Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0d8bb395-f625-43f1-9791-c1ec39d964a9.roa
File:                     0d8bb395-f625-43f1-9791-c1ec39d964a9.roa (raw, json)
Hash identifier:          veCMPmUF5hRKuwcdtwyn5uTseyRKZMl9/kU+DEXoFZw=
Subject key identifier:   DF:22:74:8C:76:04:86:CB:4A:95:46:03:A0:39:73:82:65:88:6B:E9
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6AC1B79F8B14D8BA7A924CAB9598C0B4A56EE785
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0d8bb395-f625-43f1-9791-c1ec39d964a9.roa
Signing time:             Wed 02 Jul 2025 00:20:34 +0000
ROA not before:           Wed 02 Jul 2025 00:20:34 +0000
ROA not after:            Wed 06 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        125.0.0.0/18 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:c1:b7:9f:8b:14:d8:ba:7a:92:4c:ab:95:98:c0:b4:a5:6e:e7:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  2 00:20:34 2025 GMT
            Not After : Aug  6 23:59:59 2025 GMT
        Subject: serialNumber=59c7d963ba0f5ed4b5703bf6d861f1e11347a84b93e7d9afcbcad9c110119215, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:6e:ca:d2:57:83:0b:bb:2e:e0:68:a2:00:07:
                    42:2e:29:bd:d7:af:4e:b1:b4:6d:d4:1b:c4:b8:66:
                    2d:2f:dd:c7:27:73:e7:82:0d:7e:db:49:84:b7:37:
                    03:84:e2:86:bf:54:24:2b:b1:69:c7:78:7f:a4:39:
                    91:00:6b:f3:c4:ae:98:0b:56:dd:55:c1:4d:04:eb:
                    f0:b5:dc:1a:87:fd:c9:b8:1d:d4:e2:44:b1:35:b3:
                    91:02:0f:2d:3b:18:f8:97:60:87:7c:4c:ab:3b:19:
                    bd:ea:ae:b8:d0:18:da:9f:df:df:ad:b8:1e:53:bb:
                    bb:12:14:50:a3:53:d3:8c:23:ec:d0:f2:eb:4e:22:
                    73:77:b1:b1:ec:2a:09:89:ba:63:28:5c:32:69:a7:
                    74:e5:c1:c1:e3:0c:4d:cc:7d:18:d6:33:05:77:8c:
                    3b:6a:2d:10:4b:15:0c:2f:49:29:27:9d:57:b4:72:
                    08:4c:bd:ae:12:95:df:b8:fd:e8:6a:db:0c:7d:76:
                    3f:74:e6:4e:a4:f3:e4:ff:4a:c3:cf:ab:01:28:08:
                    2a:8a:12:60:60:cb:ae:63:0d:1f:1d:34:30:d9:cf:
                    74:24:c9:04:79:21:aa:ea:a2:f3:09:03:39:07:70:
                    60:09:b8:cb:29:35:39:1a:82:60:a3:9d:48:ff:78:
                    52:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:22:74:8C:76:04:86:CB:4A:95:46:03:A0:39:73:82:65:88:6B:E9
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0d8bb395-f625-43f1-9791-c1ec39d964a9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  125.0.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         b6:70:57:ca:4a:1d:e6:b3:23:cf:5d:df:06:c3:25:03:fb:01:
         37:6c:06:e2:c4:12:a2:ce:99:3d:10:69:39:b6:31:01:6c:09:
         a7:79:fc:49:7b:2d:25:a7:fc:61:cf:2b:7d:a1:e5:b6:db:cb:
         ff:5c:47:63:86:a1:38:87:5a:d9:20:c2:d1:60:53:58:d6:cf:
         55:90:38:be:33:96:80:15:08:6c:19:45:32:0b:3f:d8:51:fc:
         0b:00:1e:fd:9f:6e:0e:c1:1d:f2:67:d4:ae:63:50:9e:31:54:
         ee:12:9c:f0:7e:01:e1:51:f7:9f:c6:a8:bf:9e:17:5b:dc:73:
         11:d8:0b:22:f2:a2:1b:c6:09:54:4f:6f:e5:ef:3a:40:9f:dc:
         66:63:1b:4f:8c:5c:c7:52:98:51:63:52:cb:74:c7:e2:8c:4b:
         aa:18:99:d9:49:d1:ce:c2:d0:46:00:d0:23:05:96:28:5c:3b:
         7a:d4:ca:76:d4:75:18:5c:05:91:d1:ec:e2:b4:c9:32:5b:d0:
         40:59:01:2e:12:5d:b1:27:ef:9d:07:42:30:48:60:98:ab:8f:
         09:b1:18:ae:ae:b4:07:62:31:04:e3:7a:29:be:4c:a1:60:d5:
         f4:67:97:5a:67:15:14:2c:9f:18:d0:f3:1b:27:99:b8:7e:89:
         d3:66:d2:8e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUasG3n4sU2Lp6kkyrlZjAtKVu54UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzAyMDAyMDM0WhcNMjUwODA2MjM1OTU5
WjB6MUkwRwYDVQQFE0A1OWM3ZDk2M2JhMGY1ZWQ0YjU3MDNiZjZkODYxZjFlMTEz
NDdhODRiOTNlN2Q5YWZjYmNhZDljMTEwMTE5MjE1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDXbsrSV4MLuy7gaKIAB0IuKb3Xr06xtG3UG8S4Zi0v3ccn
c+eCDX7bSYS3NwOE4oa/VCQrsWnHeH+kOZEAa/PErpgLVt1VwU0E6/C13BqH/cm4
HdTiRLE1s5ECDy07GPiXYId8TKs7Gb3qrrjQGNqf39+tuB5Tu7sSFFCjU9OMI+zQ
8utOInN3sbHsKgmJumMoXDJpp3TlwcHjDE3MfRjWMwV3jDtqLRBLFQwvSSknnVe0
cghMva4Sld+4/ehq2wx9dj905k6k8+T/SsPPqwEoCCqKEmBgy65jDR8dNDDZz3Qk
yQR5IarqovMJAzkHcGAJuMspNTkagmCjnUj/eFI/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU3yJ0jHYEhstKlUYDoDlzgmWIa+kwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzBkOGJiMzk1LWY2MjUtNDNmMS05NzkxLWMxZWMzOWQ5NjRhOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZ9AAAwDQYJKoZIhvcNAQELBQADggEBALZwV8pKHeazI89d3wbDJQP7ATds
BuLEEqLOmT0QaTm2MQFsCad5/El7LSWn/GHPK32h5bbby/9cR2OGoTiHWtkgwtFg
U1jWz1WQOL4zloAVCGwZRTILP9hR/AsAHv2fbg7BHfJn1K5jUJ4xVO4SnPB+AeFR
95/GqL+eF1vccxHYCyLyohvGCVRPb+XvOkCf3GZjG0+MXMdSmFFjUst0x+KMS6oY
mdlJ0c7C0EYA0CMFlihcO3rUynbUdRhcBZHR7OK0yTJb0EBZAS4SXbEn750HQjBI
YJirjwmxGK6utAdiMQTjeim+TKFg1fRnl1pnFRQsnxjQ8xsnmbh+idNm0o4=
-----END CERTIFICATE-----
Generated at Wed Jul 23 08:15:11 2025 by rpki-client