Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2c2e6eed-2a69-44c6-8018-21f6905051c9.roa
File:                     2c2e6eed-2a69-44c6-8018-21f6905051c9.roa (raw, json)
Hash identifier:          4uWuCBVYD3UoEUsBwbrjJqYRM+RIOZKMSXwY5lDUUbY=
Subject key identifier:   C6:F4:A4:9E:DF:63:18:46:50:07:FD:B0:FF:F5:FD:E4:5E:5B:A3:EE
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       63D6F4ADCD8268CACB5BAC48C2EC389B526D1D30
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2c2e6eed-2a69-44c6-8018-21f6905051c9.roa
Signing time:             Tue 08 Jul 2025 00:21:03 +0000
ROA not before:           Tue 08 Jul 2025 00:21:03 +0000
ROA not after:            Tue 12 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        107.21.64.0/20 maxlen: 20
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:d6:f4:ad:cd:82:68:ca:cb:5b:ac:48:c2:ec:38:9b:52:6d:1d:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  8 00:21:03 2025 GMT
            Not After : Aug 12 23:59:59 2025 GMT
        Subject: serialNumber=37ab12c8261fa2ca9c54ce9d3117c93023f5d7e3d2d0becb0911cd3f78fd8278, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:3b:0d:c1:e1:4b:94:ff:3c:55:5b:cd:1b:57:
                    b3:50:78:b2:22:5b:a6:86:d8:38:f7:5a:52:2a:61:
                    9c:b8:4f:5a:32:96:71:fc:2f:0e:85:29:f2:7e:14:
                    15:c5:b2:d2:bd:e6:01:ed:8a:41:50:71:57:9e:be:
                    3f:ea:b8:41:d5:18:01:ac:5a:82:9f:4d:d8:88:f0:
                    7e:52:02:3e:43:fa:03:39:1b:4e:d1:3c:86:ce:70:
                    d0:a2:b8:24:19:71:e2:2e:a2:f1:d8:5e:78:cb:2a:
                    01:a5:22:6b:79:5e:50:ed:eb:b3:ed:26:34:2c:fb:
                    a7:c1:a2:16:df:41:74:b1:44:2c:ec:3e:e7:b7:26:
                    c4:9c:48:e6:0c:5d:c2:24:d4:e9:c4:9d:a7:03:f6:
                    4f:5e:4f:a8:23:5d:4d:c3:21:f7:25:ad:4d:9a:1b:
                    3e:4e:a6:c9:ed:e7:4c:9b:58:b9:0f:44:65:ae:a2:
                    bf:bb:f9:a8:96:b5:ee:e5:e4:2a:b5:d5:8d:e7:23:
                    44:05:c0:48:a2:a1:42:28:36:f2:e8:b8:ae:ee:6c:
                    e4:18:c9:5a:33:91:9f:19:f8:40:a4:29:48:db:18:
                    1e:38:e8:36:90:49:37:d5:ca:9c:98:fd:24:c5:de:
                    56:0f:6b:4c:66:fc:75:b1:f5:ad:a9:25:c6:3b:fa:
                    81:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:F4:A4:9E:DF:63:18:46:50:07:FD:B0:FF:F5:FD:E4:5E:5B:A3:EE
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2c2e6eed-2a69-44c6-8018-21f6905051c9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  107.21.64.0/20

    Signature Algorithm: sha256WithRSAEncryption
         41:ca:d5:84:f5:78:4d:91:98:aa:0d:cf:30:d2:28:6f:60:50:
         f8:c9:9e:a0:ff:83:f3:32:e7:c6:a3:f3:99:25:6e:dc:1f:96:
         40:09:ed:f5:2e:cd:1e:a5:1e:17:5f:95:3a:33:8d:81:b3:c0:
         3b:26:5c:a8:0b:58:81:2b:b6:ba:d4:9b:53:5d:c1:7c:91:ce:
         62:c5:5d:96:83:ec:08:2b:b3:13:16:32:95:f9:71:cf:81:02:
         a5:db:44:c2:97:8e:c2:86:f5:f6:11:ad:79:29:ba:e4:5c:b1:
         fd:dd:17:33:f8:80:f6:46:82:65:a6:37:44:ed:bd:cc:3e:b7:
         fa:8d:1e:02:50:12:e3:4e:79:79:f1:7d:ed:87:3c:5d:cd:37:
         07:65:6a:3d:1d:00:4f:85:e5:81:af:55:d1:da:05:0f:c7:b2:
         0c:0d:d5:5f:8d:d8:b9:ff:05:2f:b9:ef:ec:1f:fa:39:96:d7:
         5a:2e:09:36:02:d9:24:fa:10:c2:f6:85:cd:0d:a6:a3:bb:84:
         67:6d:62:ca:85:d0:9d:04:a9:fd:6e:e0:73:3d:73:6e:ca:14:
         79:aa:6b:2b:30:63:b1:da:cb:6a:72:0a:97:95:04:5c:ef:de:
         47:20:70:a8:f4:14:36:97:cf:bf:92:78:4f:87:63:0d:26:69:
         25:74:f1:d2
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUY9b0rc2CaMrLW6xIwuw4m1JtHTAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA4MDAyMTAzWhcNMjUwODEyMjM1OTU5
WjB6MUkwRwYDVQQFE0AzN2FiMTJjODI2MWZhMmNhOWM1NGNlOWQzMTE3YzkzMDIz
ZjVkN2UzZDJkMGJlY2IwOTExY2QzZjc4ZmQ4Mjc4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDEOw3B4UuU/zxVW80bV7NQeLIiW6aG2Dj3WlIqYZy4T1oy
lnH8Lw6FKfJ+FBXFstK95gHtikFQcVeevj/quEHVGAGsWoKfTdiI8H5SAj5D+gM5
G07RPIbOcNCiuCQZceIuovHYXnjLKgGlImt5XlDt67PtJjQs+6fBohbfQXSxRCzs
Pue3JsScSOYMXcIk1OnEnacD9k9eT6gjXU3DIfclrU2aGz5Opsnt50ybWLkPRGWu
or+7+aiWte7l5Cq11Y3nI0QFwEiioUIoNvLouK7ubOQYyVozkZ8Z+ECkKUjbGB44
6DaQSTfVypyY/STF3lYPa0xm/HWx9a2pJcY7+oHZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUxvSknt9jGEZQB/2w//X95F5bo+4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJjMmU2ZWVkLTJhNjktNDRjNi04MDE4LTIxZjY5MDUwNTFjOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBARrFUAwDQYJKoZIhvcNAQELBQADggEBAEHK1YT1eE2RmKoNzzDSKG9gUPjJ
nqD/g/My58aj85klbtwflkAJ7fUuzR6lHhdflTozjYGzwDsmXKgLWIErtrrUm1Nd
wXyRzmLFXZaD7AgrsxMWMpX5cc+BAqXbRMKXjsKG9fYRrXkpuuRcsf3dFzP4gPZG
gmWmN0Ttvcw+t/qNHgJQEuNOeXnxfe2HPF3NNwdlaj0dAE+F5YGvVdHaBQ/HsgwN
1V+N2Ln/BS+57+wf+jmW11ouCTYC2ST6EML2hc0NpqO7hGdtYsqF0J0Eqf1u4HM9
c27KFHmqayswY7Hay2pyCpeVBFzv3kcgcKj0FDaXz7+SeE+HYw0maSV08dI=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:09:35 2025 by rpki-client