Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/46edd7ff-96c0-4dcb-a72e-2dd489d695eb.roa
File:                     46edd7ff-96c0-4dcb-a72e-2dd489d695eb.roa (raw, json)
Hash identifier:          a6Rbs/HXyaDkpbyqvu7xRnIKinKxGqeO/xkVKKVs6aM=
Subject key identifier:   93:0E:A2:E3:51:78:8B:CA:B0:2C:CB:4D:90:30:E3:97:F4:6D:F6:40
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       444B7B24F8DC8A2D4B45DF6517033345C43C3D67
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/46edd7ff-96c0-4dcb-a72e-2dd489d695eb.roa
Signing time:             Sat 06 Sep 2025 00:11:02 +0000
ROA not before:           Sat 06 Sep 2025 00:11:02 +0000
ROA not after:            Sat 11 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ff1:a400::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Sep 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:4b:7b:24:f8:dc:8a:2d:4b:45:df:65:17:03:33:45:c4:3c:3d:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep  6 00:11:02 2025 GMT
            Not After : Oct 11 23:59:59 2025 GMT
        Subject: serialNumber=de66a4d1fff8e1dc7711ede5767860e9b3fae92cbe1c62ba89417748477767e5, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:54:d3:85:65:5e:4f:3b:00:ba:bc:5e:c2:37:
                    c9:8d:14:05:20:85:7c:1c:11:cd:d6:f4:f9:01:c8:
                    4d:36:cb:5f:a9:b6:92:8c:cf:00:8d:0a:27:84:2c:
                    a2:73:6a:8d:d7:bc:64:24:02:62:7c:47:a7:1e:70:
                    c7:56:ac:56:f9:56:b0:cf:97:51:7e:50:0e:70:e3:
                    59:bf:a9:9c:8f:b6:1d:6e:2d:b3:08:7b:1c:77:fa:
                    6a:4b:f6:b3:87:2f:67:b1:01:20:24:35:42:e4:67:
                    fc:9c:35:e3:90:f1:c5:3e:79:69:6e:2b:81:57:55:
                    a3:76:68:0d:14:76:1a:df:b7:f9:77:33:5d:a1:dc:
                    cf:94:90:38:88:ab:14:83:62:18:b9:5b:e5:b1:1c:
                    e3:e6:8a:29:fc:8d:b0:3b:9d:7e:c8:f6:e9:a4:95:
                    3d:ee:e5:e4:29:03:ab:04:47:30:46:33:f7:f5:fe:
                    6d:94:f1:d1:93:3d:68:df:0b:c4:43:70:36:fe:93:
                    78:4f:8d:6f:6b:21:6d:4f:a8:4b:79:96:5b:cb:35:
                    a2:f1:00:9e:18:42:7e:30:97:2c:74:a4:37:98:33:
                    01:0d:4a:e5:6d:5a:40:7f:5f:cb:a8:4f:6d:99:7a:
                    f1:57:cb:02:86:e5:af:c8:4f:0c:df:68:2b:ee:f3:
                    c1:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:0E:A2:E3:51:78:8B:CA:B0:2C:CB:4D:90:30:E3:97:F4:6D:F6:40
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/46edd7ff-96c0-4dcb-a72e-2dd489d695eb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff1:a400::/40

    Signature Algorithm: sha256WithRSAEncryption
         0f:38:be:0f:f1:26:bd:83:73:f5:c0:4c:e8:b9:13:74:09:59:
         87:56:9f:f9:ad:88:2d:43:ac:29:fd:d5:47:f4:18:c5:1a:d7:
         8a:be:1d:73:a2:f3:dc:55:59:ad:e5:6b:c6:37:05:5c:25:2f:
         a8:40:d2:f9:ed:07:f1:06:62:a2:2a:93:fd:de:e4:7c:8b:90:
         8e:b6:df:7c:19:35:eb:5a:be:80:0d:40:90:fa:81:fc:2c:f4:
         fe:62:dd:50:a2:0e:3a:18:37:40:c4:ce:fa:27:a9:05:64:89:
         16:29:48:ec:ed:dd:c8:5d:70:da:a5:f3:43:10:53:41:0d:c6:
         8e:a8:cb:dc:68:6c:50:87:39:d1:64:34:be:59:07:a4:b7:82:
         5f:fe:97:b0:00:6c:0c:d4:f0:b1:63:75:74:06:c8:52:f3:b7:
         88:69:30:33:d3:c4:0c:ec:2a:23:5d:c8:2e:50:f3:9f:e5:b5:
         64:5a:3f:0d:6f:9c:7d:e2:cc:2b:18:27:ea:88:c2:80:32:75:
         ea:4a:96:39:62:1c:eb:da:22:c8:7a:13:e6:ca:47:00:0c:df:
         95:31:36:cf:d2:1c:3d:f9:13:5e:ca:0e:6b:89:1c:2e:e1:94:
         34:3d:cc:5d:92:75:5b:fc:7d:ed:23:21:20:e2:ff:a6:22:b7:
         01:ef:21:56
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUREt7JPjcii1LRd9lFwMzRcQ8PWcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTA2MDAxMTAyWhcNMjUxMDExMjM1OTU5
WjB6MUkwRwYDVQQFE0BkZTY2YTRkMWZmZjhlMWRjNzcxMWVkZTU3Njc4NjBlOWIz
ZmFlOTJjYmUxYzYyYmE4OTQxNzc0ODQ3Nzc2N2U1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpVNOFZV5POwC6vF7CN8mNFAUghXwcEc3W9PkByE02y1+p
tpKMzwCNCieELKJzao3XvGQkAmJ8R6cecMdWrFb5VrDPl1F+UA5w41m/qZyPth1u
LbMIexx3+mpL9rOHL2exASAkNULkZ/ycNeOQ8cU+eWluK4FXVaN2aA0Udhrft/l3
M12h3M+UkDiIqxSDYhi5W+WxHOPmiin8jbA7nX7I9umklT3u5eQpA6sERzBGM/f1
/m2U8dGTPWjfC8RDcDb+k3hPjW9rIW1PqEt5llvLNaLxAJ4YQn4wlyx0pDeYMwEN
SuVtWkB/X8uoT22ZevFXywKG5a/ITwzfaCvu88FLAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUkw6i41F4i8qwLMtNkDDjl/Rt9kAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQ2ZWRkN2ZmLTk2YzAtNGRjYi1hNzJlLTJkZDQ4OWQ2OTVlYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/xpDANBgkqhkiG9w0BAQsFAAOCAQEADzi+D/EmvYNz9cBM6LkTdAlZ
h1af+a2ILUOsKf3VR/QYxRrXir4dc6Lz3FVZreVrxjcFXCUvqEDS+e0H8QZioiqT
/d7kfIuQjrbffBk161q+gA1AkPqB/Cz0/mLdUKIOOhg3QMTO+iepBWSJFilI7O3d
yF1w2qXzQxBTQQ3GjqjL3GhsUIc50WQ0vlkHpLeCX/6XsABsDNTwsWN1dAbIUvO3
iGkwM9PEDOwqI13ILlDzn+W1ZFo/DW+cfeLMKxgn6ojCgDJ16kqWOWIc69oiyHoT
5spHAAzflTE2z9IcPfkTXsoOa4kcLuGUND3MXZJ1W/x97SMhIOL/piK3Ae8hVg==
-----END CERTIFICATE-----
Generated at Sat Sep 13 01:10:00 2025 by rpki-client