Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d181e350-1226-42f9-93e7-b1c693e77fc7.roa
File:                     d181e350-1226-42f9-93e7-b1c693e77fc7.roa (raw, json)
Hash identifier:          ksZtZXHd7N8xQ1Blx7EzE67lPEguGuR3iVFdOPImTcw=
Subject key identifier:   14:83:24:DC:1E:D1:4D:17:F2:DC:04:18:0D:5F:70:36:97:FE:E8:21
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2CBB9E2B30ABE4CBFC5DEE7C96EF34106421D947
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d181e350-1226-42f9-93e7-b1c693e77fc7.roa
Signing time:             Tue 22 Jul 2025 15:01:27 +0000
ROA not before:           Tue 22 Jul 2025 15:01:27 +0000
ROA not after:            Tue 26 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        50.19.0.0/17 maxlen: 17
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:bb:9e:2b:30:ab:e4:cb:fc:5d:ee:7c:96:ef:34:10:64:21:d9:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 22 15:01:27 2025 GMT
            Not After : Aug 26 23:59:59 2025 GMT
        Subject: serialNumber=6633ee4279a84ce6728e4b0265560705b1235a178385094a027fda6f6edefc78, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:5e:80:58:aa:42:a9:ea:ba:01:46:ce:fd:07:
                    70:a5:98:6a:bf:a2:7d:c2:b2:0f:64:2f:d5:8a:8c:
                    5e:8d:3d:4a:0a:71:96:ab:a6:0d:18:18:38:32:46:
                    d8:d2:39:55:13:b4:c9:65:d5:9b:81:d3:15:2b:ac:
                    f3:48:37:e9:60:98:49:06:cd:70:6b:ab:9a:9e:14:
                    78:48:1c:44:31:5d:52:44:53:52:a9:7b:97:f4:c9:
                    58:a1:7d:98:87:dd:01:33:d5:19:35:a8:b7:e3:7c:
                    f2:68:3b:38:37:3c:d3:45:d1:d8:0a:f0:25:9e:46:
                    c7:d2:3d:d1:5a:3b:24:ff:5b:87:8b:d1:2d:6e:fd:
                    8d:d9:08:53:7a:30:b9:1d:e7:f6:5d:af:ed:32:54:
                    74:54:61:bf:da:33:cb:bf:79:3e:9f:be:9c:37:14:
                    6e:7a:02:37:90:1b:7d:6f:40:6d:9f:ab:d9:21:66:
                    f8:c1:0a:ae:37:f2:a6:66:c0:5f:67:14:9c:cc:5a:
                    d9:85:7f:cd:e8:6a:e2:91:af:0a:a4:44:b0:a9:5f:
                    97:06:81:7f:35:59:7f:ee:14:1b:af:c4:61:f0:b6:
                    f0:9c:75:ed:98:cd:3d:f3:7e:53:4c:9c:7d:ee:4c:
                    9a:9b:3e:6a:ba:24:17:17:87:ef:4c:54:5b:e8:3d:
                    94:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:83:24:DC:1E:D1:4D:17:F2:DC:04:18:0D:5F:70:36:97:FE:E8:21
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d181e350-1226-42f9-93e7-b1c693e77fc7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  50.19.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         87:b8:d0:ac:97:a8:3e:46:8c:9a:2b:20:7c:c4:70:17:d5:15:
         80:60:40:98:16:1e:9f:62:76:51:24:c9:41:5a:ec:9c:be:c0:
         36:78:5b:e4:f0:2d:63:0c:3e:67:a1:c3:e0:1c:43:c8:fa:39:
         f4:ee:44:62:fe:61:d4:34:a0:4f:13:4a:17:11:8c:73:06:ef:
         f8:0d:f4:b6:27:6f:21:5c:aa:4f:f4:43:f8:15:53:04:22:2e:
         b4:11:b3:06:3d:69:a3:f5:7c:71:56:20:df:ae:64:40:b3:b8:
         dd:88:4a:73:d4:90:df:58:9e:ff:68:cd:ac:85:f0:fa:76:be:
         64:38:77:e4:d1:bd:f1:dc:11:11:eb:1f:07:fc:a0:c7:48:2e:
         32:f8:41:8e:e3:f1:a5:76:08:41:25:77:f0:31:f7:6d:6c:c9:
         b8:6c:be:8c:52:67:08:57:43:81:2c:c6:57:7e:c8:26:ce:f1:
         67:46:2b:3b:ec:11:6b:75:e4:df:76:12:ee:34:87:da:0d:ab:
         94:42:41:9c:77:d8:7d:57:e9:fe:11:56:1a:88:cd:81:e8:61:
         55:9c:e5:f6:1a:96:b7:cd:c6:a2:6a:01:03:5f:6d:7c:89:ed:
         ff:38:1d:c2:3f:54:a6:c2:de:48:0e:3c:22:09:61:b3:e1:e2:
         0f:90:6e:d3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULLueKzCr5Mv8Xe58lu80EGQh2UcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzIyMTUwMTI3WhcNMjUwODI2MjM1OTU5
WjB6MUkwRwYDVQQFE0A2NjMzZWU0Mjc5YTg0Y2U2NzI4ZTRiMDI2NTU2MDcwNWIx
MjM1YTE3ODM4NTA5NGEwMjdmZGE2ZjZlZGVmYzc4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvXoBYqkKp6roBRs79B3ClmGq/on3Csg9kL9WKjF6NPUoK
cZarpg0YGDgyRtjSOVUTtMll1ZuB0xUrrPNIN+lgmEkGzXBrq5qeFHhIHEQxXVJE
U1Kpe5f0yVihfZiH3QEz1Rk1qLfjfPJoOzg3PNNF0dgK8CWeRsfSPdFaOyT/W4eL
0S1u/Y3ZCFN6MLkd5/Zdr+0yVHRUYb/aM8u/eT6fvpw3FG56AjeQG31vQG2fq9kh
ZvjBCq438qZmwF9nFJzMWtmFf83oauKRrwqkRLCpX5cGgX81WX/uFBuvxGHwtvCc
de2YzT3zflNMnH3uTJqbPmq6JBcXh+9MVFvoPZT9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUFIMk3B7RTRfy3AQYDV9wNpf+6CEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2QxODFlMzUwLTEyMjYtNDJmOS05M2U3LWIxYzY5M2U3N2ZjNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAcyEwAwDQYJKoZIhvcNAQELBQADggEBAIe40KyXqD5GjJorIHzEcBfVFYBg
QJgWHp9idlEkyUFa7Jy+wDZ4W+TwLWMMPmehw+AcQ8j6OfTuRGL+YdQ0oE8TShcR
jHMG7/gN9LYnbyFcqk/0Q/gVUwQiLrQRswY9aaP1fHFWIN+uZECzuN2ISnPUkN9Y
nv9ozayF8Pp2vmQ4d+TRvfHcERHrHwf8oMdILjL4QY7j8aV2CEEld/Ax921sybhs
voxSZwhXQ4Esxld+yCbO8WdGKzvsEWt15N92Eu40h9oNq5RCQZx32H1X6f4RVhqI
zYHoYVWc5fYalrfNxqJqAQNfbXyJ7f84HcI/VKbC3kgOPCIJYbPh4g+QbtM=
-----END CERTIFICATE-----