Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7ef4e196-86eb-46d1-a251-131917dd667f.roa
File:                     7ef4e196-86eb-46d1-a251-131917dd667f.roa (raw, json)
Hash identifier:          ohuvKv94k+gUzXPQZDQvuzOW37B9hZyfZOxSZcnP9p8=
Subject key identifier:   A9:23:60:53:C7:B8:A2:B5:4A:6C:E0:11:B1:2F:F4:FE:1F:DD:A1:6D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       790A330F16EDB36251695123F3AF64AC1CD22D8F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7ef4e196-86eb-46d1-a251-131917dd667f.roa
Signing time:             Sun 17 May 2026 01:00:09 +0000
ROA not before:           Sun 17 May 2026 01:00:09 +0000
ROA not after:            Sat 15 Aug 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        56.244.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:0a:33:0f:16:ed:b3:62:51:69:51:23:f3:af:64:ac:1c:d2:2d:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 17 01:00:09 2026 GMT
            Not After : Aug 15 23:59:59 2026 GMT
        Subject: serialNumber=ac101b9b8341d880baf3e233d6c7268ad31583535cecd7f08b09a1a5e6d93238, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:79:7f:e7:73:42:30:07:7c:8e:bb:a5:3f:b1:
                    e7:68:71:19:db:c2:a7:11:53:78:ec:d2:ef:15:4b:
                    b3:2a:c1:9f:88:3b:38:6d:6e:c0:35:12:ea:c1:3e:
                    2e:ff:a4:43:5d:b0:8c:7c:84:1d:e6:f3:38:51:34:
                    3e:82:cc:14:84:86:07:d7:ae:71:74:60:59:e7:03:
                    50:09:78:7c:8a:36:40:e6:fe:85:51:17:ab:8d:d9:
                    ac:a2:75:d7:04:6d:e7:8b:b1:72:ff:17:4f:fa:ae:
                    1f:45:07:08:d8:cb:ad:8b:65:3d:7d:30:eb:5d:21:
                    62:39:cc:c0:04:22:ab:93:e6:9e:cc:b7:e0:6a:64:
                    13:ef:62:0a:5a:40:f3:b6:8d:3a:a5:49:d9:c5:10:
                    ef:10:f2:bd:05:ec:0d:a5:3a:f8:10:12:84:8a:cb:
                    6d:86:12:0e:de:db:3b:35:ec:3b:5b:8e:17:74:f2:
                    50:46:9e:43:8b:a4:68:83:4d:cf:d8:33:a2:e9:95:
                    81:e4:19:7c:bf:f3:fd:66:8c:68:94:82:79:af:96:
                    3c:f7:86:67:ba:a8:e5:a3:76:e9:dc:a2:ce:3c:c5:
                    ef:7f:46:55:84:b0:71:d4:e9:a6:3f:1f:4b:f8:16:
                    63:fa:74:88:28:98:f7:c4:94:26:b3:1e:99:ae:0b:
                    ed:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:23:60:53:C7:B8:A2:B5:4A:6C:E0:11:B1:2F:F4:FE:1F:DD:A1:6D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7ef4e196-86eb-46d1-a251-131917dd667f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.244.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         46:4f:53:be:33:81:d3:bb:f8:17:bb:38:43:7b:63:9a:df:9a:
         fa:d3:c1:13:e4:38:81:66:06:d8:19:b2:4d:e5:4b:03:0f:35:
         bd:a1:fd:8e:03:9d:0d:fe:2c:19:be:89:6f:0c:ad:bb:a1:29:
         fd:1e:41:b4:47:71:89:39:bb:a1:1a:90:1f:4f:4f:30:27:26:
         e2:e4:4f:13:ff:9c:0e:97:be:bc:39:a2:b9:d8:67:3b:cd:8f:
         32:02:c8:75:b6:8a:21:0c:26:d1:b4:f4:04:98:d1:87:30:71:
         38:d9:ec:9c:6e:65:07:f5:6a:a3:bc:be:25:31:41:45:2b:53:
         2f:0c:e0:d4:aa:ef:02:bc:df:d3:38:08:f1:91:f2:c0:04:a3:
         4e:7c:33:19:63:4d:c2:17:37:b9:2d:8d:de:e6:6e:10:b5:25:
         61:bb:af:1d:1b:d4:66:0b:98:57:e3:e1:01:33:8b:c0:0a:cb:
         df:45:66:bd:90:87:13:d6:90:ce:e3:31:f3:51:d1:17:35:ad:
         48:40:89:e2:f7:66:82:9b:7e:43:00:68:49:95:9d:97:76:27:
         13:68:05:18:92:b9:2f:b1:90:68:74:54:8e:70:11:80:f5:65:
         de:5f:ba:d3:2d:e3:4d:1d:a0:2b:c5:c7:e5:cf:60:08:b2:b7:
         aa:6a:05:63
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUeQozDxbts2JRaVEj869krBzSLY8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNTE3MDEwMDA5WhcNMjYwODE1MjM1OTU5
WjB6MUkwRwYDVQQFE0BhYzEwMWI5YjgzNDFkODgwYmFmM2UyMzNkNmM3MjY4YWQz
MTU4MzUzNWNlY2Q3ZjA4YjA5YTFhNWU2ZDkzMjM4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC5eX/nc0IwB3yOu6U/sedocRnbwqcRU3js0u8VS7MqwZ+I
OzhtbsA1EurBPi7/pENdsIx8hB3m8zhRND6CzBSEhgfXrnF0YFnnA1AJeHyKNkDm
/oVRF6uN2ayiddcEbeeLsXL/F0/6rh9FBwjYy62LZT19MOtdIWI5zMAEIquT5p7M
t+BqZBPvYgpaQPO2jTqlSdnFEO8Q8r0F7A2lOvgQEoSKy22GEg7e2zs17Dtbjhd0
8lBGnkOLpGiDTc/YM6LplYHkGXy/8/1mjGiUgnmvljz3hme6qOWjduncos48xe9/
RlWEsHHU6aY/H0v4FmP6dIgomPfElCazHpmuC+1lAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUqSNgU8e4orVKbOARsS/0/h/doW0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdlZjRlMTk2LTg2ZWItNDZkMS1hMjUxLTEzMTkxN2RkNjY3Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA49DANBgkqhkiG9w0BAQsFAAOCAQEARk9TvjOB07v4F7s4Q3tjmt+a+tPB
E+Q4gWYG2BmyTeVLAw81vaH9jgOdDf4sGb6Jbwytu6Ep/R5BtEdxiTm7oRqQH09P
MCcm4uRPE/+cDpe+vDmiudhnO82PMgLIdbaKIQwm0bT0BJjRhzBxONnsnG5lB/Vq
o7y+JTFBRStTLwzg1KrvArzf0zgI8ZHywASjTnwzGWNNwhc3uS2N3uZuELUlYbuv
HRvUZguYV+PhATOLwArL30VmvZCHE9aQzuMx81HRFzWtSECJ4vdmgpt+QwBoSZWd
l3YnE2gFGJK5L7GQaHRUjnARgPVl3l+60y3jTR2gK8XH5c9gCLK3qmoFYw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:08:18 2026 by rpki-client