Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7afd30d1-aca2-41ba-af76-e8ddb5d9dd31.roa
File:                     7afd30d1-aca2-41ba-af76-e8ddb5d9dd31.roa (raw, json)
Hash identifier:          ZPFQG185OXp41fcjmnGn1scd6JkXWy1nqzPCwTT/laU=
Subject key identifier:   33:E9:99:CD:88:F2:5B:8B:14:AC:DC:0F:22:1C:F0:00:FF:0E:99:11
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2502A4F1D023CBB1D32C4B3D126D2F6AA3A212CD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7afd30d1-aca2-41ba-af76-e8ddb5d9dd31.roa
Signing time:             Fri 13 Jun 2025 17:30:22 +0000
ROA not before:           Fri 13 Jun 2025 17:30:22 +0000
ROA not after:            Fri 18 Jul 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f19:8000::/36 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 17 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:02:a4:f1:d0:23:cb:b1:d3:2c:4b:3d:12:6d:2f:6a:a3:a2:12:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 13 17:30:22 2025 GMT
            Not After : Jul 18 23:59:59 2025 GMT
        Subject: serialNumber=61365cdfb6cbaee2be959f53204453e4c16fa226e7903e75bfde175dcc4cbb74, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:74:1d:0d:f2:f7:47:da:5d:ef:b3:b3:3d:52:
                    0c:f9:d9:0d:20:63:bf:69:06:f8:26:43:60:86:ec:
                    b1:f7:87:3e:15:4b:ae:68:9a:bb:91:cf:96:fa:41:
                    9f:32:48:87:92:29:c4:5e:16:fa:7e:8d:12:66:4c:
                    79:ae:31:ee:ba:8d:99:95:4e:5b:3c:e3:71:5d:08:
                    d5:4d:f2:02:c6:9f:5b:9c:e7:62:2a:15:1b:a0:97:
                    ee:80:b1:3b:79:92:84:cd:49:cb:11:d2:5e:40:e6:
                    0b:cd:0a:a5:3a:3a:b4:30:14:db:27:8e:ee:a8:b7:
                    0d:92:bc:1f:65:9c:41:a6:ae:2e:60:99:76:48:4a:
                    d6:07:e5:f3:1e:f9:e6:41:2e:9e:9b:31:fb:23:83:
                    39:c1:61:ac:08:33:65:ee:f0:f2:d1:c7:a7:b4:90:
                    d0:f1:09:d1:1b:cb:6b:71:36:6a:6d:f1:c3:dc:0b:
                    ed:b7:d5:1a:d6:4b:d1:40:67:db:93:32:13:4a:0d:
                    7e:bf:d8:3d:59:1d:5c:b3:d7:a2:b0:cc:6f:7d:86:
                    c0:a2:68:65:6d:ea:45:78:f4:3b:bc:a6:27:e8:ca:
                    0f:d4:cf:c5:7f:bc:6f:1d:7f:50:9c:b0:51:88:90:
                    19:30:3c:62:ad:38:0b:19:7a:be:a8:ee:5c:aa:eb:
                    24:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:E9:99:CD:88:F2:5B:8B:14:AC:DC:0F:22:1C:F0:00:FF:0E:99:11
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7afd30d1-aca2-41ba-af76-e8ddb5d9dd31.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f19:8000::/36

    Signature Algorithm: sha256WithRSAEncryption
         1a:01:6c:d8:b2:1b:b2:bb:01:42:71:29:56:3b:52:c9:18:c1:
         64:ca:52:53:33:bb:a6:7e:56:e3:f0:37:e7:a6:8b:f7:e6:df:
         b6:d1:67:ed:1c:f7:9b:3e:dd:e0:bb:a9:34:f5:29:c1:74:0f:
         8a:ce:dc:db:00:1a:02:81:c0:da:e3:7c:27:22:ef:7a:18:9c:
         ae:21:90:fe:bb:97:5d:7c:5e:47:f7:07:e1:e5:61:21:eb:43:
         30:2a:6b:f5:99:da:be:d2:d8:2a:be:0e:d7:df:8c:5f:0e:55:
         4d:e7:6e:e8:37:13:69:67:85:3e:c2:29:5c:94:c0:dc:01:8f:
         e4:02:52:7e:21:1f:11:3b:b8:ce:80:50:c6:8b:37:30:61:7e:
         68:78:61:50:13:72:47:2d:8f:ac:09:2a:71:2f:db:e3:f4:43:
         92:a1:da:ab:25:98:f1:2c:f9:ee:dd:1c:8c:89:a3:1f:9f:13:
         4a:4f:b4:36:91:23:bb:c5:b8:7e:f4:6b:6f:5e:06:9e:da:c4:
         61:aa:3c:6c:3a:51:6d:15:0b:80:d0:4c:59:09:7e:1d:df:81:
         54:ab:b6:67:e0:33:32:99:af:2d:ee:c9:4f:fd:62:66:ca:66:
         bd:f1:e1:95:d3:7e:b9:07:bf:e1:f9:c4:88:86:1d:05:49:84:
         03:98:89:bb
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUJQKk8dAjy7HTLEs9Em0vaqOiEs0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjEzMTczMDIyWhcNMjUwNzE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A2MTM2NWNkZmI2Y2JhZWUyYmU5NTlmNTMyMDQ0NTNlNGMx
NmZhMjI2ZTc5MDNlNzViZmRlMTc1ZGNjNGNiYjc0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCrdB0N8vdH2l3vs7M9Ugz52Q0gY79pBvgmQ2CG7LH3hz4V
S65omruRz5b6QZ8ySIeSKcReFvp+jRJmTHmuMe66jZmVTls843FdCNVN8gLGn1uc
52IqFRugl+6AsTt5koTNScsR0l5A5gvNCqU6OrQwFNsnju6otw2SvB9lnEGmri5g
mXZIStYH5fMe+eZBLp6bMfsjgznBYawIM2Xu8PLRx6e0kNDxCdEby2txNmpt8cPc
C+231RrWS9FAZ9uTMhNKDX6/2D1ZHVyz16KwzG99hsCiaGVt6kV49Du8pifoyg/U
z8V/vG8df1CcsFGIkBkwPGKtOAsZer6o7lyq6yTBAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUM+mZzYjyW4sUrNwPIhzwAP8OmREwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdhZmQzMGQxLWFjYTItNDFiYS1hZjc2LWU4ZGRiNWQ5ZGQzMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8ZgDANBgkqhkiG9w0BAQsFAAOCAQEAGgFs2LIbsrsBQnEpVjtSyRjB
ZMpSUzO7pn5W4/A356aL9+bfttFn7Rz3mz7d4LupNPUpwXQPis7c2wAaAoHA2uN8
JyLvehicriGQ/ruXXXxeR/cH4eVhIetDMCpr9ZnavtLYKr4O19+MXw5VTedu6DcT
aWeFPsIpXJTA3AGP5AJSfiEfETu4zoBQxos3MGF+aHhhUBNyRy2PrAkqcS/b4/RD
kqHaqyWY8Sz57t0cjImjH58TSk+0NpEju8W4fvRrb14GntrEYao8bDpRbRULgNBM
WQl+Hd+BVKu2Z+AzMpmvLe7JT/1iZspmvfHhldN+uQe/4fnEiIYdBUmEA5iJuw==
-----END CERTIFICATE-----