Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7a06b439-ac99-416a-876d-39e54e97d865.roa
File:                     7a06b439-ac99-416a-876d-39e54e97d865.roa (raw, json)
Hash identifier:          w1ZGuDWIGqG9HPTFfHQX/MiM+ATTkCUF1KRl1MFYynw=
Subject key identifier:   B1:2A:E7:E8:31:98:9E:7E:50:B5:DB:AD:54:AE:2C:9E:8A:DC:51:DE
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1224F72D94846D2A1B7A3742BE629A83C06E0F98
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7a06b439-ac99-416a-876d-39e54e97d865.roa
Signing time:             Fri 11 Jul 2025 00:21:40 +0000
ROA not before:           Fri 11 Jul 2025 00:21:40 +0000
ROA not after:            Fri 15 Aug 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2600:1fed:5000::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:24:f7:2d:94:84:6d:2a:1b:7a:37:42:be:62:9a:83:c0:6e:0f:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 11 00:21:40 2025 GMT
            Not After : Aug 15 23:59:59 2025 GMT
        Subject: serialNumber=9e3d70229fdae3fb98fa5a3985401f1cc50840e42cd8cad500e02a1bc95a25e3, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:49:7b:bf:fd:f7:8a:dc:9b:2c:d6:26:40:da:
                    95:47:d7:ca:80:ac:65:56:be:97:a3:20:ae:51:49:
                    d1:99:29:83:24:42:09:01:b4:cf:09:d4:16:72:1b:
                    9a:4d:61:86:40:51:e6:70:54:2a:ae:c4:8d:67:91:
                    a9:5e:e9:87:77:84:4d:0c:db:46:23:a8:c4:24:60:
                    90:01:f9:a4:85:12:86:d3:dd:ad:c9:8e:53:85:9a:
                    5b:be:e1:43:35:5e:05:4c:02:ae:77:5a:0c:73:cb:
                    5f:b5:1f:98:10:26:4e:48:08:06:ed:63:69:75:a7:
                    d0:b1:f4:2a:e2:ba:6d:4f:f2:e0:0f:b5:df:05:a4:
                    3d:85:b7:2b:7e:e0:b1:83:5b:28:c5:f0:d3:8f:97:
                    5a:34:4e:7f:4a:6d:c5:24:4a:cb:38:d8:6a:6d:70:
                    b8:b2:d8:40:78:f9:ea:3b:e4:b9:a7:37:cc:81:e7:
                    af:ad:f1:de:38:ba:e4:ec:30:76:94:bf:4e:56:b1:
                    39:dd:99:ac:29:32:22:b5:4c:af:50:cf:8d:6d:1f:
                    87:9c:cf:1d:e6:2f:03:d1:d0:b8:92:98:c0:a3:3c:
                    38:ed:e9:33:44:b0:54:e4:79:e0:5c:ea:50:37:9e:
                    af:b0:90:94:f9:02:3e:ce:dc:37:a6:f7:77:6e:db:
                    c5:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:2A:E7:E8:31:98:9E:7E:50:B5:DB:AD:54:AE:2C:9E:8A:DC:51:DE
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7a06b439-ac99-416a-876d-39e54e97d865.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fed:5000::/40

    Signature Algorithm: sha256WithRSAEncryption
         8d:70:7d:c3:36:db:bf:e3:90:eb:71:94:80:da:ad:f7:92:1b:
         80:22:5d:09:58:f1:0b:0c:0d:96:5b:84:77:7f:5c:67:cc:34:
         76:87:04:74:82:5e:e2:32:7e:af:1a:b4:15:0e:d0:68:21:e4:
         5c:2a:60:48:d1:05:f5:d4:55:1b:54:de:df:1b:38:c2:99:7d:
         0f:1b:53:b4:17:18:60:65:ff:50:98:a1:2f:50:31:a2:8e:18:
         7e:27:d6:87:0c:ab:fe:e6:6b:82:0a:1e:aa:64:a4:7a:a6:3a:
         c2:84:99:e6:82:17:b9:4d:2d:58:02:cc:f9:14:8b:0d:0a:ad:
         48:34:14:15:b0:e2:ea:b2:5b:85:af:ff:19:9e:45:39:da:a5:
         9f:8e:4f:f7:64:0c:96:b4:b8:87:01:3a:52:20:ea:0e:6e:6d:
         84:86:06:0c:75:79:9c:e2:a4:99:f1:9d:a2:62:9c:2c:6b:e1:
         07:7f:c7:65:04:cb:39:8a:6b:64:6f:7e:81:d1:fc:f3:7c:7c:
         07:a9:d1:5f:6d:d0:94:82:9e:2f:04:75:c1:a7:7a:42:05:14:
         64:bd:bf:a1:e2:7a:00:ec:cf:78:11:a8:5b:0a:8b:c5:71:20:
         eb:02:59:ca:95:6f:16:07:36:35:32:25:0d:a4:3e:36:e6:d2:
         e6:0b:fb:52
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUEiT3LZSEbSobejdCvmKag8BuD5gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzExMDAyMTQwWhcNMjUwODE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZTNkNzAyMjlmZGFlM2ZiOThmYTVhMzk4NTQwMWYxY2M1
MDg0MGU0MmNkOGNhZDUwMGUwMmExYmM5NWEyNWUzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDaSXu//feK3Jss1iZA2pVH18qArGVWvpejIK5RSdGZKYMk
QgkBtM8J1BZyG5pNYYZAUeZwVCquxI1nkale6Yd3hE0M20YjqMQkYJAB+aSFEobT
3a3JjlOFmlu+4UM1XgVMAq53Wgxzy1+1H5gQJk5ICAbtY2l1p9Cx9Crium1P8uAP
td8FpD2Ftyt+4LGDWyjF8NOPl1o0Tn9KbcUkSss42GptcLiy2EB4+eo75LmnN8yB
56+t8d44uuTsMHaUv05WsTndmawpMiK1TK9Qz41tH4eczx3mLwPR0LiSmMCjPDjt
6TNEsFTkeeBc6lA3nq+wkJT5Aj7O3Dem93du28WHAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUsSrn6DGYnn5QtdutVK4snorcUd4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdhMDZiNDM5LWFjOTktNDE2YS04NzZkLTM5ZTU0ZTk3ZDg2NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/tUDANBgkqhkiG9w0BAQsFAAOCAQEAjXB9wzbbv+OQ63GUgNqt95Ib
gCJdCVjxCwwNlluEd39cZ8w0docEdIJe4jJ+rxq0FQ7QaCHkXCpgSNEF9dRVG1Te
3xs4wpl9DxtTtBcYYGX/UJihL1Axoo4YfifWhwyr/uZrggoeqmSkeqY6woSZ5oIX
uU0tWALM+RSLDQqtSDQUFbDi6rJbha//GZ5FOdqln45P92QMlrS4hwE6UiDqDm5t
hIYGDHV5nOKkmfGdomKcLGvhB3/HZQTLOYprZG9+gdH883x8B6nRX23QlIKeLwR1
wad6QgUUZL2/oeJ6AOzPeBGoWwqLxXEg6wJZypVvFgc2NTIlDaQ+NubS5gv7Ug==
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:09:23 2025 by rpki-client