Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/90ceb0ee-66d3-4c56-8825-2c68b02e5693.roa
File:                     90ceb0ee-66d3-4c56-8825-2c68b02e5693.roa (raw, json)
Hash identifier:          FQngkFPQyfrnztYL6q9hFmh0FD6TSasssWdY3tdGb0g=
Subject key identifier:   3A:F7:C8:E3:70:21:86:F6:C1:DB:9D:20:52:E0:DA:B2:81:CA:63:6A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       07DF947A019DBFA90D739508746FF962DB2D2258
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/90ceb0ee-66d3-4c56-8825-2c68b02e5693.roa
Signing time:             Sat 19 Jul 2025 00:40:18 +0000
ROA not before:           Sat 19 Jul 2025 00:40:18 +0000
ROA not after:            Sat 23 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        96.0.92.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:df:94:7a:01:9d:bf:a9:0d:73:95:08:74:6f:f9:62:db:2d:22:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 19 00:40:18 2025 GMT
            Not After : Aug 23 23:59:59 2025 GMT
        Subject: serialNumber=c7b587b5049ca72bd78d80d08e70f913eb7cfc925fe5359e8a0471b699abc795, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:df:08:c9:6c:52:98:3a:d9:e2:89:09:07:49:
                    02:b1:51:56:70:bf:ec:9b:2e:ca:02:a4:8f:82:91:
                    18:c0:48:1f:43:f6:ef:07:f0:81:f2:2b:c5:7c:e3:
                    16:cf:bb:41:b6:2c:d4:50:ff:e5:45:33:b3:b7:5e:
                    42:9e:e0:ed:96:f5:0c:ee:41:95:a6:5a:ca:79:8b:
                    35:86:4b:f2:d9:53:c5:f8:cd:02:34:a9:aa:14:be:
                    52:47:c4:09:da:05:9c:24:f6:5b:a1:df:31:74:64:
                    ac:1f:27:0e:a6:fe:79:d3:ea:50:82:bb:45:9a:96:
                    35:87:e6:41:45:49:43:b5:0e:a0:c6:43:89:be:a8:
                    2e:c2:4c:25:e0:5f:0a:60:74:11:0f:7e:c0:0e:b5:
                    ae:2a:81:5d:b0:af:14:a2:23:84:54:10:71:07:02:
                    1e:4e:7d:46:71:b5:e6:19:ed:20:da:e1:1e:67:d5:
                    1a:8e:8d:9a:d5:12:30:61:c5:64:b4:1b:ca:8a:18:
                    fa:66:75:f5:f8:d6:91:ca:7d:db:24:a1:19:2a:ca:
                    30:14:4f:63:e7:98:bd:e9:ff:a2:d3:1b:d3:95:ee:
                    bf:a9:4a:b6:0e:4f:0b:95:f9:c2:2e:db:79:bd:32:
                    9f:a3:d5:f5:a5:0c:19:07:39:28:db:de:18:03:2b:
                    48:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:F7:C8:E3:70:21:86:F6:C1:DB:9D:20:52:E0:DA:B2:81:CA:63:6A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/90ceb0ee-66d3-4c56-8825-2c68b02e5693.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  96.0.92.0/23

    Signature Algorithm: sha256WithRSAEncryption
         04:72:55:5a:32:d0:dc:ae:62:ca:e6:c4:a6:0a:72:25:3a:a1:
         a3:47:9e:37:c0:e3:5e:96:e1:33:01:e1:0a:15:73:6b:d1:b0:
         41:32:f0:c8:a9:06:a5:9d:30:61:95:08:ea:6f:9d:2c:43:71:
         82:a0:0e:fa:de:08:46:fe:32:44:4a:23:85:52:07:b6:8e:00:
         2b:c0:5c:01:97:90:c3:e2:22:fc:57:f9:29:87:ad:93:33:a2:
         61:6d:40:df:2b:a5:6b:2e:92:b5:51:83:30:03:db:9d:8f:a7:
         18:c2:be:96:e6:44:70:4f:41:46:dc:36:ca:d1:af:39:09:2b:
         17:4a:89:60:de:22:72:c0:16:a3:a2:af:75:4e:b5:65:62:36:
         cc:c8:7e:79:06:84:31:e0:22:a8:4e:2a:49:59:23:32:0d:15:
         5c:c4:9a:ea:d3:f1:ba:2f:62:1d:6c:c5:2e:d2:00:7f:ae:03:
         ad:7d:b7:ac:18:2c:90:d4:24:ca:48:c2:89:5c:cd:8f:85:17:
         59:29:73:f1:c8:3d:f1:b6:76:94:f2:1d:8b:cf:9b:6a:27:67:
         16:1d:c7:11:f7:b9:bd:31:5a:4d:c0:7c:31:41:a0:2d:78:c0:
         c8:83:bf:38:d0:70:ac:cc:ef:b9:df:94:f0:87:46:fe:c3:75:
         75:ce:88:85
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUB9+UegGdv6kNc5UIdG/5YtstIlgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzE5MDA0MDE4WhcNMjUwODIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BjN2I1ODdiNTA0OWNhNzJiZDc4ZDgwZDA4ZTcwZjkxM2Vi
N2NmYzkyNWZlNTM1OWU4YTA0NzFiNjk5YWJjNzk1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCf3wjJbFKYOtniiQkHSQKxUVZwv+ybLsoCpI+CkRjASB9D
9u8H8IHyK8V84xbPu0G2LNRQ/+VFM7O3XkKe4O2W9QzuQZWmWsp5izWGS/LZU8X4
zQI0qaoUvlJHxAnaBZwk9luh3zF0ZKwfJw6m/nnT6lCCu0WaljWH5kFFSUO1DqDG
Q4m+qC7CTCXgXwpgdBEPfsAOta4qgV2wrxSiI4RUEHEHAh5OfUZxteYZ7SDa4R5n
1RqOjZrVEjBhxWS0G8qKGPpmdfX41pHKfdskoRkqyjAUT2PnmL3p/6LTG9OV7r+p
SrYOTwuV+cIu23m9Mp+j1fWlDBkHOSjb3hgDK0hhAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUOvfI43AhhvbB250gUuDasoHKY2owHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzkwY2ViMGVlLTY2ZDMtNGM1Ni04ODI1LTJjNjhiMDJlNTY5My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFgAFwwDQYJKoZIhvcNAQELBQADggEBAARyVVoy0NyuYsrmxKYKciU6oaNH
njfA416W4TMB4QoVc2vRsEEy8MipBqWdMGGVCOpvnSxDcYKgDvreCEb+MkRKI4VS
B7aOACvAXAGXkMPiIvxX+SmHrZMzomFtQN8rpWsukrVRgzAD252PpxjCvpbmRHBP
QUbcNsrRrzkJKxdKiWDeInLAFqOir3VOtWViNszIfnkGhDHgIqhOKklZIzINFVzE
murT8bovYh1sxS7SAH+uA619t6wYLJDUJMpIwolczY+FF1kpc/HIPfG2dpTyHYvP
m2onZxYdxxH3ub0xWk3AfDFBoC14wMiDvzjQcKzM77nflPCHRv7DdXXOiIU=
-----END CERTIFICATE-----
Generated at Wed Aug 6 14:12:57 2025 by rpki-client