Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/46758e19-83f6-44fe-b34a-46b023902f4e.roa
File:                     46758e19-83f6-44fe-b34a-46b023902f4e.roa (raw, json)
Hash identifier:          LdHjdyYHp82xiD9Je5G4X1Hza7dvCMDT63m7nfkzLoo=
Subject key identifier:   1B:22:B1:60:57:69:2B:D6:CD:E5:CD:F2:28:57:54:06:37:2C:60:02
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       48EFF9D8E28ADA1FBA23EAC3C27F6F2A8BA073EC
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/46758e19-83f6-44fe-b34a-46b023902f4e.roa
Signing time:             Wed 23 Jul 2025 00:30:21 +0000
ROA not before:           Wed 23 Jul 2025 00:30:21 +0000
ROA not after:            Wed 27 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        207.8.224.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:ef:f9:d8:e2:8a:da:1f:ba:23:ea:c3:c2:7f:6f:2a:8b:a0:73:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 23 00:30:21 2025 GMT
            Not After : Aug 27 23:59:59 2025 GMT
        Subject: serialNumber=82bfa61fcf501192b4e5ac61a37dba2a7c459c2d16a37b4b82db022f3dfd22ce, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:89:62:d7:72:01:f7:6e:8a:98:f6:d1:93:89:
                    aa:5e:7e:74:a5:91:8c:7e:22:91:74:8c:3f:61:5d:
                    a7:6c:f5:6c:14:da:4b:8f:97:08:5b:11:47:18:d6:
                    57:96:c2:85:76:d8:25:a1:ec:b1:f0:c0:a7:73:26:
                    4d:9a:fc:7b:f7:0f:77:0a:4f:16:3a:5f:8b:01:53:
                    32:b0:0f:df:e2:d6:cf:0b:9c:5c:51:a1:97:30:98:
                    d1:a4:57:5d:80:66:4e:47:47:f2:1b:f2:e9:bf:d5:
                    58:b9:68:af:5c:f7:a9:ec:59:39:f5:ca:b5:44:ab:
                    81:77:34:e2:6c:c0:86:7c:d9:06:68:52:9e:8b:20:
                    2d:b9:36:ba:fc:06:4a:c0:0e:26:c7:4c:be:5e:19:
                    1d:06:44:50:83:be:67:d0:1a:26:08:2c:47:19:ed:
                    e7:eb:7b:e0:72:03:c3:94:f1:4f:36:bd:da:e2:40:
                    4c:e4:7b:49:42:ed:a4:c7:6b:a5:07:ac:db:64:76:
                    6f:35:56:d1:fd:76:12:3c:5e:7c:78:28:27:3d:f7:
                    7a:2c:4d:ab:40:ca:27:2a:73:97:47:cd:13:1e:9d:
                    95:89:87:2e:c6:8c:2c:b4:e7:10:9e:44:3a:52:ca:
                    7a:26:f0:3c:f7:a2:e5:36:a2:c6:90:11:15:d1:d6:
                    8b:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:22:B1:60:57:69:2B:D6:CD:E5:CD:F2:28:57:54:06:37:2C:60:02
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/46758e19-83f6-44fe-b34a-46b023902f4e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  207.8.224.0/20

    Signature Algorithm: sha256WithRSAEncryption
         8b:f5:46:d1:a4:95:db:43:5a:0f:b9:52:8b:ef:22:e9:17:6a:
         f2:d0:db:8c:75:2b:e5:d2:a7:fb:3c:93:56:66:01:5c:9b:77:
         ca:80:b6:27:8a:48:ca:46:58:9a:53:39:7a:90:dd:21:52:6b:
         40:0f:6b:b9:ca:cf:8d:b4:48:69:54:b6:82:fe:5a:eb:a1:d6:
         18:3d:be:a6:9a:af:f9:01:0a:95:f7:91:a1:a4:07:63:87:0c:
         ff:d1:be:6d:24:3e:52:5d:22:05:09:96:c2:3b:12:1f:eb:6b:
         1e:ad:5e:07:0f:14:9a:cd:1e:12:24:c1:f0:63:41:08:77:8d:
         37:2e:69:77:fc:25:78:f8:6e:6f:c7:97:41:2a:31:b8:36:0f:
         05:d2:70:05:3f:3c:c9:da:85:6d:84:a9:8a:ed:ff:2c:92:27:
         8d:4a:8e:74:c9:c8:86:ff:3d:f2:ee:95:ce:58:18:0c:2e:e0:
         67:77:2f:50:64:24:f6:7d:96:1b:fd:b1:1a:56:1c:2f:59:4f:
         bd:9a:f1:10:57:19:ed:a1:56:24:8d:00:c5:5f:7d:b5:c3:c7:
         36:8f:bb:8d:8f:0a:04:8a:06:0c:c5:5b:6f:fe:73:e3:7c:bf:
         73:60:3c:30:3c:8b:93:ef:a5:a7:47:a4:77:1c:01:90:37:9e:
         4a:06:79:ba
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSO/52OKK2h+6I+rDwn9vKougc+wwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzIzMDAzMDIxWhcNMjUwODI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A4MmJmYTYxZmNmNTAxMTkyYjRlNWFjNjFhMzdkYmEyYTdj
NDU5YzJkMTZhMzdiNGI4MmRiMDIyZjNkZmQyMmNlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCriWLXcgH3boqY9tGTiapefnSlkYx+IpF0jD9hXads9WwU
2kuPlwhbEUcY1leWwoV22CWh7LHwwKdzJk2a/Hv3D3cKTxY6X4sBUzKwD9/i1s8L
nFxRoZcwmNGkV12AZk5HR/Ib8um/1Vi5aK9c96nsWTn1yrVEq4F3NOJswIZ82QZo
Up6LIC25Nrr8BkrADibHTL5eGR0GRFCDvmfQGiYILEcZ7efre+ByA8OU8U82vdri
QEzke0lC7aTHa6UHrNtkdm81VtH9dhI8Xnx4KCc993osTatAyicqc5dHzRMenZWJ
hy7GjCy05xCeRDpSynom8Dz3ouU2osaQERXR1osPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUGyKxYFdpK9bN5c3yKFdUBjcsYAIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQ2NzU4ZTE5LTgzZjYtNDRmZS1iMzRhLTQ2YjAyMzkwMmY0ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBATPCOAwDQYJKoZIhvcNAQELBQADggEBAIv1RtGkldtDWg+5UovvIukXavLQ
24x1K+XSp/s8k1ZmAVybd8qAtieKSMpGWJpTOXqQ3SFSa0APa7nKz420SGlUtoL+
Wuuh1hg9vqaar/kBCpX3kaGkB2OHDP/Rvm0kPlJdIgUJlsI7Eh/rax6tXgcPFJrN
HhIkwfBjQQh3jTcuaXf8JXj4bm/Hl0EqMbg2DwXScAU/PMnahW2EqYrt/yySJ41K
jnTJyIb/PfLulc5YGAwu4Gd3L1BkJPZ9lhv9sRpWHC9ZT72a8RBXGe2hViSNAMVf
fbXDxzaPu42PCgSKBgzFW2/+c+N8v3NgPDA8i5PvpadHpHccAZA3nkoGebo=
-----END CERTIFICATE-----
Generated at Wed Aug 6 10:15:52 2025 by rpki-client