Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ccf275ae-7935-4f0a-b4e1-9b0bd0532ac8.roa
File:                     ccf275ae-7935-4f0a-b4e1-9b0bd0532ac8.roa (raw, json)
Hash identifier:          RyePSTE+vrx0ReagkMQEFN+nNDOUjlQj4OgtHBjRdbw=
Subject key identifier:   B3:FD:79:6C:5B:80:1D:0A:D6:53:3C:09:F5:C4:4A:A3:D4:07:B8:7F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       617D3124CB05045DFC53E7D319DD10E1C5B2D4EE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ccf275ae-7935-4f0a-b4e1-9b0bd0532ac8.roa
Signing time:             Mon 04 Aug 2025 17:31:47 +0000
ROA not before:           Mon 04 Aug 2025 17:31:47 +0000
ROA not after:            Mon 08 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        40.176.82.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:7d:31:24:cb:05:04:5d:fc:53:e7:d3:19:dd:10:e1:c5:b2:d4:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  4 17:31:47 2025 GMT
            Not After : Sep  8 23:59:59 2025 GMT
        Subject: serialNumber=a81a34c214ad4491c8cb257968f640cdeeada7a07c788ba24d011cd24733a425, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:4c:ee:c6:be:72:f3:58:e0:d5:2d:d6:81:34:
                    8d:c3:f1:d8:18:03:99:fe:80:b4:91:25:14:92:38:
                    02:83:4d:38:a6:a2:cb:09:9e:1a:15:87:53:90:31:
                    e8:81:7d:58:5d:4b:39:db:d9:b6:d8:a5:5f:7f:80:
                    fd:15:85:30:1a:ed:26:8e:8e:44:f9:ee:e8:15:d7:
                    2c:bd:63:69:2a:57:54:e2:ba:91:38:f9:2e:e8:55:
                    7d:10:99:b1:c3:07:81:b6:b1:23:ae:ba:bc:14:38:
                    c0:cf:0b:4a:0a:bf:7d:13:6d:20:b8:ef:a8:84:91:
                    df:f4:f8:eb:70:ac:32:5d:7e:d6:25:c8:6a:49:d6:
                    ed:78:4c:d5:f5:cc:70:1d:2d:0d:6d:d5:e9:e1:ff:
                    16:39:0a:d8:97:62:b3:6b:05:e6:79:fa:72:51:30:
                    0e:72:87:47:b9:04:46:82:37:2e:bf:7d:ed:80:87:
                    5f:fb:ec:01:0a:40:20:5d:49:81:a1:2e:06:92:df:
                    06:1f:11:9f:50:bb:83:03:db:8a:92:9c:c8:08:1f:
                    18:3d:c8:cb:40:00:7a:e0:6c:f4:d6:c5:8c:fd:33:
                    12:4a:11:0a:e6:6f:c2:ec:7b:00:35:99:ef:f5:78:
                    b9:ea:e9:90:39:b7:64:9f:ba:0d:fc:91:d3:32:74:
                    1f:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:FD:79:6C:5B:80:1D:0A:D6:53:3C:09:F5:C4:4A:A3:D4:07:B8:7F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ccf275ae-7935-4f0a-b4e1-9b0bd0532ac8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  40.176.82.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b6:49:c1:e4:cb:19:6b:ee:a3:63:c2:c3:87:39:d8:8b:1c:55:
         7f:c8:06:4f:4f:cb:a9:4c:98:10:cd:3e:05:55:f5:34:92:74:
         6c:b8:38:a7:c9:64:3a:39:f8:6f:2d:a7:b4:5c:da:91:f8:52:
         68:ea:e1:07:d5:41:ed:7d:cd:01:a0:24:c0:44:ab:17:ee:7c:
         a7:25:93:0f:56:de:f8:4d:12:82:b4:a3:d2:df:4a:50:ce:a4:
         7e:ac:56:99:be:08:3b:19:64:d4:1c:70:84:34:b3:3d:14:b8:
         ee:2f:57:36:fd:66:3e:a2:3d:34:a4:a3:40:e3:7e:8e:34:76:
         9e:f5:40:08:8d:f3:c7:6f:b1:6b:fd:c7:ef:87:f1:f3:fa:9d:
         69:8e:a8:87:45:4f:62:96:c8:7e:1d:57:16:66:9e:62:28:d9:
         c2:04:5d:fb:73:0b:28:cb:ae:33:9e:06:97:ed:42:84:44:14:
         3b:93:62:98:0c:ac:83:90:db:44:05:67:7e:a5:8b:32:24:a3:
         1d:01:da:93:c2:0a:e3:e4:54:7f:af:4e:fd:05:29:59:0f:b7:
         70:9c:30:c1:12:20:d3:8b:fc:c8:bb:11:1c:db:49:29:3a:0e:
         f0:c1:d6:5b:23:53:a0:45:a5:da:6b:de:49:e7:e3:22:d6:ee:
         c4:58:1d:6a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYX0xJMsFBF38U+fTGd0Q4cWy1O4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA0MTczMTQ3WhcNMjUwOTA4MjM1OTU5
WjB6MUkwRwYDVQQFE0BhODFhMzRjMjE0YWQ0NDkxYzhjYjI1Nzk2OGY2NDBjZGVl
YWRhN2EwN2M3ODhiYTI0ZDAxMWNkMjQ3MzNhNDI1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDQTO7GvnLzWODVLdaBNI3D8dgYA5n+gLSRJRSSOAKDTTim
ossJnhoVh1OQMeiBfVhdSznb2bbYpV9/gP0VhTAa7SaOjkT57ugV1yy9Y2kqV1Ti
upE4+S7oVX0QmbHDB4G2sSOuurwUOMDPC0oKv30TbSC476iEkd/0+OtwrDJdftYl
yGpJ1u14TNX1zHAdLQ1t1enh/xY5CtiXYrNrBeZ5+nJRMA5yh0e5BEaCNy6/fe2A
h1/77AEKQCBdSYGhLgaS3wYfEZ9Qu4MD24qSnMgIHxg9yMtAAHrgbPTWxYz9MxJK
EQrmb8LsewA1me/1eLnq6ZA5t2Sfug38kdMydB8xAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUs/15bFuAHQrWUzwJ9cRKo9QHuH8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NjZjI3NWFlLTc5MzUtNGYwYS1iNGUxLTliMGJkMDUzMmFjOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAosFIwDQYJKoZIhvcNAQELBQADggEBALZJweTLGWvuo2PCw4c52IscVX/I
Bk9Py6lMmBDNPgVV9TSSdGy4OKfJZDo5+G8tp7Rc2pH4Umjq4QfVQe19zQGgJMBE
qxfufKclkw9W3vhNEoK0o9LfSlDOpH6sVpm+CDsZZNQccIQ0sz0UuO4vVzb9Zj6i
PTSko0Djfo40dp71QAiN88dvsWv9x++H8fP6nWmOqIdFT2KWyH4dVxZmnmIo2cIE
XftzCyjLrjOeBpftQoREFDuTYpgMrIOQ20QFZ36lizIkox0B2pPCCuPkVH+vTv0F
KVkPt3CcMMESINOL/Mi7ERzbSSk6DvDB1lsjU6BFpdpr3knn4yLW7sRYHWo=
-----END CERTIFICATE-----