Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/640db256-ea3a-41a0-b252-1d52034e7dfa.roa
File:                     640db256-ea3a-41a0-b252-1d52034e7dfa.roa (raw, json)
Hash identifier:          4s9L+m8KpaDjYKcBvXRGvR3yCEVARrjKQ75K2jQsb1k=
Subject key identifier:   3D:AE:8B:14:CD:0A:5C:B8:55:5F:B2:72:92:39:5A:2D:FB:C4:60:49
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       186803518201318F66505426EA58274D5B5AD4F8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/640db256-ea3a-41a0-b252-1d52034e7dfa.roa
Signing time:             Sat 16 May 2026 02:21:45 +0000
ROA not before:           Sat 16 May 2026 02:21:45 +0000
ROA not after:            Fri 14 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        110.239.29.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:68:03:51:82:01:31:8f:66:50:54:26:ea:58:27:4d:5b:5a:d4:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 16 02:21:45 2026 GMT
            Not After : Aug 14 23:59:59 2026 GMT
        Subject: serialNumber=2e6975e2ed856ab6b45150d5e13c6d661aaf9c0600442f5125f6677acb5b4b13, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:b3:cd:ae:af:69:41:cf:cc:81:28:22:50:69:
                    e7:12:f5:70:e6:30:3b:72:cf:d6:64:2f:35:ff:d6:
                    fd:7d:33:1b:4b:ff:7e:3f:0d:e8:b8:64:89:1a:92:
                    e5:36:0c:24:c6:c8:8a:99:59:f0:de:9c:12:ac:5f:
                    f6:68:39:b7:42:67:44:b2:39:47:82:06:bd:7e:58:
                    f1:40:ef:24:b0:1b:fb:82:4d:02:2a:de:60:0a:31:
                    59:1e:a7:d4:6d:21:6e:1f:fb:12:0c:14:76:c5:26:
                    2e:eb:c0:45:92:ce:cb:48:00:bb:69:98:66:a7:17:
                    f7:13:4a:d3:a8:e5:12:e1:41:4d:93:ec:72:91:cb:
                    bc:e9:e2:20:11:73:4e:83:7a:94:a6:bd:bf:bb:cf:
                    8b:60:9e:f1:bb:aa:ad:4d:34:bb:83:47:fd:8f:9b:
                    62:1c:79:3a:c1:64:27:92:0d:32:a1:a0:42:26:5d:
                    c9:e5:9a:58:4b:ff:1d:4c:84:5c:ec:ee:44:35:c6:
                    fa:21:4d:49:c9:7d:77:43:77:4d:88:26:70:96:db:
                    d4:0c:e4:05:82:04:3e:83:67:a5:8a:da:ea:15:ae:
                    87:73:2c:f9:92:78:2b:da:9b:cf:99:57:d9:dc:3e:
                    ed:6d:81:61:e0:63:4b:3c:95:17:ce:f3:cc:bb:82:
                    1b:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:AE:8B:14:CD:0A:5C:B8:55:5F:B2:72:92:39:5A:2D:FB:C4:60:49
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/640db256-ea3a-41a0-b252-1d52034e7dfa.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  110.239.29.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b7:e2:8e:0c:cf:1b:a9:53:84:ac:ea:4e:7f:be:fe:74:14:d2:
         58:32:a8:39:74:2a:f4:e1:d0:68:c4:37:9e:41:9f:e4:ee:ff:
         6d:bd:18:9d:0f:21:78:de:9a:65:30:44:62:c6:a6:de:63:70:
         6a:4b:14:f9:3c:bb:45:6a:b8:f7:13:9a:24:c7:c7:53:51:03:
         46:7a:ff:fd:cc:de:d2:d4:f6:f4:5f:a1:f7:0b:3b:03:ce:bc:
         e9:34:80:43:f9:35:75:d8:e6:ec:cf:58:01:53:57:44:f5:93:
         2c:42:c7:93:a5:e3:52:57:72:55:18:24:24:d4:58:6e:d3:4b:
         a2:fb:f8:49:61:7e:2c:98:44:ed:51:0d:44:c0:97:04:7c:6f:
         a4:38:3a:45:48:3f:19:e6:81:16:b4:31:9f:15:d5:02:08:ff:
         af:01:a9:38:91:59:01:90:33:ff:2a:d7:bb:a3:ef:62:0e:4e:
         f1:56:fc:e4:72:0c:8d:48:c3:7a:4d:b4:16:c4:df:e0:8d:2c:
         10:19:8f:4d:31:f8:a5:2d:25:47:04:bc:f8:9c:99:44:90:d8:
         c5:51:fe:55:bc:19:85:2f:e2:5e:68:2b:00:b1:3d:d0:cc:b3:
         5a:72:ce:f4:28:3a:74:f8:e5:76:30:c6:61:b5:36:a9:fd:d2:
         30:4a:e2:85
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUGGgDUYIBMY9mUFQm6lgnTVta1PgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNTE2MDIyMTQ1WhcNMjYwODE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AyZTY5NzVlMmVkODU2YWI2YjQ1MTUwZDVlMTNjNmQ2NjFh
YWY5YzA2MDA0NDJmNTEyNWY2Njc3YWNiNWI0YjEzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCds82ur2lBz8yBKCJQaecS9XDmMDtyz9ZkLzX/1v19MxtL
/34/Dei4ZIkakuU2DCTGyIqZWfDenBKsX/ZoObdCZ0SyOUeCBr1+WPFA7ySwG/uC
TQIq3mAKMVkep9RtIW4f+xIMFHbFJi7rwEWSzstIALtpmGanF/cTStOo5RLhQU2T
7HKRy7zp4iARc06DepSmvb+7z4tgnvG7qq1NNLuDR/2Pm2IceTrBZCeSDTKhoEIm
XcnlmlhL/x1MhFzs7kQ1xvohTUnJfXdDd02IJnCW29QM5AWCBD6DZ6WK2uoVrodz
LPmSeCvam8+ZV9ncPu1tgWHgY0s8lRfO88y7ghv3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUPa6LFM0KXLhVX7JykjlaLfvEYEkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY0MGRiMjU2LWVhM2EtNDFhMC1iMjUyLTFkNTIwMzRlN2RmYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABu7x0wDQYJKoZIhvcNAQELBQADggEBALfijgzPG6lThKzqTn++/nQU0lgy
qDl0KvTh0GjEN55Bn+Tu/229GJ0PIXjemmUwRGLGpt5jcGpLFPk8u0VquPcTmiTH
x1NRA0Z6//3M3tLU9vRfofcLOwPOvOk0gEP5NXXY5uzPWAFTV0T1kyxCx5Ol41JX
clUYJCTUWG7TS6L7+ElhfiyYRO1RDUTAlwR8b6Q4OkVIPxnmgRa0MZ8V1QII/68B
qTiRWQGQM/8q17uj72IOTvFW/ORyDI1Iw3pNtBbE3+CNLBAZj00x+KUtJUcEvPic
mUSQ2MVR/lW8GYUv4l5oKwCxPdDMs1pyzvQoOnT45XYwxmG1Nqn90jBK4oU=
-----END CERTIFICATE-----