Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5e9689be-d86a-4ada-9b31-610dcf35ec4b.roa
File:                     5e9689be-d86a-4ada-9b31-610dcf35ec4b.roa (raw, json)
Hash identifier:          HJdmQkwoOk8UDsvd9xMD6LaFthrQWyC5Mfh1MW7a/es=
Subject key identifier:   59:BD:E2:F0:D4:11:64:31:99:85:F4:46:46:78:F3:D0:56:FD:66:61
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       6B59B6BD00115D24E6A3933BA0CE34AFFCCD0E47
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5e9689be-d86a-4ada-9b31-610dcf35ec4b.roa
Signing time:             Fri 04 Jul 2025 16:20:08 +0000
ROA not before:           Fri 04 Jul 2025 16:20:08 +0000
ROA not after:            Fri 08 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        128.181.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 09 Jul 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:59:b6:bd:00:11:5d:24:e6:a3:93:3b:a0:ce:34:af:fc:cd:0e:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul  4 16:20:08 2025 GMT
            Not After : Aug  8 23:59:59 2025 GMT
        Subject: serialNumber=3aad4056b2c718e11f19fdded547e036997c3e4080badd5158ac8270dceff011, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:37:0e:08:63:49:84:51:df:a7:21:eb:77:f3:
                    c0:29:5e:b3:2d:7d:6d:40:35:38:0d:2f:33:6d:c5:
                    3d:a3:fa:d1:d4:d8:44:b0:fd:09:2e:d1:e1:7d:22:
                    29:cc:d8:0a:88:3d:f9:37:ae:82:cf:96:fb:7b:35:
                    03:ff:4b:47:cc:97:05:61:d1:01:ad:6f:8e:7f:0a:
                    74:bd:84:6d:fc:55:63:a3:98:ab:d1:d3:2b:7b:4d:
                    55:e7:4a:55:f5:9f:17:08:58:96:72:af:77:90:11:
                    c4:bd:3e:fd:0c:12:d2:56:fd:67:b6:6d:92:87:4a:
                    4d:6d:6b:61:d8:b3:9c:e1:a6:d5:13:a3:36:92:50:
                    a6:82:20:9e:e6:e0:fb:36:4b:15:3b:02:01:72:b7:
                    98:09:7e:34:86:34:e0:5a:5d:10:6e:b0:40:75:0b:
                    85:14:6e:f2:3c:92:2d:4f:1f:31:d8:2c:33:21:0c:
                    d1:d3:3c:36:c7:3a:c3:fe:64:78:7d:93:93:53:b6:
                    fd:5e:65:0f:89:71:28:de:04:cd:91:d2:46:f7:e0:
                    4d:c9:7c:29:66:8a:54:27:54:3c:69:3a:55:9d:46:
                    59:2a:f4:1b:df:c5:64:72:d4:09:87:7a:fb:5d:fb:
                    65:d9:52:2a:4f:75:18:18:03:4d:66:cf:4c:1b:d1:
                    b9:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:BD:E2:F0:D4:11:64:31:99:85:F4:46:46:78:F3:D0:56:FD:66:61
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5e9689be-d86a-4ada-9b31-610dcf35ec4b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  128.181.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         8a:83:ae:8c:b6:10:c6:cf:db:d2:dc:7e:fc:b1:c9:0b:26:1f:
         c6:fa:a0:12:d3:52:ce:f8:ff:3c:4d:94:c2:df:9d:ed:ba:6e:
         bf:fe:92:cf:78:00:ac:7e:ba:16:9f:2d:52:9e:dd:8e:8a:ae:
         0e:a7:20:2f:29:4d:06:bf:e5:0f:73:2c:be:b2:8b:6e:9e:96:
         35:8c:83:dd:88:33:56:6f:3a:dd:86:01:1e:fd:8a:a9:bf:15:
         db:d4:2e:3c:48:a5:1a:e0:91:05:5d:dd:88:38:ea:63:ee:3a:
         a3:33:db:2f:d6:1a:f3:9f:eb:fc:b2:36:a3:aa:b5:c5:ae:8c:
         d0:13:66:65:48:18:26:f4:6e:30:d9:a6:0a:8f:d1:22:b8:4a:
         a9:23:77:4e:f8:6c:a4:7f:0c:ce:b3:a4:c9:c0:73:d8:e4:33:
         ad:01:1b:9d:b9:10:c7:1d:2e:11:db:a7:e6:0d:d9:5d:22:83:
         73:5d:4f:55:51:fc:e7:8f:b0:1c:a7:ab:48:8b:62:60:f9:b5:
         31:4e:d4:9d:4b:62:ad:7c:b7:4e:94:65:e8:d0:79:f6:5f:b3:
         83:2b:e5:98:8d:4d:7c:9f:70:8e:65:13:9f:6b:9a:1a:c4:c5:
         50:3d:12:4e:2b:45:f1:be:d7:58:fd:1b:4f:5c:a1:20:ce:1b:
         ce:04:6e:ad
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUa1m2vQARXSTmo5M7oM40r/zNDkcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzA0MTYyMDA4WhcNMjUwODA4MjM1OTU5
WjB6MUkwRwYDVQQFE0AzYWFkNDA1NmIyYzcxOGUxMWYxOWZkZGVkNTQ3ZTAzNjk5
N2MzZTQwODBiYWRkNTE1OGFjODI3MGRjZWZmMDExMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCXNw4IY0mEUd+nIet388ApXrMtfW1ANTgNLzNtxT2j+tHU
2ESw/Qku0eF9IinM2AqIPfk3roLPlvt7NQP/S0fMlwVh0QGtb45/CnS9hG38VWOj
mKvR0yt7TVXnSlX1nxcIWJZyr3eQEcS9Pv0MEtJW/We2bZKHSk1ta2HYs5zhptUT
ozaSUKaCIJ7m4Ps2SxU7AgFyt5gJfjSGNOBaXRBusEB1C4UUbvI8ki1PHzHYLDMh
DNHTPDbHOsP+ZHh9k5NTtv1eZQ+JcSjeBM2R0kb34E3JfClmilQnVDxpOlWdRlkq
9BvfxWRy1AmHevtd+2XZUipPdRgYA01mz0wb0blJAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUWb3i8NQRZDGZhfRGRnjz0Fb9ZmEwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzVlOTY4OWJlLWQ4NmEtNGFkYS05YjMxLTYxMGRjZjM1ZWM0Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCAtTANBgkqhkiG9w0BAQsFAAOCAQEAioOujLYQxs/b0tx+/LHJCyYfxvqg
EtNSzvj/PE2Uwt+d7bpuv/6Sz3gArH66Fp8tUp7djoquDqcgLylNBr/lD3MsvrKL
bp6WNYyD3YgzVm863YYBHv2Kqb8V29QuPEilGuCRBV3diDjqY+46ozPbL9Ya85/r
/LI2o6q1xa6M0BNmZUgYJvRuMNmmCo/RIrhKqSN3TvhspH8MzrOkycBz2OQzrQEb
nbkQxx0uEdun5g3ZXSKDc11PVVH854+wHKerSItiYPm1MU7UnUtirXy3TpRl6NB5
9l+zgyvlmI1NfJ9wjmUTn2uaGsTFUD0STitF8b7XWP0bT1yhIM4bzgRurQ==
-----END CERTIFICATE-----
Generated at Sun Jul 6 22:28:39 2025 by rpki-client