Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/886ae314-24f5-4728-87ba-194d4c08d5af.roa
File:                     886ae314-24f5-4728-87ba-194d4c08d5af.roa (raw, json)
Hash identifier:          d3+IhhixB9OCA9H9rYG9FjYIOygJmoLy6YbgKJqzphY=
Subject key identifier:   F3:43:05:DB:C3:13:E3:0D:9F:9D:53:0B:FA:20:D3:8A:D7:D3:BA:A1
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4BD4FB2727D3BFA7559595F7676B150A5A72C719
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/886ae314-24f5-4728-87ba-194d4c08d5af.roa
Signing time:             Mon 07 Jul 2025 18:11:44 +0000
ROA not before:           Mon 07 Jul 2025 18:11:44 +0000
ROA not after:            Mon 11 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ff2:a480::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:d4:fb:27:27:d3:bf:a7:55:95:95:f7:67:6b:15:0a:5a:72:c7:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  7 18:11:44 2025 GMT
            Not After : Aug 11 23:59:59 2025 GMT
        Subject: serialNumber=387eb652f26e8b5139de43dddd507e94c0737129510a49c5256c9562920155e8, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:b4:21:24:3a:4c:37:24:86:24:e4:d3:93:67:
                    fb:ea:21:73:b0:38:9d:82:b3:82:b1:b5:85:c2:fd:
                    eb:5c:ba:b2:8d:ef:1a:97:da:31:4c:55:16:89:d4:
                    54:77:42:4b:5a:1e:b6:44:30:31:fe:dd:6c:d9:2a:
                    1d:2b:c8:bf:1b:ae:f7:7c:25:04:aa:3d:61:85:73:
                    83:39:0a:f8:4a:f4:c7:2a:35:9c:99:38:0a:1f:20:
                    99:8c:d7:aa:24:1f:9a:dc:55:6c:a5:82:9b:e2:97:
                    3c:f7:9d:f8:9f:b0:bb:4b:59:c9:3a:4b:83:60:e4:
                    35:0a:bb:80:f6:b3:f1:e6:94:80:66:2b:d4:42:20:
                    8a:cc:9c:2c:d0:81:d6:4f:ef:63:4d:6d:a1:3d:3e:
                    49:20:cd:d4:59:02:35:3b:9e:b0:33:cb:27:cb:52:
                    38:fa:10:4c:91:e1:0d:09:d9:2e:71:cd:fb:6b:df:
                    46:c1:c3:fb:3b:09:32:1b:67:8a:13:7d:1c:05:82:
                    4e:34:e7:e1:c0:86:e2:cc:3e:91:08:82:e5:ad:d5:
                    78:1c:6c:fa:89:2c:de:8a:97:8d:a8:20:dc:fa:e9:
                    67:d4:74:ce:94:7e:6a:2f:1f:77:3f:a3:7d:85:87:
                    b1:ab:b0:55:2c:ef:ff:47:80:88:67:33:bd:56:42:
                    ad:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:43:05:DB:C3:13:E3:0D:9F:9D:53:0B:FA:20:D3:8A:D7:D3:BA:A1
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/886ae314-24f5-4728-87ba-194d4c08d5af.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff2:a480::/48

    Signature Algorithm: sha256WithRSAEncryption
         4b:2c:39:ea:a7:c9:b2:e2:0e:73:cc:6c:4c:ba:55:3d:b8:fa:
         2e:c9:9d:08:56:ed:0b:78:c4:b9:d6:93:e4:9c:c1:d6:13:39:
         30:e3:58:b0:f0:90:5a:56:8d:a0:31:90:7b:8c:55:f4:d1:92:
         c4:d1:cf:54:0f:4d:43:ba:4a:89:a1:4c:d1:93:51:d1:92:2b:
         5a:b7:06:7c:b8:b9:ec:d9:4f:0e:6b:33:83:61:54:f2:4c:d0:
         ee:9a:e8:1f:ec:2c:94:0c:48:32:83:81:17:4b:aa:ec:e2:3e:
         9b:63:ae:26:d6:3e:11:e4:1a:dd:36:dd:ae:b3:1f:12:f3:ae:
         15:00:8e:bf:ed:f9:96:26:3e:82:12:1d:1b:5e:74:47:21:1b:
         a2:78:16:18:89:bc:27:0b:a2:ac:32:13:ef:70:c9:e5:2f:4b:
         0f:3a:c0:56:e1:f8:89:82:b3:54:ab:00:8e:e9:95:8f:48:f7:
         e2:ff:99:b9:e9:0e:4a:f8:41:09:a5:10:d2:9d:5b:17:a3:36:
         d6:21:4e:94:ef:3d:70:9f:9c:e4:89:f9:14:73:2b:4c:dc:41:
         7c:f8:3b:3a:c8:0c:26:5d:a9:6e:d8:63:42:3c:69:fc:22:3f:
         e6:29:8e:6f:8b:01:62:eb:c3:b9:39:03:f1:d3:fa:04:01:67:
         5c:24:54:1c
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUS9T7JyfTv6dVlZX3Z2sVClpyxxkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA3MTgxMTQ0WhcNMjUwODExMjM1OTU5
WjB6MUkwRwYDVQQFE0AzODdlYjY1MmYyNmU4YjUxMzlkZTQzZGRkZDUwN2U5NGMw
NzM3MTI5NTEwYTQ5YzUyNTZjOTU2MjkyMDE1NWU4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCTtCEkOkw3JIYk5NOTZ/vqIXOwOJ2Cs4KxtYXC/etcurKN
7xqX2jFMVRaJ1FR3QktaHrZEMDH+3WzZKh0ryL8brvd8JQSqPWGFc4M5CvhK9Mcq
NZyZOAofIJmM16okH5rcVWylgpvilzz3nfifsLtLWck6S4Ng5DUKu4D2s/HmlIBm
K9RCIIrMnCzQgdZP72NNbaE9PkkgzdRZAjU7nrAzyyfLUjj6EEyR4Q0J2S5xzftr
30bBw/s7CTIbZ4oTfRwFgk405+HAhuLMPpEIguWt1XgcbPqJLN6Kl42oINz66WfU
dM6UfmovH3c/o32Fh7GrsFUs7/9HgIhnM71WQq3BAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU80MF28MT4w2fnVML+iDTitfTuqEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzg4NmFlMzE0LTI0ZjUtNDcyOC04N2JhLTE5NGQ0YzA4ZDVhZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB/ypIAwDQYJKoZIhvcNAQELBQADggEBAEssOeqnybLiDnPMbEy6VT24
+i7JnQhW7Qt4xLnWk+ScwdYTOTDjWLDwkFpWjaAxkHuMVfTRksTRz1QPTUO6Somh
TNGTUdGSK1q3Bny4uezZTw5rM4NhVPJM0O6a6B/sLJQMSDKDgRdLquziPptjribW
PhHkGt023a6zHxLzrhUAjr/t+ZYmPoISHRtedEchG6J4FhiJvCcLoqwyE+9wyeUv
Sw86wFbh+ImCs1SrAI7plY9I9+L/mbnpDkr4QQmlENKdWxejNtYhTpTvPXCfnOSJ
+RRzK0zcQXz4OzrIDCZdqW7YY0I8afwiP+Ypjm+LAWLrw7k5A/HT+gQBZ1wkVBw=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:24:34 2025 by rpki-client