Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3356d24b-fc8c-4c45-9f79-7168e2b6ee25.roa
File:                     3356d24b-fc8c-4c45-9f79-7168e2b6ee25.roa (raw, json)
Hash identifier:          CFP6jAOH2sIw05aIuNdIrbyVFz+Js8IUb7S48yXfWyU=
Subject key identifier:   39:88:5C:CB:19:4D:22:79:95:47:34:61:FA:8C:EB:3E:A3:38:6E:D0
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       40E7152B02D1078E06BA3360B998C82B03D203D5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3356d24b-fc8c-4c45-9f79-7168e2b6ee25.roa
Signing time:             Fri 01 Aug 2025 16:51:54 +0000
ROA not before:           Fri 01 Aug 2025 16:51:54 +0000
ROA not after:            Fri 05 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f00:4050::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:e7:15:2b:02:d1:07:8e:06:ba:33:60:b9:98:c8:2b:03:d2:03:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  1 16:51:54 2025 GMT
            Not After : Sep  5 23:59:59 2025 GMT
        Subject: serialNumber=3c86bd534545e4852e9f43d96e4c81cfa929e05958e4c877724ea04a3d676324, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:9f:02:bd:00:e0:68:45:d0:1e:f2:35:a5:32:
                    c8:c3:c0:cb:6c:71:da:35:d8:cc:82:9f:37:0b:e4:
                    46:0f:79:7d:f8:85:a5:b4:53:94:50:7b:31:dc:76:
                    ce:ac:04:1b:a9:aa:4c:69:32:25:a0:2d:78:32:d9:
                    68:c0:66:48:f7:3c:7e:8d:e9:39:23:73:a2:3d:43:
                    e4:24:6d:59:07:50:87:cd:4a:52:bf:55:19:2c:d9:
                    d9:a4:46:c4:4b:7a:72:d4:39:ff:ae:00:34:e8:56:
                    d5:29:f9:ff:35:20:f0:2c:6f:69:f0:1e:78:9e:0a:
                    2f:ad:11:06:46:07:da:15:78:cf:fb:c7:81:8f:de:
                    5c:61:1f:97:72:d3:2e:4d:7f:bb:9c:b8:4b:51:60:
                    f0:e6:71:ec:f3:50:69:6e:92:98:30:83:0b:23:3c:
                    1b:fb:71:68:6d:05:d3:74:4d:e8:19:07:6d:a0:27:
                    ad:17:d1:14:c4:d6:b1:a1:ad:41:dd:df:96:ad:5a:
                    73:dd:bc:cb:2b:63:91:3d:e3:19:78:83:06:37:27:
                    73:60:7a:ca:65:94:3a:e1:37:f7:20:d9:9d:ea:cf:
                    10:50:14:3a:21:ca:c3:65:72:28:a0:36:37:b9:79:
                    e8:ee:df:57:b8:b0:d4:7a:af:36:e6:09:0b:5e:e5:
                    14:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:88:5C:CB:19:4D:22:79:95:47:34:61:FA:8C:EB:3E:A3:38:6E:D0
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3356d24b-fc8c-4c45-9f79-7168e2b6ee25.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f00:4050::/48

    Signature Algorithm: sha256WithRSAEncryption
         2f:5d:54:cd:f8:99:7c:7c:fc:90:5e:c4:5f:70:80:a8:c1:03:
         58:d8:fa:26:61:31:4f:8c:a0:e0:84:92:20:2c:c8:19:72:c9:
         6c:06:e5:28:a4:36:ee:84:13:ef:ea:33:96:50:1b:85:67:cd:
         5a:17:40:8b:67:06:71:8e:cc:94:a7:90:65:b3:1f:2d:00:b1:
         b5:bf:83:af:ea:11:e0:07:39:a2:05:b9:6a:b7:75:71:01:59:
         f0:2a:23:f2:27:69:ae:b6:c0:41:43:c7:8c:fc:b1:1f:78:47:
         f8:2e:79:3c:61:db:ac:11:45:5a:5e:78:14:7c:c3:4d:a1:16:
         b1:1f:93:24:41:68:eb:da:94:c5:e0:18:4e:41:5a:c9:cb:ce:
         d2:c9:36:92:38:c0:3b:a2:d4:35:2a:0b:9b:dd:17:83:21:37:
         1c:dc:5f:f5:2b:18:d0:7b:84:65:c0:a5:65:1e:47:b2:05:03:
         06:6d:9e:61:b7:84:18:92:c9:5c:f7:04:0a:02:3f:09:a1:ed:
         9e:c1:0f:06:51:af:47:4b:b8:e5:e8:89:ff:0e:69:88:2e:82:
         88:35:4d:93:06:12:a0:49:d8:13:05:4e:7e:ec:73:f1:a9:cb:
         54:64:23:20:dc:e2:ad:de:9a:ae:5a:a3:c9:a4:02:09:a6:de:
         0a:85:ae:46
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUQOcVKwLRB44GujNguZjIKwPSA9UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODAxMTY1MTU0WhcNMjUwOTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0AzYzg2YmQ1MzQ1NDVlNDg1MmU5ZjQzZDk2ZTRjODFjZmE5
MjllMDU5NThlNGM4Nzc3MjRlYTA0YTNkNjc2MzI0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDfnwK9AOBoRdAe8jWlMsjDwMtscdo12MyCnzcL5EYPeX34
haW0U5RQezHcds6sBBupqkxpMiWgLXgy2WjAZkj3PH6N6Tkjc6I9Q+QkbVkHUIfN
SlK/VRks2dmkRsRLenLUOf+uADToVtUp+f81IPAsb2nwHnieCi+tEQZGB9oVeM/7
x4GP3lxhH5dy0y5Nf7ucuEtRYPDmcezzUGlukpgwgwsjPBv7cWhtBdN0TegZB22g
J60X0RTE1rGhrUHd35atWnPdvMsrY5E94xl4gwY3J3NgespllDrhN/cg2Z3qzxBQ
FDohysNlciigNje5eeju31e4sNR6rzbmCQte5RQjAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUOYhcyxlNInmVRzRh+ozrPqM4btAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzMzNTZkMjRiLWZjOGMtNGM0NS05Zjc5LTcxNjhlMmI2ZWUyNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB8AQFAwDQYJKoZIhvcNAQELBQADggEBAC9dVM34mXx8/JBexF9wgKjB
A1jY+iZhMU+MoOCEkiAsyBlyyWwG5SikNu6EE+/qM5ZQG4VnzVoXQItnBnGOzJSn
kGWzHy0AsbW/g6/qEeAHOaIFuWq3dXEBWfAqI/Inaa62wEFDx4z8sR94R/gueTxh
26wRRVpeeBR8w02hFrEfkyRBaOvalMXgGE5BWsnLztLJNpI4wDui1DUqC5vdF4Mh
NxzcX/UrGNB7hGXApWUeR7IFAwZtnmG3hBiSyVz3BAoCPwmh7Z7BDwZRr0dLuOXo
if8OaYgugog1TZMGEqBJ2BMFTn7sc/Gpy1RkIyDc4q3emq5ao8mkAgmm3gqFrkY=
-----END CERTIFICATE-----
Generated at Wed Aug 6 05:30:02 2025 by rpki-client