Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/efe6f6cf-4796-46a7-9acc-01904c6ad2b9.roa
File:                     efe6f6cf-4796-46a7-9acc-01904c6ad2b9.roa (raw, json)
Hash identifier:          0dOU6kiwQGvHWgZ21GD8rqC+vTwelDBpl7+dNLv0AM0=
Subject key identifier:   61:D7:77:1D:E3:41:7F:82:F7:B5:F6:A2:2B:0D:6D:1A:B1:E6:2C:76
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5959E2850DF1841A65C6F011C9CACF3CB081EE42
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/efe6f6cf-4796-46a7-9acc-01904c6ad2b9.roa
Signing time:             Tue 22 Jul 2025 00:21:39 +0000
ROA not before:           Tue 22 Jul 2025 00:21:39 +0000
ROA not after:            Tue 26 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ff5:4000::/39 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:59:e2:85:0d:f1:84:1a:65:c6:f0:11:c9:ca:cf:3c:b0:81:ee:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 22 00:21:39 2025 GMT
            Not After : Aug 26 23:59:59 2025 GMT
        Subject: serialNumber=a39f3a14edd1d7927d9f404dde805eb4105f3abb1692bf6fdb4f21de512f7627, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:db:d7:3a:e1:10:b5:8b:7a:d9:4f:0a:07:b8:
                    75:9b:0b:b2:5b:23:ad:99:02:20:b0:dd:db:4e:dc:
                    12:28:f9:2e:94:5d:6d:b6:45:6c:42:2b:57:1e:50:
                    05:fa:b2:0a:8d:9e:45:6e:41:96:ff:b9:88:50:f1:
                    55:72:14:2b:25:f6:20:86:3e:d1:36:42:b5:00:0b:
                    fd:af:4c:e0:37:75:8d:50:4c:d8:6b:17:ee:6a:2f:
                    b8:37:7d:d8:85:52:91:9a:09:f0:5e:d5:e1:87:b9:
                    90:05:04:4c:a1:e3:57:ab:6c:10:8c:a7:df:e5:6c:
                    5b:f8:04:11:31:e0:64:b5:ac:65:16:6d:10:9d:6a:
                    fc:8c:93:37:f7:86:96:88:af:3b:98:24:8e:67:b7:
                    d9:f9:5e:39:a8:09:ed:86:0e:7e:c8:fd:28:db:88:
                    de:2f:24:b0:e9:8c:36:83:0d:22:49:34:93:1e:ae:
                    e8:9a:71:e4:be:f3:da:a1:ce:c4:eb:7e:3a:e1:43:
                    87:05:b3:05:75:93:2a:b6:2b:1a:20:89:cc:1c:c7:
                    63:f8:de:a0:4f:24:54:77:3d:28:64:6b:87:4d:ca:
                    cd:c9:2c:fe:9b:cf:47:aa:da:57:c4:fe:09:76:b5:
                    c2:f3:cb:b1:2d:d4:dd:29:a7:cf:97:c7:db:71:37:
                    20:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:D7:77:1D:E3:41:7F:82:F7:B5:F6:A2:2B:0D:6D:1A:B1:E6:2C:76
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/efe6f6cf-4796-46a7-9acc-01904c6ad2b9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff5:4000::/39

    Signature Algorithm: sha256WithRSAEncryption
         bc:0c:c4:fd:2a:bd:19:cc:6b:dd:1f:bb:1e:69:fd:68:55:28:
         87:ba:a0:96:44:f5:d5:7e:77:fb:4a:bc:5c:ed:de:4b:78:08:
         f8:df:e2:c5:bb:c9:d4:5e:83:14:12:82:10:6a:15:05:b3:2f:
         cd:d8:d4:15:16:26:be:7a:d4:70:10:71:28:19:6a:dc:5f:c9:
         7c:82:9c:07:96:3e:90:e5:80:1c:45:56:a6:75:df:9c:57:09:
         b5:8d:1b:61:8a:11:99:7a:ed:7c:56:a0:61:9a:11:6d:35:6b:
         80:3b:b8:ca:56:8a:7d:86:de:ed:cc:e7:5f:31:7f:bc:a4:60:
         91:90:23:9b:05:3f:8b:98:de:84:9c:fc:63:12:e7:8a:3b:17:
         04:bb:38:46:a7:e9:e5:1e:f8:8e:ff:d4:24:7e:83:aa:73:86:
         54:e9:51:43:4f:98:e6:ae:74:5e:60:09:d9:0f:cd:cb:0e:ab:
         6a:99:1a:62:e0:fd:37:6d:2d:06:c3:88:0e:be:de:9a:af:3e:
         f1:6d:58:1f:7a:2b:5f:ed:82:17:94:4d:44:fb:bf:8e:c6:07:
         de:9d:44:6f:e1:7e:51:46:2c:93:7d:30:ac:a4:67:72:cc:22:
         74:1b:e4:61:56:0a:ad:a3:bf:ee:54:d1:95:c5:f0:1c:68:14:
         52:c3:9c:19
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUWVnihQ3xhBplxvARycrPPLCB7kIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzIyMDAyMTM5WhcNMjUwODI2MjM1OTU5
WjB6MUkwRwYDVQQFE0BhMzlmM2ExNGVkZDFkNzkyN2Q5ZjQwNGRkZTgwNWViNDEw
NWYzYWJiMTY5MmJmNmZkYjRmMjFkZTUxMmY3NjI3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCr29c64RC1i3rZTwoHuHWbC7JbI62ZAiCw3dtO3BIo+S6U
XW22RWxCK1ceUAX6sgqNnkVuQZb/uYhQ8VVyFCsl9iCGPtE2QrUAC/2vTOA3dY1Q
TNhrF+5qL7g3fdiFUpGaCfBe1eGHuZAFBEyh41erbBCMp9/lbFv4BBEx4GS1rGUW
bRCdavyMkzf3hpaIrzuYJI5nt9n5XjmoCe2GDn7I/SjbiN4vJLDpjDaDDSJJNJMe
ruiaceS+89qhzsTrfjrhQ4cFswV1kyq2Kxogicwcx2P43qBPJFR3PShka4dNys3J
LP6bz0eq2lfE/gl2tcLzy7Et1N0pp8+Xx9txNyCVAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUYdd3HeNBf4L3tfaiKw1tGrHmLHYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2VmZTZmNmNmLTQ3OTYtNDZhNy05YWNjLTAxOTA0YzZhZDJiOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmAB/1QDANBgkqhkiG9w0BAQsFAAOCAQEAvAzE/Sq9Gcxr3R+7Hmn9aFUo
h7qglkT11X53+0q8XO3eS3gI+N/ixbvJ1F6DFBKCEGoVBbMvzdjUFRYmvnrUcBBx
KBlq3F/JfIKcB5Y+kOWAHEVWpnXfnFcJtY0bYYoRmXrtfFagYZoRbTVrgDu4ylaK
fYbe7cznXzF/vKRgkZAjmwU/i5jehJz8YxLnijsXBLs4Rqfp5R74jv/UJH6DqnOG
VOlRQ0+Y5q50XmAJ2Q/Nyw6rapkaYuD9N20tBsOIDr7emq8+8W1YH3orX+2CF5RN
RPu/jsYH3p1Eb+F+UUYsk30wrKRncswidBvkYVYKraO/7lTRlcXwHGgUUsOcGQ==
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:12:49 2025 by rpki-client