Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/78dd989c-1826-4000-a1be-585b3b82efe8.roa
File:                     78dd989c-1826-4000-a1be-585b3b82efe8.roa (raw, json)
Hash identifier:          8lZRUL/TboQG1KuPibgdcOUPdLkMrVJZJYD8u7jbt0Q=
Subject key identifier:   94:E5:06:AC:8A:6B:73:22:64:A3:87:7F:AA:ED:CA:75:D3:0F:11:C5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6D361B9A09ED6CF318FCD4F92CAFF987041BB533
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/78dd989c-1826-4000-a1be-585b3b82efe8.roa
Signing time:             Mon 23 Jun 2025 15:31:16 +0000
ROA not before:           Mon 23 Jun 2025 15:31:16 +0000
ROA not after:            Mon 28 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.48.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 08 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:36:1b:9a:09:ed:6c:f3:18:fc:d4:f9:2c:af:f9:87:04:1b:b5:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 23 15:31:16 2025 GMT
            Not After : Jul 28 23:59:59 2025 GMT
        Subject: serialNumber=1038e35641f2a329af6d2e7c0dd849d00aa80d32d8c032d497fd164b4d8af5ab, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:78:ab:7f:00:52:d1:f1:dd:60:51:55:b2:9a:
                    2d:03:25:14:e5:6e:fd:13:a0:cc:62:71:44:be:c1:
                    b6:63:c2:9e:d5:c1:ed:07:4b:43:b0:09:33:75:ad:
                    58:fb:d1:50:63:87:95:5b:bc:07:30:06:bb:74:ef:
                    68:ca:42:d7:0d:aa:60:71:71:9d:53:a1:78:da:93:
                    00:95:9d:8a:ee:0f:28:89:01:67:20:79:81:5b:bc:
                    94:3d:94:50:87:ca:fb:4d:ff:c6:49:e7:e9:b9:d7:
                    03:e4:c5:52:d3:81:74:10:f0:7a:32:7c:07:c7:95:
                    fd:e7:b8:0d:68:7e:b4:d1:f3:0c:56:1b:85:0d:8b:
                    cb:96:93:b3:9d:69:0e:dd:31:48:47:0c:bd:05:9d:
                    48:3c:fa:44:11:71:6c:3f:e2:6c:a2:bb:a3:eb:85:
                    1f:e4:ae:50:3a:0f:5a:6b:bb:24:2f:29:7c:5d:1e:
                    31:3a:31:06:0d:5c:15:7f:53:7a:c2:d2:2c:6d:cc:
                    c9:2b:aa:cd:ba:53:10:e2:57:4d:ab:6d:2f:a9:39:
                    1f:b0:b7:89:64:e4:c1:fa:ff:3d:d2:3c:e4:b8:e2:
                    48:cd:3d:94:59:1d:f0:b6:b0:3c:0d:31:f8:da:cd:
                    07:3c:5c:48:43:6e:57:88:b5:d1:17:91:8e:15:ef:
                    00:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:E5:06:AC:8A:6B:73:22:64:A3:87:7F:AA:ED:CA:75:D3:0F:11:C5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/78dd989c-1826-4000-a1be-585b3b82efe8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.48.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         29:6b:01:98:9f:52:4a:6c:ab:0c:a1:1d:fc:b9:2a:5b:1c:ca:
         91:c9:1e:2e:72:a2:14:81:c1:7f:97:99:41:70:cf:26:5d:79:
         48:6a:7a:c6:dc:c8:a6:5f:5a:e9:b8:26:50:03:f2:37:2c:cb:
         a0:71:ff:cf:be:f2:6f:9d:9b:02:a3:cf:01:04:89:1f:69:6d:
         a9:0e:11:a2:e9:27:25:2e:81:e1:eb:7e:d4:02:1b:96:ce:17:
         ee:c5:41:20:a9:19:a2:d0:15:04:3e:45:f5:b6:2d:89:2e:0c:
         56:62:3a:2c:be:5c:6f:4a:7d:ec:1f:18:51:99:f9:ee:f2:0b:
         7f:71:26:1e:64:42:2e:7d:e8:f0:1d:32:89:a8:f7:8c:18:af:
         5b:f8:bf:e9:42:04:b4:56:e0:83:0c:4e:60:d7:b1:de:c9:75:
         8b:18:6f:f2:bf:aa:50:14:d0:79:a3:48:ab:10:e8:75:36:93:
         dc:c4:cc:83:61:09:4e:f1:eb:71:13:21:dc:29:e8:6a:ce:ba:
         37:7e:37:4a:f0:f6:d5:bb:56:4b:f1:6d:ad:7b:d2:2d:2d:cf:
         ca:ef:aa:5c:f2:b8:41:ad:bc:f3:68:7a:97:d1:1b:ec:b3:43:
         63:1a:23:94:b1:da:c3:3e:b5:57:34:cd:09:69:12:2d:b6:1c:
         c2:3b:de:f3
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUbTYbmgntbPMY/NT5LK/5hwQbtTMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjIzMTUzMTE2WhcNMjUwNzI4MjM1OTU5
WjB6MUkwRwYDVQQFE0AxMDM4ZTM1NjQxZjJhMzI5YWY2ZDJlN2MwZGQ4NDlkMDBh
YTgwZDMyZDhjMDMyZDQ5N2ZkMTY0YjRkOGFmNWFiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC8eKt/AFLR8d1gUVWymi0DJRTlbv0ToMxicUS+wbZjwp7V
we0HS0OwCTN1rVj70VBjh5VbvAcwBrt072jKQtcNqmBxcZ1ToXjakwCVnYruDyiJ
AWcgeYFbvJQ9lFCHyvtN/8ZJ5+m51wPkxVLTgXQQ8HoyfAfHlf3nuA1ofrTR8wxW
G4UNi8uWk7OdaQ7dMUhHDL0FnUg8+kQRcWw/4myiu6PrhR/krlA6D1pruyQvKXxd
HjE6MQYNXBV/U3rC0ixtzMkrqs26UxDiV02rbS+pOR+wt4lk5MH6/z3SPOS44kjN
PZRZHfC2sDwNMfjazQc8XEhDbleItdEXkY4V7wBbAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUlOUGrIprcyJko4d/qu3KddMPEcUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc4ZGQ5ODljLTE4MjYtNDAwMC1hMWJlLTU4NWIzYjgyZWZlOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4MDANBgkqhkiG9w0BAQsFAAOCAQEAKWsBmJ9SSmyrDKEd/LkqWxzKkcke
LnKiFIHBf5eZQXDPJl15SGp6xtzIpl9a6bgmUAPyNyzLoHH/z77yb52bAqPPAQSJ
H2ltqQ4RouknJS6B4et+1AIbls4X7sVBIKkZotAVBD5F9bYtiS4MVmI6LL5cb0p9
7B8YUZn57vILf3EmHmRCLn3o8B0yiaj3jBivW/i/6UIEtFbggwxOYNex3sl1ixhv
8r+qUBTQeaNIqxDodTaT3MTMg2EJTvHrcRMh3Cnoas66N343SvD21btWS/FtrXvS
LS3Pyu+qXPK4Qa2882h6l9Eb7LNDYxojlLHawz61VzTNCWkSLbYcwjve8w==
-----END CERTIFICATE-----
Generated at Sun Jul 6 23:49:20 2025 by rpki-client