Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/44d98916-94ab-49fc-a073-76f25fab61e9.roa
File:                     44d98916-94ab-49fc-a073-76f25fab61e9.roa (raw, json)
Hash identifier:          4FAZeXFPUgKbpuXH0bhxQt8znQpxXHHqRmc+9BBty8Q=
Subject key identifier:   E7:46:3A:A9:97:05:5F:B7:37:67:1B:CE:6C:ED:0F:E4:7D:E9:26:15
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       199F8141E881C2F5A0EBDEA84EF9999728856EC5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/44d98916-94ab-49fc-a073-76f25fab61e9.roa
Signing time:             Fri 18 Jul 2025 00:21:12 +0000
ROA not before:           Fri 18 Jul 2025 00:21:12 +0000
ROA not after:            Fri 22 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        40.220.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:9f:81:41:e8:81:c2:f5:a0:eb:de:a8:4e:f9:99:97:28:85:6e:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 18 00:21:12 2025 GMT
            Not After : Aug 22 23:59:59 2025 GMT
        Subject: serialNumber=8497bd436ea2c4ac7930c48b5910b4585d87c9c10c7d7084ded1b57c09499338, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:26:5a:0d:ef:f2:ed:48:41:e9:44:2c:03:92:
                    f6:07:40:83:ff:57:ef:f8:50:f8:eb:56:b9:25:d4:
                    9c:28:a2:f7:c2:05:b3:23:35:bc:68:ed:b0:01:a4:
                    62:43:04:dc:84:a3:77:b5:11:22:a3:e8:c8:02:99:
                    ad:4d:2f:26:1d:95:ac:20:cf:98:05:81:04:75:2a:
                    db:f7:e3:13:4a:22:7d:90:7f:f5:71:7f:a0:cf:c6:
                    1b:b8:70:49:c2:74:52:6d:14:9f:87:18:bc:7f:03:
                    d1:99:ac:83:fe:bc:5e:dd:5c:47:db:f3:8c:73:18:
                    a6:30:2c:bb:e1:a3:5c:98:17:2d:96:19:c5:5a:97:
                    57:24:d5:eb:54:a7:92:a9:f2:5a:0c:90:e7:a6:73:
                    b9:92:dc:0a:35:55:a5:d6:3f:7b:8a:85:a2:b8:d6:
                    c0:21:5d:0e:ce:2e:ee:d4:3d:82:08:24:4a:bb:88:
                    c1:e3:9d:d5:13:e4:24:a2:74:79:ef:e8:1e:d1:73:
                    f7:de:8a:8a:78:01:70:12:25:1a:f8:91:8d:92:d7:
                    1b:38:28:d9:37:4b:e7:27:99:77:af:60:e5:26:84:
                    08:5f:60:39:f5:6b:85:a8:4c:11:8f:9c:2a:2b:b0:
                    77:59:a3:8c:dd:59:f3:28:7d:10:cf:b9:cc:34:44:
                    02:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:46:3A:A9:97:05:5F:B7:37:67:1B:CE:6C:ED:0F:E4:7D:E9:26:15
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/44d98916-94ab-49fc-a073-76f25fab61e9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  40.220.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         11:6f:0b:83:d0:08:ac:ab:c5:39:8a:35:ab:03:7f:cf:e7:13:
         b4:1b:4c:8d:98:9a:52:bf:2c:c5:6b:55:6a:77:68:51:13:06:
         2e:81:9a:4d:50:f4:b2:11:78:3c:a3:16:38:1e:72:4b:57:57:
         ed:a3:57:12:31:c5:54:0d:89:70:fc:6d:1d:9f:1c:a2:84:8f:
         1f:57:3f:0e:14:78:9f:52:29:ad:7e:4f:b6:bd:d2:4a:6c:0d:
         79:fb:2f:c7:54:f9:b7:e3:51:c3:10:7c:62:1c:b4:cf:c7:2b:
         43:4f:4b:86:d8:a8:b2:27:16:c0:ad:f6:0f:9b:4d:a6:0d:96:
         0c:33:9a:49:df:3e:2b:bb:26:67:7e:01:ae:8d:44:b1:11:44:
         04:92:cf:da:84:f8:ce:ce:79:11:43:5f:32:d5:33:aa:0d:94:
         34:99:f0:17:05:8e:9d:3c:de:0f:62:45:1f:92:18:05:7d:71:
         33:ef:b3:79:21:93:5a:18:fa:35:08:4c:4b:b7:23:19:e0:00:
         4d:86:6d:60:f2:35:b7:96:ad:c9:10:4e:6c:47:72:7b:d8:5f:
         1f:81:d9:16:62:69:f4:9d:b6:f5:5e:81:62:46:11:78:0e:cd:
         ec:83:c3:5e:bb:c7:33:6a:5e:c2:9e:6a:d4:fb:7a:11:a4:08:
         24:eb:af:7e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUGZ+BQeiBwvWg696oTvmZlyiFbsUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzE4MDAyMTEyWhcNMjUwODIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A4NDk3YmQ0MzZlYTJjNGFjNzkzMGM0OGI1OTEwYjQ1ODVk
ODdjOWMxMGM3ZDcwODRkZWQxYjU3YzA5NDk5MzM4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCbJloN7/LtSEHpRCwDkvYHQIP/V+/4UPjrVrkl1JwoovfC
BbMjNbxo7bABpGJDBNyEo3e1ESKj6MgCma1NLyYdlawgz5gFgQR1Ktv34xNKIn2Q
f/Vxf6DPxhu4cEnCdFJtFJ+HGLx/A9GZrIP+vF7dXEfb84xzGKYwLLvho1yYFy2W
GcVal1ck1etUp5Kp8loMkOemc7mS3Ao1VaXWP3uKhaK41sAhXQ7OLu7UPYIIJEq7
iMHjndUT5CSidHnv6B7Rc/feiop4AXASJRr4kY2S1xs4KNk3S+cnmXevYOUmhAhf
YDn1a4WoTBGPnCorsHdZo4zdWfMofRDPucw0RAJ9AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU50Y6qZcFX7c3ZxvObO0P5H3pJhUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQ0ZDk4OTE2LTk0YWItNDlmYy1hMDczLTc2ZjI1ZmFiNjFlOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAo3DANBgkqhkiG9w0BAQsFAAOCAQEAEW8Lg9AIrKvFOYo1qwN/z+cTtBtM
jZiaUr8sxWtVandoURMGLoGaTVD0shF4PKMWOB5yS1dX7aNXEjHFVA2JcPxtHZ8c
ooSPH1c/DhR4n1IprX5Ptr3SSmwNefsvx1T5t+NRwxB8Yhy0z8crQ09LhtiosicW
wK32D5tNpg2WDDOaSd8+K7smZ34Bro1EsRFEBJLP2oT4zs55EUNfMtUzqg2UNJnw
FwWOnTzeD2JFH5IYBX1xM++zeSGTWhj6NQhMS7cjGeAATYZtYPI1t5atyRBObEdy
e9hfH4HZFmJp9J229V6BYkYReA7N7IPDXrvHM2pewp5q1Pt6EaQIJOuvfg==
-----END CERTIFICATE-----
Generated at Tue Jul 22 04:54:45 2025 by rpki-client