Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/144f4136-d260-4d67-abb0-f0af17a69e3b.roa
File:                     144f4136-d260-4d67-abb0-f0af17a69e3b.roa (raw, json)
Hash identifier:          XhJW10Jl9YEu86U2lKHDwG+kNw9sbEhqdGXaNQUD0Io=
Subject key identifier:   05:FB:18:EA:36:87:5B:7E:E0:8B:4C:25:38:88:36:F7:44:01:A7:6C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4CEECB6D2828792CC4BDE5E56D334BA12B85A835
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/144f4136-d260-4d67-abb0-f0af17a69e3b.roa
Signing time:             Mon 28 Jul 2025 15:41:51 +0000
ROA not before:           Mon 28 Jul 2025 15:41:51 +0000
ROA not after:            Mon 01 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        64.190.116.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:ee:cb:6d:28:28:79:2c:c4:bd:e5:e5:6d:33:4b:a1:2b:85:a8:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 28 15:41:51 2025 GMT
            Not After : Sep  1 23:59:59 2025 GMT
        Subject: serialNumber=ed725aa48dc2f797c95ca72812f820514e051eec8042b936590d3e7d1cba0e7b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:c3:00:98:17:05:6b:44:da:73:e5:04:8f:00:
                    56:6a:5c:7b:3d:13:e8:cb:5b:03:91:23:47:f8:06:
                    a2:a7:d3:43:ac:3b:23:54:15:3a:30:b7:a0:de:22:
                    18:cc:25:b4:f0:84:15:4c:86:d0:35:87:bd:c4:b4:
                    ec:ba:f4:54:43:9f:49:21:a9:3c:1a:4b:3b:b9:32:
                    90:34:54:e3:04:56:90:02:f1:59:d1:b0:6c:97:13:
                    d4:50:c6:44:ab:17:4e:43:be:f0:e5:fe:fb:bc:b0:
                    df:2e:c3:c5:c3:f7:af:0e:d5:ee:4a:c8:f0:e2:6a:
                    44:41:c8:d2:91:a8:e2:b6:64:c0:f0:2f:c9:0f:e1:
                    df:55:3b:e5:6d:e9:c4:0e:4f:22:a7:82:b0:5e:f2:
                    4e:38:d8:a5:08:46:e1:31:2a:df:c3:1e:ff:2e:30:
                    4d:87:04:53:bf:32:bb:22:18:0c:05:6f:af:0b:13:
                    a0:0a:1c:92:a5:9f:72:e2:12:12:1e:cf:fb:9f:9b:
                    0e:b0:5f:70:a9:1e:9f:f7:a2:8c:70:e9:ff:ae:b4:
                    f5:5f:b6:75:09:d9:c6:e7:80:d1:27:58:ec:42:7a:
                    e4:d4:24:be:e4:a3:8f:2c:67:d0:71:d1:fe:17:be:
                    6d:dd:b7:d5:95:bb:c8:95:b3:88:ab:b8:ee:52:8a:
                    21:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:FB:18:EA:36:87:5B:7E:E0:8B:4C:25:38:88:36:F7:44:01:A7:6C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/144f4136-d260-4d67-abb0-f0af17a69e3b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.190.116.0/23

    Signature Algorithm: sha256WithRSAEncryption
         08:9a:d0:41:38:9f:a8:c2:88:16:52:ce:fc:a8:20:3b:f4:f5:
         fb:e0:ec:fa:b2:04:86:87:bc:cc:68:23:3c:40:c7:31:0a:ee:
         30:67:de:61:81:60:ec:df:b2:11:2b:72:bf:a6:de:c9:cf:45:
         8c:1e:a2:85:a4:5a:f2:3b:c2:be:c1:7c:4a:51:83:64:78:a2:
         44:92:33:64:cc:e7:be:f3:af:23:92:5a:b8:37:a3:3b:ad:f8:
         b6:8d:75:fe:c5:8e:d5:40:1e:85:76:d4:aa:f5:25:fb:df:6e:
         1a:81:ad:58:41:59:6a:df:75:71:a2:d6:02:fe:a6:60:75:e1:
         50:4a:a9:b6:cf:2d:0c:d7:10:36:d6:17:b3:b4:90:a7:17:2a:
         b2:88:72:1d:fe:e2:6d:b5:39:5c:34:cf:5c:81:ec:81:e4:c6:
         1c:69:ee:cc:73:50:fb:bf:20:78:e7:e2:ba:ac:44:3d:11:94:
         be:7f:35:f1:61:5e:ec:8a:31:e1:da:eb:c0:22:4a:f5:df:95:
         08:d8:d2:5a:ee:f5:8b:b3:09:b8:2e:f8:67:60:8e:1c:9d:98:
         3d:42:d5:71:3f:d3:d6:44:60:e8:a0:9c:af:cd:27:64:cc:0f:
         1f:d1:e8:35:65:d3:59:72:db:4a:37:11:58:68:ab:a0:be:4e:
         bf:4a:42:4a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTO7LbSgoeSzEveXlbTNLoSuFqDUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzI4MTU0MTUxWhcNMjUwOTAxMjM1OTU5
WjB6MUkwRwYDVQQFE0BlZDcyNWFhNDhkYzJmNzk3Yzk1Y2E3MjgxMmY4MjA1MTRl
MDUxZWVjODA0MmI5MzY1OTBkM2U3ZDFjYmEwZTdiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDewwCYFwVrRNpz5QSPAFZqXHs9E+jLWwORI0f4BqKn00Os
OyNUFTowt6DeIhjMJbTwhBVMhtA1h73EtOy69FRDn0khqTwaSzu5MpA0VOMEVpAC
8VnRsGyXE9RQxkSrF05DvvDl/vu8sN8uw8XD968O1e5KyPDiakRByNKRqOK2ZMDw
L8kP4d9VO+Vt6cQOTyKngrBe8k442KUIRuExKt/DHv8uME2HBFO/MrsiGAwFb68L
E6AKHJKln3LiEhIez/ufmw6wX3CpHp/3ooxw6f+utPVftnUJ2cbngNEnWOxCeuTU
JL7ko48sZ9Bx0f4Xvm3dt9WVu8iVs4iruO5SiiEvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUBfsY6jaHW37gi0wlOIg290QBp2wwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE0NGY0MTM2LWQyNjAtNGQ2Ny1hYmIwLWYwYWYxN2E2OWUzYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFAvnQwDQYJKoZIhvcNAQELBQADggEBAAia0EE4n6jCiBZSzvyoIDv09fvg
7PqyBIaHvMxoIzxAxzEK7jBn3mGBYOzfshErcr+m3snPRYweooWkWvI7wr7BfEpR
g2R4okSSM2TM577zryOSWrg3ozut+LaNdf7FjtVAHoV21Kr1JfvfbhqBrVhBWWrf
dXGi1gL+pmB14VBKqbbPLQzXEDbWF7O0kKcXKrKIch3+4m21OVw0z1yB7IHkxhxp
7sxzUPu/IHjn4rqsRD0RlL5/NfFhXuyKMeHa68AiSvXflQjY0lru9YuzCbgu+Gdg
jhydmD1C1XE/09ZEYOignK/NJ2TMDx/R6DVl01ly20o3EVhoq6C+Tr9KQko=
-----END CERTIFICATE-----
Generated at Wed Aug 6 10:11:05 2025 by rpki-client