Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3737c628-e3b0-419b-8657-cac0cb71b30e.roa
File:                     3737c628-e3b0-419b-8657-cac0cb71b30e.roa (raw, json)
Hash identifier:          HygoENi32EzJJJtJFX/1XxW9Kzvg+1m7yicSeKcs3IU=
Subject key identifier:   DD:66:40:1D:0E:92:6E:DE:66:0E:ED:C1:F3:BD:B3:E4:84:36:9B:42
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5AC8020ED9905134AC4625F7D0E2BA6A3659FA05
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3737c628-e3b0-419b-8657-cac0cb71b30e.roa
Signing time:             Mon 07 Jul 2025 17:30:57 +0000
ROA not before:           Mon 07 Jul 2025 17:30:57 +0000
ROA not after:            Mon 11 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ffd:807f::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 22 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:c8:02:0e:d9:90:51:34:ac:46:25:f7:d0:e2:ba:6a:36:59:fa:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  7 17:30:57 2025 GMT
            Not After : Aug 11 23:59:59 2025 GMT
        Subject: serialNumber=e5f56e1660acf624d4b864d3bf961fde9bdfcaf76a339077ceba39aedf1c0aa4, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:dd:cb:91:22:cb:8e:13:96:3d:b6:5c:30:db:
                    76:9a:15:f8:da:2e:42:83:2b:c3:bb:54:5e:7a:1d:
                    58:9b:94:ce:62:18:73:56:8c:ab:84:28:e5:0c:df:
                    80:49:3b:e0:ec:7a:ba:d5:2d:e7:15:3b:34:1a:3b:
                    eb:8f:7c:7a:b8:fe:e7:e9:7b:b2:47:94:06:71:ea:
                    56:c0:b8:cd:37:f3:26:f8:de:eb:39:7f:89:e6:09:
                    02:93:c2:e2:c2:72:76:33:5d:ad:1c:ed:d7:54:44:
                    03:bf:65:0f:b3:e3:53:36:3d:d2:fb:39:37:f3:5e:
                    82:ed:91:38:c8:ee:3b:32:38:aa:70:e1:ff:49:f2:
                    8c:e4:7d:12:66:06:6a:f5:42:a3:aa:ce:73:e4:9d:
                    c5:89:b6:01:c0:f1:96:38:be:91:18:b9:ad:db:4f:
                    f9:d5:8d:09:88:8e:ad:c1:b1:d4:4d:8d:83:b8:7c:
                    43:55:4c:f3:09:19:e7:dd:ce:41:6f:e7:93:73:c9:
                    ae:08:5e:ea:6d:46:c1:4f:3d:79:2e:b2:6a:6a:87:
                    d5:f7:55:37:9a:27:4c:20:d7:ea:4c:28:4e:94:1b:
                    0d:76:92:dc:d3:d9:09:15:23:b0:cc:b5:7f:8a:49:
                    1d:7e:3f:b6:d2:00:09:56:f1:68:2a:ca:5d:27:5c:
                    f6:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:66:40:1D:0E:92:6E:DE:66:0E:ED:C1:F3:BD:B3:E4:84:36:9B:42
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3737c628-e3b0-419b-8657-cac0cb71b30e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ffd:807f::/48

    Signature Algorithm: sha256WithRSAEncryption
         4f:81:18:11:dd:95:3c:ca:a0:19:21:0d:0d:0c:a5:19:d3:2b:
         e0:51:c2:20:02:4e:36:eb:c2:74:10:16:26:3e:79:f7:de:25:
         5e:2f:b5:9f:be:33:a6:88:5c:c5:b7:a9:16:18:54:75:8c:f3:
         80:af:9f:61:73:90:79:c1:eb:a7:9b:90:ba:05:6f:70:9f:e8:
         a2:86:37:cd:1e:50:71:f3:4a:9b:f6:b0:74:86:a0:1c:f9:f6:
         65:ff:c7:96:d6:ff:2f:3b:96:eb:b4:57:c7:ad:99:49:94:53:
         f7:6d:cc:a9:5a:a2:90:9e:b5:3f:c9:0c:f5:1e:30:95:76:23:
         16:1c:6d:dc:4e:c9:89:99:16:69:b9:80:64:b2:32:04:ca:7e:
         49:c1:4e:00:95:1d:f5:f6:32:bf:f1:e6:4c:ef:4e:3e:cf:30:
         9f:e1:e9:32:fa:f9:3c:a4:7c:78:da:78:b8:aa:ac:86:f2:7a:
         e4:f2:e3:c2:74:7c:2f:77:de:bf:41:b9:1c:21:b7:31:6d:c9:
         be:f9:25:11:8e:e0:29:8c:0d:75:7e:e3:fd:06:11:18:26:3b:
         95:d7:f3:69:43:5c:03:35:0d:05:95:1b:fb:f3:57:aa:d7:8e:
         99:d1:a7:57:e4:5f:b8:8f:7b:0b:2f:5f:3b:dc:4d:7a:50:05:
         05:7a:ce:57
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUWsgCDtmQUTSsRiX30OK6ajZZ+gUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA3MTczMDU3WhcNMjUwODExMjM1OTU5
WjB6MUkwRwYDVQQFE0BlNWY1NmUxNjYwYWNmNjI0ZDRiODY0ZDNiZjk2MWZkZTli
ZGZjYWY3NmEzMzkwNzdjZWJhMzlhZWRmMWMwYWE0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCW3cuRIsuOE5Y9tlww23aaFfjaLkKDK8O7VF56HViblM5i
GHNWjKuEKOUM34BJO+DserrVLecVOzQaO+uPfHq4/ufpe7JHlAZx6lbAuM038yb4
3us5f4nmCQKTwuLCcnYzXa0c7ddURAO/ZQ+z41M2PdL7OTfzXoLtkTjI7jsyOKpw
4f9J8ozkfRJmBmr1QqOqznPkncWJtgHA8ZY4vpEYua3bT/nVjQmIjq3BsdRNjYO4
fENVTPMJGefdzkFv55Nzya4IXuptRsFPPXkusmpqh9X3VTeaJ0wg1+pMKE6UGw12
ktzT2QkVI7DMtX+KSR1+P7bSAAlW8Wgqyl0nXPY9AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU3WZAHQ6Sbt5mDu3B872z5IQ2m0IwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM3MzdjNjI4LWUzYjAtNDE5Yi04NjU3LWNhYzBjYjcxYjMwZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB/9gH8wDQYJKoZIhvcNAQELBQADggEBAE+BGBHdlTzKoBkhDQ0MpRnT
K+BRwiACTjbrwnQQFiY+effeJV4vtZ++M6aIXMW3qRYYVHWM84Cvn2FzkHnB66eb
kLoFb3Cf6KKGN80eUHHzSpv2sHSGoBz59mX/x5bW/y87luu0V8etmUmUU/dtzKla
opCetT/JDPUeMJV2IxYcbdxOyYmZFmm5gGSyMgTKfknBTgCVHfX2Mr/x5kzvTj7P
MJ/h6TL6+TykfHjaeLiqrIbyeuTy48J0fC933r9BuRwhtzFtyb75JRGO4CmMDXV+
4/0GERgmO5XX82lDXAM1DQWVG/vzV6rXjpnRp1fkX7iPewsvXzvcTXpQBQV6zlc=
-----END CERTIFICATE-----
Generated at Mon Jul 21 18:13:15 2025 by rpki-client