Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d92cf84d-536c-4213-86c8-c97fdb4209dc.roa
File:                     d92cf84d-536c-4213-86c8-c97fdb4209dc.roa (raw, json)
Hash identifier:          pjBzhsyczD1VWtZegk55C7ds8jXfTdRS4OKLr/kE7xU=
Subject key identifier:   60:2A:83:D5:F4:E2:9E:FC:C4:10:16:D5:0A:BA:91:56:C2:30:F9:10
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5C06E757E18D8461A3AE5AE966FB2BE705840F0A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d92cf84d-536c-4213-86c8-c97fdb4209dc.roa
Signing time:             Sat 14 Jun 2025 00:41:30 +0000
ROA not before:           Sat 14 Jun 2025 00:41:30 +0000
ROA not after:            Sat 19 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        40.194.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:06:e7:57:e1:8d:84:61:a3:ae:5a:e9:66:fb:2b:e7:05:84:0f:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 14 00:41:30 2025 GMT
            Not After : Jul 19 23:59:59 2025 GMT
        Subject: serialNumber=31abeb4dad6c0c1604f48aebbaaf1c69e563dbac19d0e0646f440c2a78e24856, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:51:47:8a:9b:b4:2f:68:b4:6e:a8:a7:0e:93:
                    8e:85:0c:44:f0:7b:5f:62:9f:de:1e:d5:f0:fc:0d:
                    e8:e9:ec:b0:7d:2b:bc:45:46:08:40:9e:9d:8d:59:
                    39:2a:25:fa:64:d4:4e:d8:5b:4b:d4:86:30:b0:92:
                    c9:0f:24:d1:36:95:a3:40:f3:e2:07:dc:1f:73:49:
                    8d:90:ba:17:56:2d:1f:9b:55:fc:2a:ef:3c:6a:2f:
                    02:92:7d:85:9f:99:49:b2:14:0a:26:0a:29:ae:5e:
                    e0:29:7e:60:72:33:f1:29:05:a7:ec:79:50:e3:8d:
                    a7:01:b6:b1:fd:46:df:64:ae:04:a4:57:01:9e:7f:
                    07:fd:84:78:25:6f:3a:5f:b9:7c:b8:ce:f2:3d:20:
                    06:64:95:aa:b8:3e:4b:6b:2d:5b:e8:4d:85:94:85:
                    0c:0e:ac:8f:13:75:b5:9b:1e:69:ec:39:44:84:d9:
                    39:9d:c4:4f:57:1e:f1:94:97:ad:6b:49:e0:69:68:
                    1a:93:f6:17:f3:9f:2a:5c:ea:29:33:4b:d6:43:15:
                    e9:58:30:12:79:93:ba:67:19:ca:d5:ab:ed:56:fb:
                    74:7a:42:09:f6:11:97:61:1f:d8:be:05:8a:c4:b3:
                    cf:a4:f3:74:88:df:71:12:36:b6:80:90:26:c2:01:
                    d0:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:2A:83:D5:F4:E2:9E:FC:C4:10:16:D5:0A:BA:91:56:C2:30:F9:10
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d92cf84d-536c-4213-86c8-c97fdb4209dc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  40.194.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         71:8b:bd:e2:9f:f6:64:c1:af:00:08:27:da:c0:46:6b:d3:ea:
         53:db:3a:82:41:3c:6e:e5:7e:ab:5d:2f:22:43:da:c9:98:d8:
         d5:8d:77:05:cd:00:f1:54:e0:8e:d2:55:48:7e:a4:57:d0:1a:
         b1:ec:8e:1f:09:4a:b8:63:74:45:fa:5b:9a:d7:0e:79:fb:03:
         27:e6:4d:a6:ee:dd:0a:9f:e0:ff:79:77:c2:63:a1:a9:c3:ac:
         9f:b8:c4:94:8e:3b:4a:d3:ee:10:f5:cf:37:3d:c2:5b:9f:fc:
         d2:f4:48:b8:ac:5a:f7:03:84:a8:76:a4:9d:ea:84:43:f8:89:
         f4:eb:b0:0e:a7:a7:45:54:69:d2:9a:d7:ff:e7:9e:d0:a4:c8:
         c4:df:51:b4:87:12:2b:d3:7a:62:c7:81:c3:a7:91:d3:ba:cb:
         a2:59:74:a4:49:50:0e:31:3a:06:00:46:4d:e2:83:d9:1b:2b:
         d0:26:ec:02:f4:0c:22:b2:63:f0:cb:62:14:70:e4:aa:70:d3:
         d3:86:0d:df:06:49:2a:92:0b:01:1f:83:e5:c7:96:73:28:16:
         57:ac:61:a8:1f:2a:db:f8:1f:95:68:3f:2c:53:d5:bc:fb:27:
         92:e5:be:08:af:76:1c:54:75:8a:cf:31:be:2e:48:ff:99:3a:
         0b:38:26:f3
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUXAbnV+GNhGGjrlrpZvsr5wWEDwowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjE0MDA0MTMwWhcNMjUwNzE5MjM1OTU5
WjB6MUkwRwYDVQQFE0AzMWFiZWI0ZGFkNmMwYzE2MDRmNDhhZWJiYWFmMWM2OWU1
NjNkYmFjMTlkMGUwNjQ2ZjQ0MGMyYTc4ZTI0ODU2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCVUUeKm7QvaLRuqKcOk46FDETwe19in94e1fD8Dejp7LB9
K7xFRghAnp2NWTkqJfpk1E7YW0vUhjCwkskPJNE2laNA8+IH3B9zSY2QuhdWLR+b
Vfwq7zxqLwKSfYWfmUmyFAomCimuXuApfmByM/EpBafseVDjjacBtrH9Rt9krgSk
VwGefwf9hHglbzpfuXy4zvI9IAZklaq4PktrLVvoTYWUhQwOrI8TdbWbHmnsOUSE
2TmdxE9XHvGUl61rSeBpaBqT9hfznypc6ikzS9ZDFelYMBJ5k7pnGcrVq+1W+3R6
Qgn2EZdhH9i+BYrEs8+k83SI33ESNraAkCbCAdDVAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUYCqD1fTinvzEEBbVCrqRVsIw+RAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Q5MmNmODRkLTUzNmMtNDIxMy04NmM4LWM5N2ZkYjQyMDlkYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAowjANBgkqhkiG9w0BAQsFAAOCAQEAcYu94p/2ZMGvAAgn2sBGa9PqU9s6
gkE8buV+q10vIkPayZjY1Y13Bc0A8VTgjtJVSH6kV9AaseyOHwlKuGN0RfpbmtcO
efsDJ+ZNpu7dCp/g/3l3wmOhqcOsn7jElI47StPuEPXPNz3CW5/80vRIuKxa9wOE
qHakneqEQ/iJ9OuwDqenRVRp0prX/+ee0KTIxN9RtIcSK9N6YseBw6eR07rLoll0
pElQDjE6BgBGTeKD2Rsr0CbsAvQMIrJj8MtiFHDkqnDT04YN3wZJKpILAR+D5ceW
cygWV6xhqB8q2/gflWg/LFPVvPsnkuW+CK92HFR1is8xvi5I/5k6Czgm8w==
-----END CERTIFICATE-----