Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7df4834a-8480-4495-b631-91c7c0456385.roa
File:                     7df4834a-8480-4495-b631-91c7c0456385.roa (raw, json)
Hash identifier:          I/x0B3YhepoQJgMU/6VGeQYi8TaCZYPtNkc/GFTwerc=
Subject key identifier:   10:21:88:33:12:BA:4F:62:14:43:AB:AA:1F:DC:0D:C7:6B:41:66:20
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5948C0F0CECC2F4E1902E24468687BF5E9C3B190
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7df4834a-8480-4495-b631-91c7c0456385.roa
Signing time:             Tue 05 Aug 2025 20:38:30 +0000
ROA not before:           Tue 05 Aug 2025 20:38:30 +0000
ROA not after:            Tue 09 Sep 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        15.241.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 11 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:48:c0:f0:ce:cc:2f:4e:19:02:e2:44:68:68:7b:f5:e9:c3:b1:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  5 20:38:30 2025 GMT
            Not After : Sep  9 23:59:59 2025 GMT
        Subject: serialNumber=615ca863f830df742810ce48a3ad4d851cb77bfb4928674eaae231e100ca9652, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:17:0c:fa:ee:cf:5f:01:ff:ba:34:f9:8b:57:
                    0f:40:27:3e:48:5b:0e:33:8f:27:95:5e:a3:04:cf:
                    5e:89:15:ab:fc:75:07:69:2a:e2:54:0b:52:6a:d7:
                    bd:aa:e6:fb:e3:eb:65:5f:06:6c:7b:45:e2:f0:a4:
                    88:14:d0:29:8e:cf:23:28:7f:f3:df:87:00:a2:ac:
                    2c:9d:6b:5f:55:7b:91:7d:f2:ad:d9:fa:ea:ef:4c:
                    1a:b6:59:41:0e:7d:48:94:d2:d5:6d:49:39:72:97:
                    b1:95:ca:fc:47:46:68:c8:99:84:b3:cc:68:35:c7:
                    6f:7d:fd:2e:d3:01:e2:4a:15:33:d0:5e:b9:c3:18:
                    5f:a8:6c:5a:f8:eb:00:2c:e4:25:57:ca:3b:1e:67:
                    2f:a0:d8:78:83:6e:ce:21:34:fd:33:6c:96:3f:bb:
                    9f:fe:9d:d3:8c:9f:a4:53:4e:b7:3e:e9:ee:8f:1a:
                    0f:5d:32:67:b1:9f:d4:27:41:41:07:b2:ab:94:56:
                    8d:fa:8c:ec:51:00:9e:85:22:8f:65:5d:86:97:af:
                    a2:fd:14:e2:e2:92:0f:f0:07:49:b9:f8:6e:8f:cb:
                    89:8c:d3:0c:b3:55:3d:14:2e:0f:19:a0:41:7a:3c:
                    af:44:32:90:e2:d0:28:f6:dc:28:20:bf:54:af:74:
                    ee:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:21:88:33:12:BA:4F:62:14:43:AB:AA:1F:DC:0D:C7:6B:41:66:20
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7df4834a-8480-4495-b631-91c7c0456385.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.241.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         af:94:51:5e:e1:86:24:49:2e:69:6c:8d:68:c4:0f:31:00:53:
         ae:f9:c3:75:9c:b2:93:62:3b:6a:58:08:e4:0e:b6:60:81:cc:
         c2:98:35:fa:04:0a:01:a4:38:12:1f:31:dd:cb:98:2f:3a:3e:
         c3:2b:e0:b5:32:52:b3:aa:10:9a:51:ca:e0:b3:56:ae:40:9d:
         65:80:8c:cf:78:25:57:d8:21:cf:61:e3:42:8d:13:bb:7f:8f:
         4c:69:14:75:c6:bb:ed:22:ec:72:f8:6e:8f:c1:d6:a6:df:e9:
         bd:68:70:0d:64:42:1d:98:da:59:5c:e7:df:ac:c0:94:b6:c1:
         8b:f4:9c:dd:b3:68:d8:01:60:fa:34:c5:9d:94:ba:2d:f3:c0:
         80:63:ec:a6:b1:d6:8c:7e:17:b6:2f:a0:48:30:4f:75:d4:18:
         68:58:3a:1a:5a:fc:68:26:9b:98:af:c1:54:ef:ed:e7:e5:f5:
         4c:a8:f2:0f:21:a8:6e:23:d3:c0:39:55:97:1a:36:b1:45:31:
         41:56:a6:5a:18:2f:17:23:f8:4f:7c:32:c4:80:d8:f4:58:e8:
         e5:17:df:b6:f0:cb:cb:50:0c:65:2b:a7:c0:f6:cf:25:fe:22:
         fb:3d:60:aa:af:5a:cc:d5:c8:94:d1:ef:8f:e3:2f:ff:59:25:
         15:d5:f0:12
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUWUjA8M7ML04ZAuJEaGh79enDsZAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA1MjAzODMwWhcNMjUwOTA5MjM1OTU5
WjB6MUkwRwYDVQQFE0A2MTVjYTg2M2Y4MzBkZjc0MjgxMGNlNDhhM2FkNGQ4NTFj
Yjc3YmZiNDkyODY3NGVhYWUyMzFlMTAwY2E5NjUyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCZFwz67s9fAf+6NPmLVw9AJz5IWw4zjyeVXqMEz16JFav8
dQdpKuJUC1Jq172q5vvj62VfBmx7ReLwpIgU0CmOzyMof/PfhwCirCyda19Ve5F9
8q3Z+urvTBq2WUEOfUiU0tVtSTlyl7GVyvxHRmjImYSzzGg1x299/S7TAeJKFTPQ
XrnDGF+obFr46wAs5CVXyjseZy+g2HiDbs4hNP0zbJY/u5/+ndOMn6RTTrc+6e6P
Gg9dMmexn9QnQUEHsquUVo36jOxRAJ6FIo9lXYaXr6L9FOLikg/wB0m5+G6Py4mM
0wyzVT0ULg8ZoEF6PK9EMpDi0Cj23Cggv1SvdO51AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUECGIMxK6T2IUQ6uqH9wNx2tBZiAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdkZjQ4MzRhLTg0ODAtNDQ5NS1iNjMxLTkxYzdjMDQ1NjM4NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAP8TANBgkqhkiG9w0BAQsFAAOCAQEAr5RRXuGGJEkuaWyNaMQPMQBTrvnD
dZyyk2I7algI5A62YIHMwpg1+gQKAaQ4Eh8x3cuYLzo+wyvgtTJSs6oQmlHK4LNW
rkCdZYCMz3glV9ghz2HjQo0Tu3+PTGkUdca77SLscvhuj8HWpt/pvWhwDWRCHZja
WVzn36zAlLbBi/Sc3bNo2AFg+jTFnZS6LfPAgGPsprHWjH4Xti+gSDBPddQYaFg6
Glr8aCabmK/BVO/t5+X1TKjyDyGobiPTwDlVlxo2sUUxQVamWhgvFyP4T3wyxIDY
9Fjo5RfftvDLy1AMZSunwPbPJf4i+z1gqq9azNXIlNHvj+Mv/1klFdXwEg==
-----END CERTIFICATE-----
Generated at Sun Aug 10 16:06:01 2025 by rpki-client