Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/15744b95-7e2b-4853-b31b-c5b2711a1a35.roa
File:                     15744b95-7e2b-4853-b31b-c5b2711a1a35.roa (raw, json)
Hash identifier:          SkkGI0BdGmZIpzbkZFnWto5UfHwXd2JtkpZbE9NW6TM=
Subject key identifier:   CE:F7:B2:24:5D:5C:34:3C:93:27:7B:1E:3C:DF:18:20:44:62:CB:3C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       13CC4688FFEB3920A5C9884DDE7F62B847C5D229
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/15744b95-7e2b-4853-b31b-c5b2711a1a35.roa
Signing time:             Fri 29 Aug 2025 15:40:12 +0000
ROA not before:           Fri 29 Aug 2025 15:40:12 +0000
ROA not after:            Fri 03 Oct 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2600:1f15:c00::/38 maxlen: 38
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 07 Sep 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:cc:46:88:ff:eb:39:20:a5:c9:88:4d:de:7f:62:b8:47:c5:d2:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 29 15:40:12 2025 GMT
            Not After : Oct  3 23:59:59 2025 GMT
        Subject: serialNumber=4d875ea1a8c42602e50386435083a1b75b75f53613fa4d8614eed3b00e6f3625, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:48:11:96:b4:d9:9b:90:d9:02:d6:03:44:e9:
                    ed:3d:b9:fa:d1:11:98:2e:89:d8:4b:d3:4d:a0:da:
                    60:36:44:21:e3:12:53:4c:62:d7:08:80:73:b1:90:
                    ca:87:29:e6:dc:03:21:6a:2a:2a:49:8c:13:47:81:
                    83:80:30:ea:b9:03:47:0d:36:8f:40:c5:ce:79:5e:
                    ca:77:3d:bc:41:f7:07:e5:fb:42:8c:34:91:2e:5a:
                    54:25:d7:c5:43:e0:f4:b8:9a:0a:5d:c6:23:47:7d:
                    34:d8:4e:73:b0:26:0c:f2:ea:6c:a0:15:c1:27:ef:
                    9d:d6:dd:7f:f4:e2:7c:bd:52:db:e1:ec:cd:d4:16:
                    2c:4f:ac:90:93:9a:b8:6d:7f:24:d2:3d:ca:f9:06:
                    fb:7b:6d:10:f2:d8:c2:f8:b8:e0:53:40:12:2e:8e:
                    48:9e:26:2d:39:0d:45:fd:8d:93:d0:f7:1a:13:67:
                    a9:88:aa:2f:ed:c2:1c:c1:5d:76:e6:2f:f3:7c:42:
                    bf:ab:2d:d0:b0:1f:54:fa:45:5c:af:3d:5f:56:26:
                    a6:d2:5b:f9:5b:35:c4:e7:c8:7a:b2:1a:b7:6b:e4:
                    84:0d:81:ab:ec:cb:14:0e:d3:e8:6a:28:20:36:1d:
                    db:87:08:38:15:15:24:f7:68:4d:a9:25:16:f8:b8:
                    10:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:F7:B2:24:5D:5C:34:3C:93:27:7B:1E:3C:DF:18:20:44:62:CB:3C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/15744b95-7e2b-4853-b31b-c5b2711a1a35.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f15:c00::/38

    Signature Algorithm: sha256WithRSAEncryption
         1b:0e:e3:04:ec:5f:f4:09:65:7e:2e:7b:e1:0e:94:2f:b3:86:
         af:3c:6f:8b:24:67:37:97:21:f1:e5:b5:81:df:c8:bb:91:25:
         94:90:35:56:9d:af:7b:80:b5:35:44:0b:5b:80:c3:f0:6e:57:
         99:0e:eb:63:b6:df:e6:be:0a:44:53:df:cc:ab:e7:1e:1c:a0:
         a3:e9:ab:8d:d1:d3:34:75:0b:41:bb:65:37:53:68:da:19:da:
         e8:9f:9f:e2:57:8c:fb:e6:0f:6b:a3:ef:f1:dc:0c:96:94:3d:
         17:28:22:a0:8f:ca:64:0a:79:fe:b9:ff:c5:3e:51:61:55:6f:
         a7:83:a4:0b:df:36:1e:6f:bc:63:82:93:d5:ea:d6:17:44:38:
         89:f6:12:56:f6:28:6e:7f:c6:ef:64:84:f6:b1:b3:97:2e:7c:
         c3:3c:52:a2:cd:03:b6:35:ad:35:2d:6a:d3:b3:92:90:05:30:
         f8:47:d8:9e:40:73:8c:57:6e:c1:c7:e8:89:58:41:06:01:07:
         e1:58:33:10:cc:3d:39:72:1a:4d:ee:c0:6f:14:f9:fd:ae:50:
         1b:8b:d7:e0:77:60:a9:02:30:3d:78:21:b8:5b:09:6d:51:3b:
         09:0a:ed:06:d9:99:bf:f3:9a:f1:1e:f7:cb:a3:fa:03:98:95:
         e0:92:57:bc
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUE8xGiP/rOSClyYhN3n9iuEfF0ikwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODI5MTU0MDEyWhcNMjUxMDAzMjM1OTU5
WjB6MUkwRwYDVQQFE0A0ZDg3NWVhMWE4YzQyNjAyZTUwMzg2NDM1MDgzYTFiNzVi
NzVmNTM2MTNmYTRkODYxNGVlZDNiMDBlNmYzNjI1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCLSBGWtNmbkNkC1gNE6e09ufrREZguidhL002g2mA2RCHj
ElNMYtcIgHOxkMqHKebcAyFqKipJjBNHgYOAMOq5A0cNNo9Axc55Xsp3PbxB9wfl
+0KMNJEuWlQl18VD4PS4mgpdxiNHfTTYTnOwJgzy6mygFcEn753W3X/04ny9Utvh
7M3UFixPrJCTmrhtfyTSPcr5Bvt7bRDy2ML4uOBTQBIujkieJi05DUX9jZPQ9xoT
Z6mIqi/twhzBXXbmL/N8Qr+rLdCwH1T6RVyvPV9WJqbSW/lbNcTnyHqyGrdr5IQN
gavsyxQO0+hqKCA2HduHCDgVFST3aE2pJRb4uBBbAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUzveyJF1cNDyTJ3sePN8YIERiyzwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE1NzQ0Yjk1LTdlMmItNDg1My1iMzFiLWM1YjI3MTFhMWEzNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgImAB8VDDANBgkqhkiG9w0BAQsFAAOCAQEAGw7jBOxf9Allfi574Q6UL7OG
rzxviyRnN5ch8eW1gd/Iu5EllJA1Vp2ve4C1NUQLW4DD8G5XmQ7rY7bf5r4KRFPf
zKvnHhygo+mrjdHTNHULQbtlN1No2hna6J+f4leM++YPa6Pv8dwMlpQ9FygioI/K
ZAp5/rn/xT5RYVVvp4OkC982Hm+8Y4KT1erWF0Q4ifYSVvYobn/G72SE9rGzly58
wzxSos0DtjWtNS1q07OSkAUw+EfYnkBzjFduwcfoiVhBBgEH4VgzEMw9OXIaTe7A
bxT5/a5QG4vX4HdgqQIwPXghuFsJbVE7CQrtBtmZv/Oa8R73y6P6A5iV4JJXvA==
-----END CERTIFICATE-----
Generated at Sat Sep 6 14:12:06 2025 by rpki-client