Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/17428170-47b5-40b1-8882-bb95915d3ed7.roa
File:                     17428170-47b5-40b1-8882-bb95915d3ed7.roa (raw, json)
Hash identifier:          Lanm14F0kY2uCFfYZ6oEo3keqziP0FATp9cdFAEdoKg=
Subject key identifier:   19:F4:C5:E2:C5:6A:70:52:A9:30:FB:E7:8D:B6:07:D3:69:1E:96:3C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4D9EC8271CB57650F587343610AC0745FCB9956A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/17428170-47b5-40b1-8882-bb95915d3ed7.roa
Signing time:             Fri 25 Jul 2025 00:20:18 +0000
ROA not before:           Fri 25 Jul 2025 00:20:18 +0000
ROA not after:            Fri 29 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        66.109.64.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 26 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:9e:c8:27:1c:b5:76:50:f5:87:34:36:10:ac:07:45:fc:b9:95:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 25 00:20:18 2025 GMT
            Not After : Aug 29 23:59:59 2025 GMT
        Subject: serialNumber=350a705fc7b7f6300a82e101ca79015d486dd291220bfef8788da3af89563f95, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:46:c0:10:ff:18:6f:39:eb:99:24:ee:6f:33:
                    48:66:28:75:89:b3:3a:9f:52:0a:a1:14:e3:ae:45:
                    99:17:78:fa:b9:cc:1f:f4:06:0e:68:ce:6c:b0:03:
                    b5:4a:e6:21:b6:e8:d3:55:e5:a9:c1:03:45:5e:2f:
                    07:e6:ad:70:a3:b3:ac:07:ac:cb:a5:c8:b6:94:de:
                    c3:b7:a1:0f:93:31:94:0c:a2:95:e1:98:06:4f:54:
                    c3:e8:9a:97:00:48:a4:6f:e7:b7:81:92:9a:96:3b:
                    c3:9b:16:6f:43:ed:fe:fe:c3:58:3d:21:e0:54:21:
                    d7:97:65:da:3d:f2:39:3b:83:d1:fd:a8:00:76:c8:
                    f2:62:e7:ff:b8:33:1e:a1:84:fd:d4:c3:c3:c3:01:
                    0e:8e:f2:f5:05:8c:13:89:93:d3:89:f8:b3:5a:ae:
                    97:a1:f1:a6:79:0f:24:fb:47:4a:b2:ea:03:f5:3e:
                    d4:94:ef:e5:22:a5:d2:8a:f2:6a:dc:a6:9e:13:23:
                    6a:5f:af:f5:32:74:22:25:62:79:c9:37:d0:5a:70:
                    6a:23:a2:dd:d9:e0:a1:9f:b3:cb:a0:36:f6:ef:ee:
                    5b:e6:63:ff:1e:a8:90:9f:c3:a1:88:92:1b:6a:d3:
                    5c:e2:51:3b:3d:75:95:ce:b7:d5:21:76:6d:a0:92:
                    5b:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:F4:C5:E2:C5:6A:70:52:A9:30:FB:E7:8D:B6:07:D3:69:1E:96:3C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/17428170-47b5-40b1-8882-bb95915d3ed7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.109.64.0/20

    Signature Algorithm: sha256WithRSAEncryption
         d5:23:e7:cd:b3:d0:f6:d3:a6:23:a9:e0:db:29:1d:60:70:75:
         6c:09:e5:ce:70:6f:c3:6c:1e:f3:cb:23:d5:7f:79:e4:72:bb:
         d4:d6:3a:26:30:97:e3:01:40:90:75:4d:0d:ed:55:fa:a8:17:
         a5:dc:d2:07:28:3b:f7:fb:64:54:29:84:3c:68:3a:e8:fe:84:
         8e:2e:29:e3:6d:b6:3d:8a:30:8a:26:51:47:85:c5:1a:5e:bf:
         fb:83:57:9f:b8:a7:81:1f:b6:b1:0e:52:24:55:78:75:18:ee:
         c4:04:29:52:6f:9d:7b:bf:35:5a:a8:bc:10:4f:05:6e:29:4c:
         68:6e:37:23:e4:32:ce:ff:d0:2c:ef:b3:6a:c4:b3:16:87:12:
         0d:65:5b:a1:c4:fa:99:a1:f8:23:9e:57:a9:7a:3d:ae:01:93:
         20:58:e1:da:e4:0c:69:5a:3e:ce:1a:5d:29:e0:7b:b2:65:35:
         b6:09:32:06:53:d3:21:f2:54:02:e6:03:1c:66:6f:57:46:d7:
         46:3c:c1:a4:9a:3d:15:fd:c7:2f:80:49:5f:c9:ef:9a:a9:73:
         d5:1e:22:a8:b8:fb:30:1f:f3:64:e9:d0:c2:c3:e9:f3:d4:56:
         bf:fe:a2:fe:25:34:bf:d1:e7:e4:2d:35:2c:d5:15:ea:4f:9b:
         7c:3f:61:65
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTZ7IJxy1dlD1hzQ2EKwHRfy5lWowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzI1MDAyMDE4WhcNMjUwODI5MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNTBhNzA1ZmM3YjdmNjMwMGE4MmUxMDFjYTc5MDE1ZDQ4
NmRkMjkxMjIwYmZlZjg3ODhkYTNhZjg5NTYzZjk1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDHRsAQ/xhvOeuZJO5vM0hmKHWJszqfUgqhFOOuRZkXePq5
zB/0Bg5ozmywA7VK5iG26NNV5anBA0VeLwfmrXCjs6wHrMulyLaU3sO3oQ+TMZQM
opXhmAZPVMPompcASKRv57eBkpqWO8ObFm9D7f7+w1g9IeBUIdeXZdo98jk7g9H9
qAB2yPJi5/+4Mx6hhP3Uw8PDAQ6O8vUFjBOJk9OJ+LNarpeh8aZ5DyT7R0qy6gP1
PtSU7+UipdKK8mrcpp4TI2pfr/UydCIlYnnJN9BacGojot3Z4KGfs8ugNvbv7lvm
Y/8eqJCfw6GIkhtq01ziUTs9dZXOt9Uhdm2gkltLAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUGfTF4sVqcFKpMPvnjbYH02keljwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE3NDI4MTcwLTQ3YjUtNDBiMS04ODgyLWJiOTU5MTVkM2VkNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBARCbUAwDQYJKoZIhvcNAQELBQADggEBANUj582z0PbTpiOp4NspHWBwdWwJ
5c5wb8NsHvPLI9V/eeRyu9TWOiYwl+MBQJB1TQ3tVfqoF6Xc0gcoO/f7ZFQphDxo
Ouj+hI4uKeNttj2KMIomUUeFxRpev/uDV5+4p4EftrEOUiRVeHUY7sQEKVJvnXu/
NVqovBBPBW4pTGhuNyPkMs7/0Czvs2rEsxaHEg1lW6HE+pmh+COeV6l6Pa4BkyBY
4drkDGlaPs4aXSnge7JlNbYJMgZT0yHyVALmAxxmb1dG10Y8waSaPRX9xy+ASV/J
75qpc9UeIqi4+zAf82Tp0MLD6fPUVr/+ov4lNL/R5+QtNSzVFepPm3w/YWU=
-----END CERTIFICATE-----
Generated at Fri Jul 25 13:23:26 2025 by rpki-client