Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6b2ba44e-fd81-42fb-85ce-0e8a0c8d5c37.roa
File:                     6b2ba44e-fd81-42fb-85ce-0e8a0c8d5c37.roa (raw, json)
Hash identifier:          mECxB/RAr5pu8tBzj+PWLgBYcdAJcFs+y33a+LAJSeg=
Subject key identifier:   BE:78:00:4E:66:24:A9:C4:3C:95:57:D4:C2:9C:3A:6B:7E:1B:CD:84
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3E36A63FA58233615E98CE9D5C81BC9A9C697E65
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6b2ba44e-fd81-42fb-85ce-0e8a0c8d5c37.roa
Signing time:             Fri 05 Sep 2025 00:00:25 +0000
ROA not before:           Fri 05 Sep 2025 00:00:25 +0000
ROA not after:            Fri 10 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.166.0.0/15 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 07 Sep 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:36:a6:3f:a5:82:33:61:5e:98:ce:9d:5c:81:bc:9a:9c:69:7e:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep  5 00:00:25 2025 GMT
            Not After : Oct 10 23:59:59 2025 GMT
        Subject: serialNumber=697e1015e348b904e399f705e55ab748111d6ab9cac77e41406681595a2ff71b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:8f:57:d8:53:3f:04:3f:97:b4:e9:59:fa:0b:
                    77:02:9d:1d:54:8a:ae:f1:54:91:ee:23:d6:6a:ce:
                    85:af:f8:ca:c3:fb:69:2c:a4:fe:32:cc:74:21:8e:
                    0b:90:7a:82:c4:0b:70:e5:f0:64:dd:2e:aa:33:28:
                    8c:72:f7:0c:26:07:57:73:ce:b5:61:2c:3a:cd:8d:
                    e3:37:a4:1a:9d:b6:48:79:a2:e1:6a:09:5a:64:05:
                    e7:88:de:9e:eb:2f:27:17:59:f2:90:c8:fc:00:8b:
                    f2:34:12:bb:06:26:2f:46:da:b8:c7:f9:38:cd:54:
                    27:60:6c:03:56:05:c0:81:59:2c:e8:a2:4c:e1:fb:
                    fd:bb:22:be:89:b0:76:23:b2:51:64:94:16:91:88:
                    5b:3b:bb:d9:fb:2c:e0:ad:79:23:59:e3:c0:76:da:
                    2e:6e:d0:a9:14:3e:6b:84:31:3e:2c:36:79:70:60:
                    ba:7a:d1:59:dc:b5:45:d8:ab:a7:ec:22:b2:4c:61:
                    ce:3f:c0:02:c2:ae:51:cb:04:d2:f2:26:3e:77:24:
                    79:b8:b5:81:13:8b:29:39:c5:19:4c:9f:12:f7:8b:
                    fb:cf:1c:e7:bb:38:c5:8f:e7:70:74:bf:c8:03:3d:
                    a7:53:a9:c2:51:4b:14:47:bb:87:3c:8a:20:50:a1:
                    3c:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:78:00:4E:66:24:A9:C4:3C:95:57:D4:C2:9C:3A:6B:7E:1B:CD:84
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6b2ba44e-fd81-42fb-85ce-0e8a0c8d5c37.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.166.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         02:51:f3:75:5e:76:e8:bf:4c:1c:30:f9:45:8c:84:76:86:fd:
         2e:29:34:88:11:b1:65:88:c9:34:19:53:2a:38:46:b7:26:6f:
         d6:be:29:77:fd:af:98:3e:aa:66:a8:86:89:e9:ed:2c:2d:fc:
         a0:8d:ef:e3:70:de:01:da:1c:4f:1a:bc:36:70:89:61:74:8a:
         20:3d:83:fe:5d:86:55:82:b5:e0:03:d6:df:f3:2e:ca:a0:f6:
         12:79:a9:18:3f:ae:c6:13:3e:26:ef:d7:ea:33:a6:3d:ec:f6:
         0b:f5:f7:7c:4e:95:99:1b:ff:05:78:51:f3:26:d1:d7:85:7a:
         56:bd:53:26:41:4a:95:01:ba:8d:e0:ce:32:94:dc:6f:a7:7c:
         e4:f2:1d:b1:20:d8:ec:b6:ad:62:07:b1:33:63:f6:db:68:a3:
         99:ba:58:8e:e5:cb:b8:9e:d7:86:6f:5a:07:ab:6e:0c:5e:f1:
         d7:eb:cc:2d:26:69:fb:57:c2:3b:00:a4:10:d7:50:16:22:51:
         37:8a:03:ef:6e:a6:81:c3:18:12:90:22:76:02:62:01:40:d7:
         62:17:6b:48:f5:58:35:99:a2:aa:f3:70:9a:27:f9:6e:ec:f3:
         80:88:34:63:2b:30:e9:40:7f:2d:b0:b4:e8:fd:8a:09:c0:ed:
         f1:da:96:8f
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUPjamP6WCM2FemM6dXIG8mpxpfmUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTA1MDAwMDI1WhcNMjUxMDEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A2OTdlMTAxNWUzNDhiOTA0ZTM5OWY3MDVlNTVhYjc0ODEx
MWQ2YWI5Y2FjNzdlNDE0MDY2ODE1OTVhMmZmNzFiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDzj1fYUz8EP5e06Vn6C3cCnR1Uiq7xVJHuI9ZqzoWv+MrD
+2kspP4yzHQhjguQeoLEC3Dl8GTdLqozKIxy9wwmB1dzzrVhLDrNjeM3pBqdtkh5
ouFqCVpkBeeI3p7rLycXWfKQyPwAi/I0ErsGJi9G2rjH+TjNVCdgbANWBcCBWSzo
okzh+/27Ir6JsHYjslFklBaRiFs7u9n7LOCteSNZ48B22i5u0KkUPmuEMT4sNnlw
YLp60VnctUXYq6fsIrJMYc4/wALCrlHLBNLyJj53JHm4tYETiyk5xRlMnxL3i/vP
HOe7OMWP53B0v8gDPadTqcJRSxRHu4c8iiBQoTzrAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUvngATmYkqcQ8lVfUwpw6a34bzYQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZiMmJhNDRlLWZkODEtNDJmYi04NWNlLTBlOGEwYzhkNWMzNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwENpjANBgkqhkiG9w0BAQsFAAOCAQEAAlHzdV526L9MHDD5RYyEdob9Lik0
iBGxZYjJNBlTKjhGtyZv1r4pd/2vmD6qZqiGientLC38oI3v43DeAdocTxq8NnCJ
YXSKID2D/l2GVYK14APW3/MuyqD2EnmpGD+uxhM+Ju/X6jOmPez2C/X3fE6VmRv/
BXhR8ybR14V6Vr1TJkFKlQG6jeDOMpTcb6d85PIdsSDY7LatYgexM2P222ijmbpY
juXLuJ7Xhm9aB6tuDF7x1+vMLSZp+1fCOwCkENdQFiJRN4oD726mgcMYEpAidgJi
AUDXYhdrSPVYNZmiqvNwmif5buzzgIg0Yysw6UB/LbC06P2KCcDt8dqWjw==
-----END CERTIFICATE-----
Generated at Sat Sep 6 14:08:30 2025 by rpki-client