Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a257878e-10ee-4838-922c-30999880ff07.roa
File:                     a257878e-10ee-4838-922c-30999880ff07.roa (raw, json)
Hash identifier:          kOtHRpxDUk1MmdLpiLF0qtPH6DS9cKuw0KUQPgOvTuM=
Subject key identifier:   85:AB:78:1F:6E:65:2D:49:CE:27:2E:60:39:44:06:E8:2B:CC:FB:50
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2FBE394290FF3C68395CC2E7BA9BD0AA9658D487
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a257878e-10ee-4838-922c-30999880ff07.roa
Signing time:             Fri 11 Jul 2025 00:21:01 +0000
ROA not before:           Fri 11 Jul 2025 00:21:01 +0000
ROA not after:            Fri 15 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1fed:3400::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:be:39:42:90:ff:3c:68:39:5c:c2:e7:ba:9b:d0:aa:96:58:d4:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 11 00:21:01 2025 GMT
            Not After : Aug 15 23:59:59 2025 GMT
        Subject: serialNumber=8d6ce5829b89077131de08f1c1b8a1a2053ad1be7eb309535086e52eba2a9bef, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:1e:de:39:f1:6a:31:d5:30:ca:60:a5:c4:fd:
                    46:23:6f:9c:d6:25:0c:8e:7e:84:98:6f:aa:99:7d:
                    b1:8e:fe:e5:01:42:3d:20:15:b2:11:33:00:da:09:
                    5e:87:94:1e:01:24:08:a3:c9:06:14:43:d9:4e:05:
                    7f:9f:a0:d4:ca:0c:e6:2e:fd:7d:6c:f5:e5:3d:54:
                    93:9a:95:49:db:d2:1b:5e:5a:b4:7e:68:ed:f2:4a:
                    4f:97:bd:a5:6c:6a:15:c8:38:a2:90:86:d8:75:44:
                    2e:b8:4f:41:c7:1e:38:fb:22:97:50:ec:d3:4e:8a:
                    e0:bf:51:6f:03:85:21:60:11:eb:98:54:12:9e:a7:
                    8f:9b:e1:69:dc:4e:1f:9c:69:fc:dd:06:47:f1:58:
                    d7:99:6b:19:c0:39:e3:37:0a:b3:e6:a4:d6:15:9b:
                    38:5f:38:28:ac:f3:fb:b7:e4:74:55:23:01:1c:ac:
                    dc:69:84:b6:d4:29:08:e2:5e:ac:ef:e4:80:06:ab:
                    7a:2e:25:6f:df:b9:44:83:c1:ce:e6:98:07:91:62:
                    6b:9c:d1:7c:ff:25:c5:d0:f9:85:f7:fe:ed:33:a7:
                    86:b1:2d:a7:cf:f9:71:87:4d:57:ed:6a:1f:1c:8a:
                    a0:66:ed:74:9b:96:3c:a0:e2:b1:90:81:2b:0a:85:
                    43:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:AB:78:1F:6E:65:2D:49:CE:27:2E:60:39:44:06:E8:2B:CC:FB:50
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a257878e-10ee-4838-922c-30999880ff07.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fed:3400::/40

    Signature Algorithm: sha256WithRSAEncryption
         21:62:e1:87:d3:dd:b9:8e:c5:40:2b:58:fd:63:fc:dd:e0:56:
         c6:e9:3a:29:12:85:c5:0f:2c:d1:d1:c6:77:2c:c4:11:16:84:
         e9:9b:63:83:ad:44:41:cc:6b:6d:8d:68:85:e8:09:fd:5c:4a:
         bf:04:39:00:d9:27:73:70:60:63:7a:e5:6b:60:8c:d5:54:3a:
         4a:7e:32:cc:fe:fd:2e:c3:37:d9:5a:4f:fc:25:29:bb:3c:8b:
         e1:ac:f4:68:86:f8:39:bf:09:57:58:21:7a:fd:53:0e:02:43:
         b9:b5:d7:eb:dd:9d:15:99:a6:ca:07:69:f7:c6:46:e6:bb:b7:
         e8:31:ef:94:2f:e5:c8:15:db:34:ce:06:15:d4:f3:d2:b0:77:
         2d:d2:46:65:d4:c3:48:6e:88:16:cc:c3:46:bf:ae:7c:89:f9:
         db:87:4c:d1:db:38:f9:3a:fd:74:b2:b0:98:79:43:b2:c8:37:
         eb:ae:51:e7:65:36:3f:c9:fd:f3:a4:8f:5d:50:49:95:ee:f4:
         c1:16:d7:97:66:4b:c9:a1:99:18:3a:99:b4:b9:31:59:1e:78:
         71:82:af:ea:a2:20:b3:90:44:8e:02:74:b6:5e:43:c1:f8:74:
         33:29:19:de:59:47:d1:b5:e4:40:33:49:66:18:2e:35:60:64:
         02:0e:ab:0c
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUL745QpD/PGg5XMLnupvQqpZY1IcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzExMDAyMTAxWhcNMjUwODE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A4ZDZjZTU4MjliODkwNzcxMzFkZTA4ZjFjMWI4YTFhMjA1
M2FkMWJlN2ViMzA5NTM1MDg2ZTUyZWJhMmE5YmVmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCcHt458Wox1TDKYKXE/UYjb5zWJQyOfoSYb6qZfbGO/uUB
Qj0gFbIRMwDaCV6HlB4BJAijyQYUQ9lOBX+foNTKDOYu/X1s9eU9VJOalUnb0hte
WrR+aO3ySk+XvaVsahXIOKKQhth1RC64T0HHHjj7IpdQ7NNOiuC/UW8DhSFgEeuY
VBKep4+b4WncTh+cafzdBkfxWNeZaxnAOeM3CrPmpNYVmzhfOCis8/u35HRVIwEc
rNxphLbUKQjiXqzv5IAGq3ouJW/fuUSDwc7mmAeRYmuc0Xz/JcXQ+YX3/u0zp4ax
LafP+XGHTVftah8ciqBm7XSbljyg4rGQgSsKhUOpAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUhat4H25lLUnOJy5gOUQG6CvM+1AwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2EyNTc4NzhlLTEwZWUtNDgzOC05MjJjLTMwOTk5ODgwZmYwNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/tNDANBgkqhkiG9w0BAQsFAAOCAQEAIWLhh9PduY7FQCtY/WP83eBW
xuk6KRKFxQ8s0dHGdyzEERaE6Ztjg61EQcxrbY1ohegJ/VxKvwQ5ANknc3BgY3rl
a2CM1VQ6Sn4yzP79LsM32VpP/CUpuzyL4az0aIb4Ob8JV1ghev1TDgJDubXX692d
FZmmygdp98ZG5ru36DHvlC/lyBXbNM4GFdTz0rB3LdJGZdTDSG6IFszDRr+ufIn5
24dM0ds4+Tr9dLKwmHlDssg3665R52U2P8n986SPXVBJle70wRbXl2ZLyaGZGDqZ
tLkxWR54cYKv6qIgs5BEjgJ0tl5Dwfh0MykZ3llH0bXkQDNJZhguNWBkAg6rDA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:55:07 2025 by rpki-client