Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a08ba7ca-e89d-4d87-8eb3-23f2061ec4f1.roa
File:                     a08ba7ca-e89d-4d87-8eb3-23f2061ec4f1.roa (raw, json)
Hash identifier:          1LN0b413dc9xDEhZ8G9kQooIGai85CCPPiudhAa2oS8=
Subject key identifier:   4D:51:3D:02:E8:D3:16:AF:54:DE:2E:4D:2E:89:6D:28:20:10:31:97
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       250307F99F4F4C85B79F63427693A406E0953EBD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a08ba7ca-e89d-4d87-8eb3-23f2061ec4f1.roa
Signing time:             Sat 07 Jun 2025 00:20:18 +0000
ROA not before:           Sat 07 Jun 2025 00:20:18 +0000
ROA not after:            Sat 12 Jul 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        16.64.0.0/17 maxlen: 17
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 02 Jul 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:03:07:f9:9f:4f:4c:85:b7:9f:63:42:76:93:a4:06:e0:95:3e:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun  7 00:20:18 2025 GMT
            Not After : Jul 12 23:59:59 2025 GMT
        Subject: serialNumber=20ec587d4ba683f6985aa270440ede2f3d798f646a96f77824f340d07bb92f1b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:d8:8f:97:02:0f:a3:ea:83:ab:eb:0e:28:14:
                    c6:94:03:5b:d2:14:43:85:62:ff:62:94:f3:5c:f9:
                    0e:20:31:9f:79:87:89:a5:4f:86:48:20:73:2f:e5:
                    2b:5c:58:31:e5:c3:5f:cf:56:f5:f1:85:ed:d3:7c:
                    1f:7c:98:c1:ca:83:58:d7:49:73:e7:7c:cf:83:44:
                    c2:fc:6a:33:54:10:65:c0:c1:cc:a3:f2:da:e6:91:
                    ce:34:f8:5c:ad:a6:9c:ec:31:5b:a6:78:be:7c:65:
                    e2:2c:d4:fe:be:a5:14:8f:f2:1e:17:76:0f:b8:c9:
                    c1:dd:29:70:fd:bd:61:31:b6:b4:cf:ae:93:30:04:
                    c6:6f:9f:71:dd:45:5a:9b:e3:19:cf:84:dd:e0:e0:
                    10:ee:92:43:91:e7:10:28:49:56:0e:3f:8a:0a:19:
                    2f:9a:86:03:63:a8:23:22:a4:8a:bf:69:50:07:dc:
                    57:45:db:bf:90:c9:4c:2f:86:62:cf:de:89:59:14:
                    7c:0e:b0:fe:34:f0:50:8d:1d:ef:b0:6e:45:b8:b0:
                    3e:1d:d0:17:91:9b:cd:c6:b3:b7:21:c3:35:34:3d:
                    a1:19:e8:9e:2c:d4:ad:3a:c4:11:2a:c4:1f:60:67:
                    b1:f2:b2:b4:67:be:c3:cd:84:b6:53:5e:dc:08:9d:
                    c4:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:51:3D:02:E8:D3:16:AF:54:DE:2E:4D:2E:89:6D:28:20:10:31:97
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a08ba7ca-e89d-4d87-8eb3-23f2061ec4f1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.64.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         1a:6a:a5:95:65:24:66:97:55:05:30:13:a2:69:f8:16:de:d5:
         93:a9:ce:d5:c2:7d:11:d7:c6:f5:3c:2e:82:9c:03:a0:85:c4:
         36:b4:05:f2:b6:38:f7:1c:94:61:0e:ed:66:ff:29:cb:20:70:
         3e:5f:95:d1:f0:10:c6:71:07:6b:5e:9b:03:16:9e:36:66:d0:
         0f:9e:ac:bf:69:9a:fa:e2:78:5d:ee:9b:2c:c4:70:3c:b5:d2:
         62:02:0d:a5:e5:73:65:9e:a5:4a:16:52:ac:b6:55:c8:27:5f:
         23:76:f0:e3:e5:c9:2f:ac:34:5a:8c:08:4a:f5:43:2c:a0:b7:
         2e:18:23:56:ec:c8:e4:ca:0b:bf:dd:fb:52:41:11:5b:7a:59:
         a7:34:09:66:33:d2:b8:ec:22:8d:5d:c4:ae:3a:f1:4a:49:2f:
         27:58:e7:c2:3f:90:6c:ca:0b:8a:b2:6b:f6:a1:d2:d7:14:23:
         bb:98:74:6a:8b:05:c9:1e:02:2d:28:4d:35:d6:92:f1:3f:f0:
         23:4c:6f:7f:e9:c2:9d:68:16:90:83:14:6e:e2:c4:1e:11:e6:
         71:f5:e8:32:8b:07:93:f3:98:16:72:c7:40:7c:a9:a6:71:97:
         ff:95:1f:e6:63:ff:43:4c:84:3a:ff:72:66:00:ca:5f:91:bc:
         59:71:d3:8b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJQMH+Z9PTIW3n2NCdpOkBuCVPr0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjA3MDAyMDE4WhcNMjUwNzEyMjM1OTU5
WjB6MUkwRwYDVQQFE0AyMGVjNTg3ZDRiYTY4M2Y2OTg1YWEyNzA0NDBlZGUyZjNk
Nzk4ZjY0NmE5NmY3NzgyNGYzNDBkMDdiYjkyZjFiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDb2I+XAg+j6oOr6w4oFMaUA1vSFEOFYv9ilPNc+Q4gMZ95
h4mlT4ZIIHMv5StcWDHlw1/PVvXxhe3TfB98mMHKg1jXSXPnfM+DRML8ajNUEGXA
wcyj8trmkc40+FytppzsMVumeL58ZeIs1P6+pRSP8h4Xdg+4ycHdKXD9vWExtrTP
rpMwBMZvn3HdRVqb4xnPhN3g4BDukkOR5xAoSVYOP4oKGS+ahgNjqCMipIq/aVAH
3FdF27+QyUwvhmLP3olZFHwOsP408FCNHe+wbkW4sD4d0BeRm83Gs7chwzU0PaEZ
6J4s1K06xBEqxB9gZ7HysrRnvsPNhLZTXtwIncRfAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUTVE9AujTFq9U3i5NLoltKCAQMZcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2EwOGJhN2NhLWU4OWQtNGQ4Ny04ZWIzLTIzZjIwNjFlYzRmMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAcQQAAwDQYJKoZIhvcNAQELBQADggEBABpqpZVlJGaXVQUwE6Jp+Bbe1ZOp
ztXCfRHXxvU8LoKcA6CFxDa0BfK2OPcclGEO7Wb/KcsgcD5fldHwEMZxB2temwMW
njZm0A+erL9pmvrieF3umyzEcDy10mICDaXlc2WepUoWUqy2VcgnXyN28OPlyS+s
NFqMCEr1Qyygty4YI1bsyOTKC7/d+1JBEVt6Wac0CWYz0rjsIo1dxK468UpJLydY
58I/kGzKC4qya/ah0tcUI7uYdGqLBckeAi0oTTXWkvE/8CNMb3/pwp1oFpCDFG7i
xB4R5nH16DKLB5PzmBZyx0B8qaZxl/+VH+Zj/0NMhDr/cmYAyl+RvFlx04s=
-----END CERTIFICATE-----
Generated at Mon Jun 30 20:38:31 2025 by rpki-client