Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9188fa7b-db94-4ddb-97de-5cb09ac9c624.roa
File:                     9188fa7b-db94-4ddb-97de-5cb09ac9c624.roa (raw, json)
Hash identifier:          ZiPHVnWUwwmtbenfvmmcBVTWlDywJhh0cYPZkDUJ3sI=
Subject key identifier:   7A:C5:75:55:A7:5B:62:07:D6:7F:98:25:09:41:03:E3:82:C7:B9:C9
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0348C9BB816668FA930B6D0C315D9AF2FF121271
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9188fa7b-db94-4ddb-97de-5cb09ac9c624.roa
Signing time:             Fri 25 Jul 2025 00:31:57 +0000
ROA not before:           Fri 25 Jul 2025 00:31:57 +0000
ROA not after:            Fri 29 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        99.151.190.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:48:c9:bb:81:66:68:fa:93:0b:6d:0c:31:5d:9a:f2:ff:12:12:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 25 00:31:57 2025 GMT
            Not After : Aug 29 23:59:59 2025 GMT
        Subject: serialNumber=a61f9328c975e2c275cdc4d77c2d38582372d75aaeff262d15171e9b968c30a0, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:54:b1:ab:86:ac:8a:3d:99:15:3a:0d:dd:04:
                    82:0e:16:ba:4d:eb:e7:86:b6:df:9d:05:fe:4f:86:
                    1a:e9:c5:95:4a:25:e6:32:78:41:65:cd:90:2d:fe:
                    c1:9b:2d:0b:b7:be:e2:7b:25:7f:86:f9:3c:31:8f:
                    90:2e:4e:25:8d:88:96:ab:a1:98:35:4d:57:65:cf:
                    b4:8e:3c:19:60:f5:59:b3:0c:56:c6:5c:7d:2e:a9:
                    29:68:b0:3d:01:27:ef:1b:7e:dd:b5:b4:9d:5d:b3:
                    44:6b:4a:8b:db:22:94:17:65:a1:a9:b5:16:de:1c:
                    64:94:4f:87:aa:3c:a3:79:83:e8:93:9b:32:80:5f:
                    e5:48:92:ec:8d:da:ba:44:b2:a9:cf:6c:c8:d3:12:
                    20:10:72:28:17:48:4e:7b:7f:bf:39:30:9c:2c:4d:
                    3d:14:26:19:9a:d6:eb:73:2a:7a:2f:35:52:3e:c7:
                    35:6e:bd:71:c7:58:2d:c5:13:5f:40:3a:af:a7:43:
                    42:4f:eb:3b:0f:69:bd:e1:fc:66:a9:87:a5:d3:0e:
                    2d:f0:ec:b0:0d:8a:2d:ea:22:44:e3:f2:7d:79:0c:
                    84:d6:d4:8c:95:f6:96:95:08:6e:6c:4b:39:39:0f:
                    2f:44:f2:23:2d:d1:6b:ec:5c:c7:1e:21:be:e7:67:
                    a8:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:C5:75:55:A7:5B:62:07:D6:7F:98:25:09:41:03:E3:82:C7:B9:C9
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9188fa7b-db94-4ddb-97de-5cb09ac9c624.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.151.190.0/23

    Signature Algorithm: sha256WithRSAEncryption
         52:eb:83:87:60:e4:64:43:d0:62:ab:a2:ab:15:d5:01:af:48:
         63:74:4a:cb:13:1e:b2:fb:5f:e8:c0:27:7c:5d:07:23:a2:12:
         68:14:6d:97:43:7e:26:ea:7c:a2:d7:53:ff:9e:a0:e6:63:b6:
         3b:3b:30:de:1e:87:cd:24:fc:ce:ef:4a:e4:5e:41:15:55:8d:
         dc:93:74:ba:e5:ba:06:fe:96:7f:13:d0:ad:9d:58:b0:4b:db:
         26:24:90:ec:e8:48:46:b1:8f:8a:d9:bd:0f:b2:d4:ee:b7:68:
         d1:af:67:61:2d:3e:48:20:16:d0:e8:71:1f:7c:9b:3f:1a:dd:
         e5:25:1c:c6:6d:f9:85:f2:6c:cf:24:e1:25:51:4f:f1:1d:95:
         99:aa:73:72:c1:1e:d7:ed:a3:b5:73:4b:40:51:95:19:45:ef:
         7e:5f:fb:1d:bb:fe:a4:07:d7:47:73:36:ad:8d:11:42:96:cc:
         70:2d:fa:47:1e:5b:c4:79:17:5e:a6:d4:c6:4f:2b:9b:6b:a8:
         8e:73:c7:a0:f0:78:5b:ab:92:cd:61:2c:31:47:4f:90:ec:fc:
         ba:e1:9f:f3:06:ef:f4:4c:a2:8c:6a:51:3a:89:0a:f0:26:3b:
         be:06:f6:2a:5c:2c:bb:44:ac:96:57:9b:de:58:cc:76:6a:83:
         75:02:1e:ba
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUA0jJu4FmaPqTC20MMV2a8v8SEnEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzI1MDAzMTU3WhcNMjUwODI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BhNjFmOTMyOGM5NzVlMmMyNzVjZGM0ZDc3YzJkMzg1ODIz
NzJkNzVhYWVmZjI2MmQxNTE3MWU5Yjk2OGMzMGEwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDAVLGrhqyKPZkVOg3dBIIOFrpN6+eGtt+dBf5PhhrpxZVK
JeYyeEFlzZAt/sGbLQu3vuJ7JX+G+Twxj5AuTiWNiJaroZg1TVdlz7SOPBlg9Vmz
DFbGXH0uqSlosD0BJ+8bft21tJ1ds0RrSovbIpQXZaGptRbeHGSUT4eqPKN5g+iT
mzKAX+VIkuyN2rpEsqnPbMjTEiAQcigXSE57f785MJwsTT0UJhma1utzKnovNVI+
xzVuvXHHWC3FE19AOq+nQ0JP6zsPab3h/Gaph6XTDi3w7LANii3qIkTj8n15DITW
1IyV9paVCG5sSzk5Dy9E8iMt0WvsXMceIb7nZ6iHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUesV1VadbYgfWf5glCUED44LHuckwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzkxODhmYTdiLWRiOTQtNGRkYi05N2RlLTVjYjA5YWM5YzYyNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFjl74wDQYJKoZIhvcNAQELBQADggEBAFLrg4dg5GRD0GKroqsV1QGvSGN0
SssTHrL7X+jAJ3xdByOiEmgUbZdDfibqfKLXU/+eoOZjtjs7MN4eh80k/M7vSuRe
QRVVjdyTdLrlugb+ln8T0K2dWLBL2yYkkOzoSEaxj4rZvQ+y1O63aNGvZ2EtPkgg
FtDocR98mz8a3eUlHMZt+YXybM8k4SVRT/EdlZmqc3LBHtfto7VzS0BRlRlF735f
+x27/qQH10dzNq2NEUKWzHAt+kceW8R5F16m1MZPK5trqI5zx6DweFurks1hLDFH
T5Ds/Lrhn/MG7/RMooxqUTqJCvAmO74G9ipcLLtErJZXm95YzHZqg3UCHro=
-----END CERTIFICATE-----
Generated at Wed Aug 6 05:18:53 2025 by rpki-client