Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d79f801b-3499-4a1e-bd4a-c93dc95bbbab.roa
File:                     d79f801b-3499-4a1e-bd4a-c93dc95bbbab.roa (raw, json)
Hash identifier:          C0Y8d+HAyuG1fGpEQvWPCroddbo/sBPk4y/JLTPNTbM=
Subject key identifier:   EE:91:C3:2B:5D:FA:C9:92:5F:BB:06:D0:60:6E:4F:06:07:CF:71:A3
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6F07ED5DDE13D9AF186BEC9C828216D9334E8759
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d79f801b-3499-4a1e-bd4a-c93dc95bbbab.roa
Signing time:             Sat 02 Aug 2025 00:31:49 +0000
ROA not before:           Sat 02 Aug 2025 00:31:49 +0000
ROA not after:            Sat 06 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.107.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6f:07:ed:5d:de:13:d9:af:18:6b:ec:9c:82:82:16:d9:33:4e:87:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  2 00:31:49 2025 GMT
            Not After : Sep  6 23:59:59 2025 GMT
        Subject: serialNumber=ed58d6a8229d9318aef025e95bd91a76e03d36e2711c01a3cfc95a79adfb4a16, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:ab:1b:be:08:fc:34:80:a7:16:da:70:01:4e:
                    91:c8:21:c3:c0:6c:ee:00:09:c0:b0:6c:7f:8a:44:
                    fe:25:b1:cf:71:ba:30:d0:3c:29:94:b3:dd:43:e5:
                    3e:f9:cd:e9:28:63:5c:53:64:6c:af:35:bb:12:ce:
                    26:83:e7:20:ad:06:26:36:05:f8:c1:1a:c7:ec:30:
                    ac:0c:aa:e1:de:8c:57:18:1f:97:04:86:d9:16:78:
                    bc:5d:d6:41:44:32:f1:de:71:17:4b:fd:fc:69:29:
                    89:c2:08:80:a8:f9:2e:ac:ff:1e:99:08:0f:94:89:
                    55:b7:5f:8e:41:2c:da:a4:1e:78:04:9b:40:4d:5b:
                    fc:5d:8f:aa:34:84:0c:11:a2:07:9e:6b:01:33:30:
                    a7:18:18:8c:be:e2:38:19:27:53:48:c9:39:b2:3d:
                    8d:bf:5b:88:9e:a4:2d:30:83:fc:0e:61:3e:44:a7:
                    2f:ca:1f:5f:86:48:0b:e0:65:b6:0f:a2:4b:36:7e:
                    ec:aa:26:0d:4d:1d:43:18:6d:70:e7:bc:d1:6f:90:
                    56:b1:bf:00:0c:eb:ff:96:0c:a3:2d:3a:30:98:3d:
                    82:4b:44:7c:86:c0:50:3a:e3:75:ce:60:3e:7b:5b:
                    80:d0:b8:a1:d5:82:af:a3:ed:c9:89:dc:82:00:2b:
                    02:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:91:C3:2B:5D:FA:C9:92:5F:BB:06:D0:60:6E:4F:06:07:CF:71:A3
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d79f801b-3499-4a1e-bd4a-c93dc95bbbab.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.107.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         9e:47:56:ce:27:f7:cb:93:d9:9e:46:88:aa:6d:41:55:e1:4f:
         17:22:c5:95:53:34:57:00:4b:00:8f:10:84:03:ad:c9:1d:03:
         f1:d0:95:1c:ce:ae:01:92:1d:8a:86:87:81:c7:9d:d6:6d:65:
         6e:b0:f4:7f:20:0e:6a:2b:d1:c3:38:28:4b:07:eb:6a:26:42:
         0d:f7:4a:90:17:18:b0:61:95:d6:8e:20:5a:df:11:d6:73:1c:
         71:e5:10:e7:24:15:d1:7b:2e:43:3d:49:bd:31:07:25:02:29:
         cc:7d:21:a1:7b:52:03:2b:4a:1c:1f:a5:b7:9d:24:4a:63:23:
         98:91:d9:0e:c1:28:99:b1:15:8d:ac:b7:36:dc:3e:db:bd:f8:
         9e:0b:ce:ed:d5:9d:41:47:a1:f8:34:a3:fc:1a:a1:a3:e4:2b:
         09:db:d0:07:58:7e:76:44:85:59:89:d4:73:7d:83:75:0a:0f:
         12:be:2c:50:db:cc:7f:67:32:c0:5a:35:71:24:51:c4:72:6b:
         b8:e5:4b:58:52:1b:bf:a4:8a:af:0e:8f:e4:3e:e2:e3:09:3c:
         5a:ef:3e:fd:7b:e8:d4:1f:29:dc:35:83:47:9e:d8:b9:bf:72:
         cd:e2:a0:c4:90:bd:35:c2:3f:71:d6:e9:32:5a:1f:60:d3:70:
         75:d8:50:76
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUbwftXd4T2a8Ya+ycgoIW2TNOh1kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODAyMDAzMTQ5WhcNMjUwOTA2MjM1OTU5
WjB6MUkwRwYDVQQFE0BlZDU4ZDZhODIyOWQ5MzE4YWVmMDI1ZTk1YmQ5MWE3NmUw
M2QzNmUyNzExYzAxYTNjZmM5NWE3OWFkZmI0YTE2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDiqxu+CPw0gKcW2nABTpHIIcPAbO4ACcCwbH+KRP4lsc9x
ujDQPCmUs91D5T75zekoY1xTZGyvNbsSziaD5yCtBiY2BfjBGsfsMKwMquHejFcY
H5cEhtkWeLxd1kFEMvHecRdL/fxpKYnCCICo+S6s/x6ZCA+UiVW3X45BLNqkHngE
m0BNW/xdj6o0hAwRogeeawEzMKcYGIy+4jgZJ1NIyTmyPY2/W4iepC0wg/wOYT5E
py/KH1+GSAvgZbYPoks2fuyqJg1NHUMYbXDnvNFvkFaxvwAM6/+WDKMtOjCYPYJL
RHyGwFA643XOYD57W4DQuKHVgq+j7cmJ3IIAKwJRAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU7pHDK136yZJfuwbQYG5PBgfPcaMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Q3OWY4MDFiLTM0OTktNGExZS1iZDRhLWM5M2RjOTViYmJhYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQazANBgkqhkiG9w0BAQsFAAOCAQEAnkdWzif3y5PZnkaIqm1BVeFPFyLF
lVM0VwBLAI8QhAOtyR0D8dCVHM6uAZIdioaHgced1m1lbrD0fyAOaivRwzgoSwfr
aiZCDfdKkBcYsGGV1o4gWt8R1nMcceUQ5yQV0XsuQz1JvTEHJQIpzH0hoXtSAytK
HB+lt50kSmMjmJHZDsEombEVjay3Ntw+2734ngvO7dWdQUeh+DSj/Bqho+QrCdvQ
B1h+dkSFWYnUc32DdQoPEr4sUNvMf2cywFo1cSRRxHJruOVLWFIbv6SKrw6P5D7i
4wk8Wu8+/Xvo1B8p3DWDR57Yub9yzeKgxJC9NcI/cdbpMlofYNNwddhQdg==
-----END CERTIFICATE-----