Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/48af1dfe-0e61-4862-8ae2-75b053bcc924.roa
File:                     48af1dfe-0e61-4862-8ae2-75b053bcc924.roa (raw, json)
Hash identifier:          hTyQNNo562TIOlKiKwRbe2m3p+2B7Ywx64qtQQQ/Djs=
Subject key identifier:   CA:98:F2:CE:8C:4E:7B:10:8E:4C:9C:29:BC:F4:F7:75:C6:8F:60:09
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4821361201915E60353A8D9D20A8166C6BC375D6
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/48af1dfe-0e61-4862-8ae2-75b053bcc924.roa
Signing time:             Tue 22 Jul 2025 00:30:26 +0000
ROA not before:           Tue 22 Jul 2025 00:30:26 +0000
ROA not after:            Tue 26 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        44.215.136.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:21:36:12:01:91:5e:60:35:3a:8d:9d:20:a8:16:6c:6b:c3:75:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 22 00:30:26 2025 GMT
            Not After : Aug 26 23:59:59 2025 GMT
        Subject: serialNumber=61233d11328f2cb6323dc21cf482c30dfb9652baef56d9a49ca88d45cb43b380, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:10:39:69:b4:cd:18:11:9e:54:9c:bb:99:9f:
                    f8:8b:8f:ce:bd:a0:42:c6:f7:a7:77:04:aa:de:d3:
                    be:7f:81:21:93:51:f7:c1:d8:73:05:bc:4a:c5:ac:
                    88:cb:76:9b:7c:92:a8:37:bf:4a:b3:3a:1b:3f:e2:
                    9a:c2:44:47:1e:46:ab:fa:65:83:f3:e8:dd:9d:31:
                    35:f3:00:b0:43:9f:13:84:23:1b:7c:9f:7f:cb:30:
                    72:6b:fe:bf:d1:80:80:c1:ad:74:79:4f:5b:07:c8:
                    fb:7d:61:8f:4f:07:cb:54:de:a0:9b:ca:46:29:8e:
                    0d:e1:a4:e8:7e:b7:e4:94:fb:66:f9:c4:5b:5d:30:
                    d3:e1:dc:60:70:93:26:2d:41:62:20:56:c2:f1:56:
                    04:22:13:3b:69:95:a3:9d:fa:28:6b:01:aa:b5:04:
                    ca:a0:8a:b1:52:62:99:c1:f9:dc:20:70:4d:76:37:
                    76:51:5a:74:2b:1e:64:9f:8d:c1:da:7b:ca:78:09:
                    2d:d1:e1:a7:61:f8:29:98:57:2d:59:42:5e:45:48:
                    70:21:7c:32:1b:6b:fc:6f:e7:de:4c:88:69:98:c3:
                    42:0d:a9:21:6c:4b:ab:07:46:be:dd:10:11:4a:f9:
                    54:3b:e5:79:47:a6:31:90:c3:d5:e6:d3:44:dc:b9:
                    a3:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:98:F2:CE:8C:4E:7B:10:8E:4C:9C:29:BC:F4:F7:75:C6:8F:60:09
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/48af1dfe-0e61-4862-8ae2-75b053bcc924.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  44.215.136.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c4:07:4a:db:fc:04:c5:1f:ac:94:eb:10:6c:d4:37:31:29:63:
         12:02:b0:ca:37:c2:90:2c:41:d5:f6:02:93:85:9b:de:53:fb:
         7d:b9:d0:68:25:36:49:f1:25:90:9e:31:a5:f0:14:ae:eb:1b:
         a6:0d:4f:40:c6:75:18:15:03:76:64:95:d8:22:2f:c9:d6:27:
         4b:af:c5:2d:5a:5d:04:39:75:96:ef:69:68:92:67:02:0b:e3:
         a2:81:95:6d:86:86:17:c8:21:bf:8a:09:f7:9d:87:55:36:19:
         08:22:e8:fa:94:e9:18:ee:27:61:fc:7a:18:ad:f7:62:36:10:
         43:fa:9a:e8:92:f5:9e:76:1e:27:db:59:db:62:5f:c1:ff:62:
         6d:56:be:b1:41:f7:f8:c4:7a:5f:10:78:bc:c7:ed:66:92:00:
         05:4d:af:b8:44:fd:72:9a:36:cb:89:37:94:72:ac:71:05:1c:
         a7:e8:14:f1:71:68:f9:b6:14:40:7c:5f:85:8c:10:6b:74:0c:
         b9:2f:9a:4a:db:4d:f8:41:fe:34:7a:e1:fd:ef:c6:17:b8:cd:
         6a:8a:1d:fe:12:0d:7c:ed:c8:4f:18:ba:05:7e:5e:c4:f3:08:
         c6:88:89:55:a6:09:04:57:f2:1e:c2:5b:a9:38:24:59:73:4f:
         df:cd:f7:3a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSCE2EgGRXmA1Oo2dIKgWbGvDddYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzIyMDAzMDI2WhcNMjUwODI2MjM1OTU5
WjB6MUkwRwYDVQQFE0A2MTIzM2QxMTMyOGYyY2I2MzIzZGMyMWNmNDgyYzMwZGZi
OTY1MmJhZWY1NmQ5YTQ5Y2E4OGQ0NWNiNDNiMzgwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2EDlptM0YEZ5UnLuZn/iLj869oELG96d3BKre075/gSGT
UffB2HMFvErFrIjLdpt8kqg3v0qzOhs/4prCREceRqv6ZYPz6N2dMTXzALBDnxOE
Ixt8n3/LMHJr/r/RgIDBrXR5T1sHyPt9YY9PB8tU3qCbykYpjg3hpOh+t+SU+2b5
xFtdMNPh3GBwkyYtQWIgVsLxVgQiEztplaOd+ihrAaq1BMqgirFSYpnB+dwgcE12
N3ZRWnQrHmSfjcHae8p4CS3R4adh+CmYVy1ZQl5FSHAhfDIba/xv595MiGmYw0IN
qSFsS6sHRr7dEBFK+VQ75XlHpjGQw9Xm00TcuaO3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUypjyzoxOexCOTJwpvPT3dcaPYAkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQ4YWYxZGZlLTBlNjEtNDg2Mi04YWUyLTc1YjA1M2JjYzkyNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIs14gwDQYJKoZIhvcNAQELBQADggEBAMQHStv8BMUfrJTrEGzUNzEpYxIC
sMo3wpAsQdX2ApOFm95T+3250GglNknxJZCeMaXwFK7rG6YNT0DGdRgVA3Zkldgi
L8nWJ0uvxS1aXQQ5dZbvaWiSZwIL46KBlW2GhhfIIb+KCfedh1U2GQgi6PqU6Rju
J2H8ehit92I2EEP6muiS9Z52HifbWdtiX8H/Ym1WvrFB9/jEel8QeLzH7WaSAAVN
r7hE/XKaNsuJN5RyrHEFHKfoFPFxaPm2FEB8X4WMEGt0DLkvmkrbTfhB/jR64f3v
xhe4zWqKHf4SDXztyE8YugV+XsTzCMaIiVWmCQRX8h7CW6k4JFlzT9/N9zo=
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:03:57 2025 by rpki-client