Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/ecba0557-c004-41c2-bd5b-63142dbee294.roa
File:                     ecba0557-c004-41c2-bd5b-63142dbee294.roa (raw, json)
Hash identifier:          3wb/pqqzqDQAi9fBmxZJv6lMQmn+xnelr+rVJSDZTHo=
Subject key identifier:   DF:92:14:11:6C:CF:7C:FA:42:7C:38:B1:64:AA:0F:3C:6E:3D:25:6B
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       14E4AEA765266BC4A9CCE0B7173D56056FA74115
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/ecba0557-c004-41c2-bd5b-63142dbee294.roa
Signing time:             Mon 30 Jun 2025 15:40:17 +0000
ROA not before:           Mon 30 Jun 2025 15:40:17 +0000
ROA not after:            Mon 04 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        205.251.248.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 02 Jul 2025 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:e4:ae:a7:65:26:6b:c4:a9:cc:e0:b7:17:3d:56:05:6f:a7:41:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Jun 30 15:40:17 2025 GMT
            Not After : Aug  4 23:59:59 2025 GMT
        Subject: serialNumber=80f7073b3a792cfabfb71ea62710750b7a14743f15cbc8a009b39ce0c29b6e28, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:e6:e5:b2:d0:5d:6f:61:13:f3:f7:45:78:61:
                    06:dc:08:55:31:3e:15:fb:79:53:de:1f:5e:e5:b3:
                    b8:5c:a4:aa:97:06:b2:3e:f4:11:5b:8e:dc:41:f0:
                    a3:58:07:d7:72:a8:98:54:7b:70:79:f2:56:ce:07:
                    c1:24:df:07:94:bc:74:f8:3c:db:93:ed:3e:05:0e:
                    ed:5d:27:65:71:9d:66:5f:18:c2:01:bc:12:a0:fc:
                    e0:49:b7:cf:f3:62:d3:9b:4f:45:ef:f2:6b:3d:1e:
                    52:4f:90:12:dc:a2:c6:c4:06:9c:c3:16:7c:a3:95:
                    7c:8b:39:01:1b:49:bc:c3:2a:ed:72:b7:d3:a3:9d:
                    19:49:cf:92:63:69:25:6e:e6:26:38:61:c9:e1:ea:
                    5f:48:58:bd:43:37:50:c6:ed:46:15:b7:17:56:23:
                    4e:8b:17:09:0f:9e:97:03:3e:53:8d:b5:ad:d9:93:
                    0f:7d:de:c6:bb:64:58:bf:cf:b7:98:7d:54:60:88:
                    a1:af:d5:57:bf:e9:3d:6a:73:cd:15:fd:b4:ec:b3:
                    ca:18:12:bf:a1:b3:30:af:cf:43:66:35:ac:14:6e:
                    a6:1f:df:05:03:6a:fe:c4:0c:34:38:27:85:ea:c2:
                    47:a0:87:9b:c4:a7:52:7c:12:ad:f8:77:57:68:7c:
                    1b:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:92:14:11:6C:CF:7C:FA:42:7C:38:B1:64:AA:0F:3C:6E:3D:25:6B
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/ecba0557-c004-41c2-bd5b-63142dbee294.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  205.251.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:78:57:0b:37:ab:0b:43:6a:ca:eb:b0:2c:04:7c:d3:a0:8f:
         32:3e:bb:c6:cb:71:4e:f9:84:7a:03:59:2b:4b:20:9b:88:f4:
         57:73:0f:7d:cc:5c:04:ff:76:ba:96:39:ca:e6:bb:67:c9:34:
         29:79:20:77:97:81:0f:1a:0f:7a:e7:af:27:75:cd:0f:b8:cd:
         c4:fc:db:14:49:18:cc:5b:0c:f9:61:da:8d:4a:e2:08:ea:d7:
         2a:76:4d:05:35:65:3d:e8:d5:f2:ed:10:e3:79:f1:12:27:52:
         5c:f1:ee:9b:b7:bc:b5:04:48:08:a5:73:3e:be:d6:38:89:b2:
         99:37:37:67:1f:39:b8:aa:a1:d8:7f:12:e5:4a:de:5a:93:31:
         79:a9:11:1c:42:2d:46:14:74:bf:10:04:51:5f:a0:27:ba:2a:
         31:68:1d:c7:95:e7:bc:cc:4f:f8:5e:b0:e0:df:e5:ad:44:da:
         82:46:99:65:37:73:8d:88:94:7a:a6:d6:22:1a:ea:97:61:41:
         f5:a9:45:ba:67:7d:61:41:86:36:dc:86:62:8b:c1:e6:6d:8a:
         3a:45:d4:59:d5:68:29:0a:b6:3e:6f:b0:ca:03:4f:b2:fc:34:
         a4:ad:8d:42:71:4e:4e:93:68:27:5f:6a:21:b4:20:e0:48:8d:
         f1:c9:91:b0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFOSup2Uma8SpzOC3Fz1WBW+nQRUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjUwNjMwMTU0MDE3WhcNMjUwODA0MjM1OTU5
WjB6MUkwRwYDVQQFE0A4MGY3MDczYjNhNzkyY2ZhYmZiNzFlYTYyNzEwNzUwYjdh
MTQ3NDNmMTVjYmM4YTAwOWIzOWNlMGMyOWI2ZTI4MS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD45uWy0F1vYRPz90V4YQbcCFUxPhX7eVPeH17ls7hcpKqX
BrI+9BFbjtxB8KNYB9dyqJhUe3B58lbOB8Ek3weUvHT4PNuT7T4FDu1dJ2VxnWZf
GMIBvBKg/OBJt8/zYtObT0Xv8ms9HlJPkBLcosbEBpzDFnyjlXyLOQEbSbzDKu1y
t9OjnRlJz5JjaSVu5iY4Ycnh6l9IWL1DN1DG7UYVtxdWI06LFwkPnpcDPlONta3Z
kw993sa7ZFi/z7eYfVRgiKGv1Ve/6T1qc80V/bTss8oYEr+hszCvz0NmNawUbqYf
3wUDav7EDDQ4J4Xqwkegh5vEp1J8Eq34d1dofBuVAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU35IUEWzPfPpCfDixZKoPPG49JWswHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1L2VjYmEwNTU3LWMwMDQtNDFjMi1iZDViLTYzMTQyZGJlZTI5NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADN+/gwDQYJKoZIhvcNAQELBQADggEBAAt4Vws3qwtDasrrsCwEfNOgjzI+
u8bLcU75hHoDWStLIJuI9FdzD33MXAT/drqWOcrmu2fJNCl5IHeXgQ8aD3rnryd1
zQ+4zcT82xRJGMxbDPlh2o1K4gjq1yp2TQU1ZT3o1fLtEON58RInUlzx7pu3vLUE
SAilcz6+1jiJspk3N2cfObiqodh/EuVK3lqTMXmpERxCLUYUdL8QBFFfoCe6KjFo
HceV57zMT/hesODf5a1E2oJGmWU3c42IlHqm1iIa6pdhQfWpRbpnfWFBhjbchmKL
weZtijpF1FnVaCkKtj5vsMoDT7L8NKStjUJxTk6TaCdfaiG0IOBIjfHJkbA=
-----END CERTIFICATE-----
Generated at Tue Jul 1 00:57:25 2025 by rpki-client