Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8a9b271b-e372-4d45-bd2d-3a4d6cd8a008.roa
File:                     8a9b271b-e372-4d45-bd2d-3a4d6cd8a008.roa (raw, json)
Hash identifier:          4xF1/+nohVJpQ2cxUtb1H0Xl707PLxuIlb7KhPJNBo4=
Subject key identifier:   F3:DA:31:93:63:01:C6:66:9B:BE:E3:31:E6:BD:96:73:A0:1D:ED:70
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       27A53D6DDAB14AC3B6B76FC188911DA8021DC6B2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8a9b271b-e372-4d45-bd2d-3a4d6cd8a008.roa
Signing time:             Fri 25 Jul 2025 00:20:14 +0000
ROA not before:           Fri 25 Jul 2025 00:20:14 +0000
ROA not after:            Fri 29 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        64.52.112.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:a5:3d:6d:da:b1:4a:c3:b6:b7:6f:c1:88:91:1d:a8:02:1d:c6:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 25 00:20:14 2025 GMT
            Not After : Aug 29 23:59:59 2025 GMT
        Subject: serialNumber=a001c0d9df9765967e45faa266ba1123e065c5f009dd5aeaa76fc6f7a36b3394, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:3c:d6:c0:e4:09:ad:9b:23:be:0a:0e:a3:87:
                    30:36:11:2c:b8:f7:bc:e8:e8:bf:6c:91:79:76:6c:
                    df:b3:ca:29:db:00:60:f7:19:b7:8d:b1:82:ea:3d:
                    49:80:b5:f5:74:18:f8:2e:b7:f3:fb:a8:2c:2b:58:
                    14:a8:c4:1a:4f:b0:f7:53:99:25:15:56:65:ca:7e:
                    5e:c9:4c:79:87:3a:af:d8:9b:5f:6b:c4:5a:d4:a5:
                    d4:70:31:61:f7:3f:e3:ae:d4:af:cd:17:0b:dd:65:
                    4f:ad:d3:59:61:bd:15:7d:a8:c2:19:b1:76:90:a3:
                    8b:62:94:46:91:22:c1:88:bc:be:8f:49:16:bf:7a:
                    6d:61:a6:6c:ed:1b:2a:d1:38:56:62:a7:bf:4b:d2:
                    1f:04:e8:39:45:ea:1a:b6:cc:72:e8:62:b5:fe:c6:
                    8a:d5:8d:f3:42:c9:16:b1:36:87:ae:a4:6a:2a:80:
                    88:dc:d4:97:c9:60:eb:26:77:19:bc:23:e5:8f:4b:
                    b6:0c:e9:ad:0f:80:95:0c:c7:ff:a1:ec:2c:7a:0f:
                    c9:12:91:26:d2:d4:cc:d4:89:cc:5c:ec:d6:4d:da:
                    30:61:ec:bc:15:1b:35:b7:fa:50:e4:2b:99:94:b4:
                    eb:24:00:bc:98:4e:5e:aa:e4:0f:1f:9f:ad:fc:82:
                    bb:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:DA:31:93:63:01:C6:66:9B:BE:E3:31:E6:BD:96:73:A0:1D:ED:70
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8a9b271b-e372-4d45-bd2d-3a4d6cd8a008.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.52.112.0/20

    Signature Algorithm: sha256WithRSAEncryption
         cb:be:ea:b7:cd:f2:5e:71:57:90:05:fd:e0:3f:42:61:3f:dc:
         ee:a4:42:e1:52:7d:f9:d6:01:ba:80:5e:8f:d6:22:a7:1b:8f:
         ec:3e:34:ab:4b:db:d7:b7:f2:04:c0:a9:05:af:f2:f8:25:df:
         38:1c:70:b8:bc:f1:1a:e5:8b:34:84:a7:60:35:a2:ee:34:6d:
         c7:f3:9f:53:eb:12:9c:0d:5a:91:1c:43:1e:13:f7:5d:ca:9b:
         39:fa:61:de:8e:79:cb:89:ab:b4:cd:15:48:40:2b:88:81:7a:
         e8:0c:8f:54:e1:ec:ef:49:13:ee:ed:69:a0:b2:17:e9:7f:b2:
         9f:fb:6f:d3:f7:76:32:ca:1f:98:09:3c:27:25:48:0f:01:c1:
         90:ba:f1:02:16:18:48:3f:a3:74:ff:ce:2b:56:02:58:3c:b4:
         29:58:34:dd:ef:08:59:9c:b3:61:1b:fb:4a:16:cb:a9:8e:27:
         62:e6:eb:58:33:d1:72:2d:91:54:7b:fa:99:68:8b:26:44:bb:
         d7:23:08:7e:8b:36:71:b2:99:27:36:1c:d7:98:13:50:67:c7:
         36:d8:32:91:9f:fe:2b:a2:51:1d:ee:d1:a4:d8:02:b0:ae:e8:
         d8:77:b6:4f:fa:a8:18:3e:48:4f:ee:a4:9a:d7:c5:6e:3c:3c:
         62:3e:8f:eb
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJ6U9bdqxSsO2t2/BiJEdqAIdxrIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzI1MDAyMDE0WhcNMjUwODI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BhMDAxYzBkOWRmOTc2NTk2N2U0NWZhYTI2NmJhMTEyM2Uw
NjVjNWYwMDlkZDVhZWFhNzZmYzZmN2EzNmIzMzk0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDBPNbA5AmtmyO+Cg6jhzA2ESy497zo6L9skXl2bN+zyinb
AGD3GbeNsYLqPUmAtfV0GPgut/P7qCwrWBSoxBpPsPdTmSUVVmXKfl7JTHmHOq/Y
m19rxFrUpdRwMWH3P+Ou1K/NFwvdZU+t01lhvRV9qMIZsXaQo4tilEaRIsGIvL6P
SRa/em1hpmztGyrROFZip79L0h8E6DlF6hq2zHLoYrX+xorVjfNCyRaxNoeupGoq
gIjc1JfJYOsmdxm8I+WPS7YM6a0PgJUMx/+h7Cx6D8kSkSbS1MzUicxc7NZN2jBh
7LwVGzW3+lDkK5mUtOskALyYTl6q5A8fn638grvFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU89oxk2MBxmabvuMx5r2Wc6Ad7XAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhhOWIyNzFiLWUzNzItNGQ0NS1iZDJkLTNhNGQ2Y2Q4YTAwOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBARANHAwDQYJKoZIhvcNAQELBQADggEBAMu+6rfN8l5xV5AF/eA/QmE/3O6k
QuFSffnWAbqAXo/WIqcbj+w+NKtL29e38gTAqQWv8vgl3zgccLi88RrlizSEp2A1
ou40bcfzn1PrEpwNWpEcQx4T913Kmzn6Yd6OecuJq7TNFUhAK4iBeugMj1Th7O9J
E+7taaCyF+l/sp/7b9P3djLKH5gJPCclSA8BwZC68QIWGEg/o3T/zitWAlg8tClY
NN3vCFmcs2Eb+0oWy6mOJ2Lm61gz0XItkVR7+ploiyZEu9cjCH6LNnGymSc2HNeY
E1BnxzbYMpGf/iuiUR3u0aTYArCu6Nh3tk/6qBg+SE/upJrXxW48PGI+j+s=
-----END CERTIFICATE-----
Generated at Wed Aug 6 00:51:51 2025 by rpki-client