:
                    22:92:cc:1c:77:34:b2:32:80:65:96:9e:eb:80:ee:
                    7d:5a:49:54:5a:31:78:9f:42:e1:2f:6a:aa:1c:59:
                    91:56:22:08:24:d8:aa:bd:8d:bf:8d:c3:7f:be:08:
                    63:56:3f:03:99:9f:44:1c:c7:8d:4f:91:e1:64:63:
                    20:38:6a:10:34:d9:f6:5b:2e:7d:c4:19:de:cf:df:
                    71:94:3c:d9:f9:81:09:7e:4b:2c:62:b5:27:07:87:
                    20:f8:67:01:86:89:55:75:d1:93:38:c4:a0:99:8a:
                    db:e3:e2:34:c8:10:48:a8:7e:10:96:e2:ab:37:27:
                    8b:b9:ec:16:41:33:ce:3d:50:eb:7e:62:dc:07:69:
                    d1:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:EE:F0:75:5B:E2:F9:D1:BC:30:46:46:E9:33:69:4E:82:2B:1B:67
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cb7f1187-36a4-49c8-a940-b8a58490830b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.162.0.0/20

    Signature Algorithm: sha256WithRSAEncryption
         19:cd:6c:b1:1b:e2:40:3a:3c:66:db:55:3a:a0:cf:2d:d5:2b:
         32:12:a6:51:78:5e:a1:9b:4d:1e:2d:7a:3d:b9:5a:4c:28:49:
         ca:13:16:d7:4a:69:bf:81:95:88:2e:21:ff:cb:cc:b7:ac:25:
         c3:50:2b:dd:ea:ef:62:78:10:fd:7d:38:49:f5:f5:5a:78:38:
         e7:38:c3:f6:9e:24:61:8b:a5:b4:59:44:8a:b0:05:81:45:24:
         46:b1:ac:8a:0d:78:80:3b:ed:7e:5c:19:46:b9:94:7c:38:4a:
         6d:1b:07:38:29:fc:05:2b:48:83:ec:88:4b:b8:b0:50:11:fa:
         86:a5:24:74:ae:e4:c1:55:7f:5f:a2:4b:d5:a7:1c:db:59:fe:
         f7:68:1c:45:0d:65:31:37:4f:39:7b:9f:28:cf:a3:34:0a:3f:
         f9:b7:c8:0e:4b:42:13:77:61:11:89:35:41:df:4c:7a:8d:f4:
         43:52:f5:6a:89:a6:03:83:22:23:4c:de:fa:f7:5a:b1:9d:38:
         e5:c5:21:48:f4:95:46:6b:83:dd:e8:75:a4:88:67:ed:48:13:
         20:87:29:87:0b:1b:0a:cf:41:6d:39:82:a6:13:c6:f5:30:42:
         12:de:04:1f:d0:5b:63:74:3a:2b:1d:1c:77:45:68:20:96:f3:
         97:2e:80:5b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXcW2ChJfyrvnJcT/SAmO7QEUwOUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzIyMDAxMDMwWhcNMjUwODI2MjM1OTU5
WjB6MUkwRwYDVQQFE0A5YzUwNzU3MGI3MGRhMGE3MTJhZjQ5OWFlYmY4MWQ1NGQ2
MmVhZWU4YWE5MjBlMmI3YWFhNTgyMDcyNzIyNmRhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC8yWfFDc3CDwS8BRMmHJT+r8UCY+a3oBO96M8iG/4s0r05
FhyBlGCfBOJx25IGuoohZ61w7tyBQ3WAsD60x159u1HKXaj1JT4Eg6Gj5b+dqvd9
M5Ti1Am0NDr+e+B6WcO4zbYhMXj212Cc6Eui0YSa7YZBlZxxZiKSzBx3NLIygGWW
nuuA7n1aSVRaMXifQuEvaqocWZFWIggk2Kq9jb+Nw3++CGNWPwOZn0Qcx41PkeFk
YyA4ahA02fZbLn3EGd7P33GUPNn5gQl+SyxitScHhyD4ZwGGiVV10ZM4xKCZitvj
4jTIEEiofhCW4qs3J4u57BZBM849UOt+YtwHadFFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUv+7wdVvi+dG8MEZG6TNpToIrG2cwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NiN2YxMTg3LTM2YTQtNDljOC1hOTQwLWI4YTU4NDkwODMwYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQNogAwDQYJKoZIhvcNAQELBQADggEBABnNbLEb4kA6PGbbVTqgzy3VKzIS
plF4XqGbTR4tej25WkwoScoTFtdKab+BlYguIf/LzLesJcNQK93q72J4EP19OEn1
9Vp4OOc4w/aeJGGLpbRZRIqwBYFFJEaxrIoNeIA77X5cGUa5lHw4Sm0bBzgp/AUr
SIPsiEu4sFAR+oalJHSu5MFVf1+iS9WnHNtZ/vdoHEUNZTE3Tzl7nyjPozQKP/m3
yA5LQhN3YRGJNUHfTHqN9ENS9WqJpgODIiNM3vr3WrGdOOXFIUj0lUZrg93odaSI
Z+1IEyCHKYcLGwrPQW05gqYTxvUwQhLeBB/QW2N0OisdHHdFaCCW85cugFs=
-----END CERTIFICATE-----