Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3f6be9ff-ec25-42f0-a6d3-52cca0ff8f59.roa
File:                     3f6be9ff-ec25-42f0-a6d3-52cca0ff8f59.roa (raw, json)
Hash identifier:          yEQ4nS5X0ZgWeshEQpGMgUzgbNRydHJG8I0C3gSIGiE=
Subject key identifier:   60:80:01:E6:02:CE:B7:66:FE:BC:CA:3A:EB:62:7C:C4:33:54:19:29
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       44A3570267E888C3C98239FE8BB2F6E904CD911B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3f6be9ff-ec25-42f0-a6d3-52cca0ff8f59.roa
Signing time:             Tue 05 Aug 2025 00:31:03 +0000
ROA not before:           Tue 05 Aug 2025 00:31:03 +0000
ROA not after:            Tue 09 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.248.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:a3:57:02:67:e8:88:c3:c9:82:39:fe:8b:b2:f6:e9:04:cd:91:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  5 00:31:03 2025 GMT
            Not After : Sep  9 23:59:59 2025 GMT
        Subject: serialNumber=6284c8a77609630becfade8f12cb65c58648047b9e23d1f473c8cb0e1450b5a2, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:0a:43:3f:2a:2f:46:54:e2:2d:ae:3c:c4:2d:
                    60:e6:9e:08:df:c4:4d:c6:90:12:b9:b5:c7:0f:98:
                    a6:8e:ed:24:5c:fd:c9:b1:dd:2f:ab:37:3c:59:fb:
                    cd:6e:35:0e:f1:99:10:81:7e:72:ec:c5:8a:8f:bf:
                    89:37:4d:e2:aa:8a:61:04:8e:fa:00:4b:f1:37:d5:
                    60:33:7b:30:1d:7e:bc:dd:a7:dc:8d:3d:3c:43:c5:
                    85:ad:50:fe:0a:9f:6e:5d:f4:61:85:d1:13:d8:7d:
                    77:c1:39:fa:32:da:a8:2f:53:8e:a3:e0:09:89:be:
                    cc:1e:1b:d8:e3:cb:52:67:88:25:94:60:69:2e:b3:
                    8f:1f:a0:3d:04:63:d4:63:f4:af:7f:7e:e7:fc:e2:
                    47:f6:56:2a:85:73:eb:84:18:06:ff:cf:06:bb:17:
                    c8:b8:5f:fa:9e:5f:67:36:b9:9a:e5:06:07:3b:59:
                    d1:79:6e:9f:b1:06:26:96:8b:b4:91:e9:71:7d:7f:
                    a4:06:e5:c6:26:d0:78:db:05:89:9a:99:02:00:f6:
                    17:5d:5e:a4:cc:1e:8f:75:4e:81:b4:e9:f6:85:b1:
                    48:03:bd:aa:74:fa:91:e3:78:84:2e:82:eb:d2:8f:
                    7c:7b:b3:8e:a1:75:57:52:13:57:c5:c8:4d:7c:36:
                    6a:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:80:01:E6:02:CE:B7:66:FE:BC:CA:3A:EB:62:7C:C4:33:54:19:29
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3f6be9ff-ec25-42f0-a6d3-52cca0ff8f59.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.248.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         47:1b:89:5e:65:d3:c5:d4:f9:8c:66:c6:f7:a9:c5:99:4d:b5:
         9b:b1:02:ca:75:02:11:f9:da:4d:df:ee:ba:17:5b:47:10:46:
         d2:62:87:9b:79:b8:10:c4:15:97:8e:f7:43:e7:0f:ee:66:e1:
         07:d6:76:64:7c:de:40:94:59:65:64:2b:9f:09:f7:86:fb:8b:
         3e:06:d0:c1:9a:b8:cd:35:70:38:39:db:4c:f2:d6:5e:70:29:
         33:a9:65:00:68:d5:40:7e:f0:b8:8b:c3:2e:90:40:a1:8f:81:
         c3:47:b9:c3:e1:8b:a7:56:3f:e7:27:76:29:1b:7f:09:79:4d:
         99:e7:46:7c:92:70:ec:21:20:ae:fd:08:84:17:02:e1:27:2a:
         85:89:71:66:39:d4:53:14:30:22:c8:0b:bc:ed:7c:2a:6e:f0:
         16:1c:c1:bb:be:6f:36:84:ee:fb:8b:fa:7f:be:c5:23:5d:36:
         f3:e5:2b:0e:47:a6:c4:16:ed:26:8f:70:53:69:40:99:6c:31:
         11:76:c4:5f:ce:65:96:91:5b:84:cc:fc:4f:62:3e:9a:4d:49:
         58:25:38:98:26:c9:fb:df:83:a5:43:e2:7f:f6:4d:f3:9b:37:
         44:b5:a6:a3:fa:09:4e:da:9f:52:9c:ea:65:76:60:f6:7e:7b:
         f0:fe:02:5e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIURKNXAmfoiMPJgjn+i7L26QTNkRswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA1MDAzMTAzWhcNMjUwOTA5MjM1OTU5
WjB6MUkwRwYDVQQFE0A2Mjg0YzhhNzc2MDk2MzBiZWNmYWRlOGYxMmNiNjVjNTg2
NDgwNDdiOWUyM2QxZjQ3M2M4Y2IwZTE0NTBiNWEyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCmCkM/Ki9GVOItrjzELWDmngjfxE3GkBK5tccPmKaO7SRc
/cmx3S+rNzxZ+81uNQ7xmRCBfnLsxYqPv4k3TeKqimEEjvoAS/E31WAzezAdfrzd
p9yNPTxDxYWtUP4Kn25d9GGF0RPYfXfBOfoy2qgvU46j4AmJvsweG9jjy1JniCWU
YGkus48foD0EY9Rj9K9/fuf84kf2ViqFc+uEGAb/zwa7F8i4X/qeX2c2uZrlBgc7
WdF5bp+xBiaWi7SR6XF9f6QG5cYm0HjbBYmamQIA9hddXqTMHo91ToG06faFsUgD
vap0+pHjeIQuguvSj3x7s46hdVdSE1fFyE18NmolAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUYIAB5gLOt2b+vMo662J8xDNUGSkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNmNmJlOWZmLWVjMjUtNDJmMC1hNmQzLTUyY2NhMGZmOGY1OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4+DANBgkqhkiG9w0BAQsFAAOCAQEARxuJXmXTxdT5jGbG96nFmU21m7EC
ynUCEfnaTd/uuhdbRxBG0mKHm3m4EMQVl473Q+cP7mbhB9Z2ZHzeQJRZZWQrnwn3
hvuLPgbQwZq4zTVwODnbTPLWXnApM6llAGjVQH7wuIvDLpBAoY+Bw0e5w+GLp1Y/
5yd2KRt/CXlNmedGfJJw7CEgrv0IhBcC4ScqhYlxZjnUUxQwIsgLvO18Km7wFhzB
u75vNoTu+4v6f77FI1028+UrDkemxBbtJo9wU2lAmWwxEXbEX85llpFbhMz8T2I+
mk1JWCU4mCbJ+9+DpUPif/ZN85s3RLWmo/oJTtqfUpzqZXZg9n578P4CXg==
-----END CERTIFICATE-----
Generated at Tue Aug 5 17:27:43 2025 by rpki-client