Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/925842c8-ade6-4164-87f2-fd556fb6f950.roa
File:                     925842c8-ade6-4164-87f2-fd556fb6f950.roa (raw, json)
Hash identifier:          no8g/YfJlVvQii630fg9aYkiuKoLa+4M0yQCtUNOlyw=
Subject key identifier:   4F:41:9B:58:62:9E:21:A7:A6:05:CA:C2:6F:B8:8A:EC:10:98:35:A6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       72B14BC1420B6A30977D1A4D7D233621A996D732
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/925842c8-ade6-4164-87f2-fd556fb6f950.roa
Signing time:             Fri 15 May 2026 01:50:08 +0000
ROA not before:           Fri 15 May 2026 01:50:08 +0000
ROA not after:            Thu 13 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        110.238.244.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:b1:4b:c1:42:0b:6a:30:97:7d:1a:4d:7d:23:36:21:a9:96:d7:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 15 01:50:08 2026 GMT
            Not After : Aug 13 23:59:59 2026 GMT
        Subject: serialNumber=8c661c7c06488f2e90671d0891a39ed4dbf8d8b4261ac5a784b928001acf56fc, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:98:41:cb:ac:bf:f2:df:4d:28:60:f2:66:a7:
                    36:c5:cd:dc:66:34:55:b4:6f:96:33:47:3b:14:0d:
                    b1:d3:0e:1c:52:0f:2c:3f:f4:23:36:65:4a:b8:d2:
                    b8:29:42:e2:18:2d:e5:e6:53:02:fb:84:18:68:15:
                    16:29:2b:c1:08:ce:fe:14:b5:d7:70:b4:11:71:45:
                    f5:ed:54:d5:95:f3:77:6b:ad:c0:59:bd:c0:5b:87:
                    e6:bf:fb:64:df:a0:56:d9:41:f3:6d:93:68:a3:d2:
                    01:b8:f0:92:6b:2b:86:4a:8f:50:f0:17:cc:9f:3f:
                    f5:7f:9b:2a:bb:93:e4:0f:cc:14:1d:72:3c:61:99:
                    73:5f:a8:f3:6d:12:20:b3:75:01:79:42:20:a9:15:
                    24:e7:35:33:39:cf:a6:9b:1a:0b:8d:b6:13:4a:87:
                    1e:92:c2:61:66:d1:38:77:e1:03:32:90:99:08:2f:
                    cc:f3:22:0d:c8:dd:1e:5b:b2:2a:8a:ed:3d:c2:60:
                    83:fa:32:ae:b4:39:fd:3c:ff:ae:b9:a1:60:7c:a3:
                    a2:21:e2:c4:3f:11:e6:c4:a8:6c:a4:4a:14:f8:fa:
                    9f:49:04:d7:e7:e9:f9:bc:42:79:2e:2b:ca:1c:e2:
                    b1:8b:c4:ec:b8:d4:43:36:c8:ff:29:88:e1:ad:08:
                    db:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:41:9B:58:62:9E:21:A7:A6:05:CA:C2:6F:B8:8A:EC:10:98:35:A6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/925842c8-ade6-4164-87f2-fd556fb6f950.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  110.238.244.0/22

    Signature Algorithm: sha256WithRSAEncryption
         07:dc:33:b5:cd:e0:5b:6d:f1:ea:ac:e5:cf:c9:c4:29:8b:cf:
         ce:08:c5:09:be:b1:d6:99:5a:81:39:57:e9:0c:cd:b8:cd:6b:
         71:3b:54:ec:b2:da:cb:09:18:cb:3c:2f:ce:e1:5b:fa:9f:78:
         09:c3:32:77:ff:5c:22:f4:65:10:7b:ef:f0:b4:74:b6:4d:ff:
         17:0f:1c:bc:7c:60:52:b4:ba:96:0c:84:91:06:2e:3c:29:5e:
         6b:f1:c7:6e:44:9d:43:13:9a:e2:b4:86:aa:e9:a3:7f:17:cd:
         0a:f2:06:57:43:16:37:f7:33:42:c1:73:f5:1a:75:85:3f:42:
         e1:14:8d:57:76:c3:ac:6d:d7:18:5f:8c:bd:e8:65:73:95:89:
         24:5c:79:2f:6b:62:78:be:99:18:ac:91:57:d0:37:4d:34:99:
         1f:33:54:54:19:cc:ad:7b:b4:ba:85:e8:5a:77:9a:14:c8:3d:
         bc:36:18:b1:ae:be:ab:d0:d3:ec:f6:22:b7:68:98:f0:63:f6:
         73:3c:7a:43:a1:bb:ab:ae:b7:b8:4c:bf:3c:05:3b:ac:13:8c:
         18:05:64:7c:14:7c:e0:54:d9:e4:5a:35:ab:ae:ed:34:bb:95:
         2d:62:44:96:13:11:dd:9b:51:ac:5f:63:34:7d:ac:b7:85:bb:
         65:20:12:03
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcrFLwUILajCXfRpNfSM2IamW1zIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNTE1MDE1MDA4WhcNMjYwODEzMjM1OTU5
WjB6MUkwRwYDVQQFE0A4YzY2MWM3YzA2NDg4ZjJlOTA2NzFkMDg5MWEzOWVkNGRi
ZjhkOGI0MjYxYWM1YTc4NGI5MjgwMDFhY2Y1NmZjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDJmEHLrL/y300oYPJmpzbFzdxmNFW0b5YzRzsUDbHTDhxS
Dyw/9CM2ZUq40rgpQuIYLeXmUwL7hBhoFRYpK8EIzv4UtddwtBFxRfXtVNWV83dr
rcBZvcBbh+a/+2TfoFbZQfNtk2ij0gG48JJrK4ZKj1DwF8yfP/V/myq7k+QPzBQd
cjxhmXNfqPNtEiCzdQF5QiCpFSTnNTM5z6abGguNthNKhx6SwmFm0Th34QMykJkI
L8zzIg3I3R5bsiqK7T3CYIP6Mq60Of08/665oWB8o6Ih4sQ/EebEqGykShT4+p9J
BNfn6fm8QnkuK8oc4rGLxOy41EM2yP8piOGtCNtvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUT0GbWGKeIaemBcrCb7iK7BCYNaYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzkyNTg0MmM4LWFkZTYtNDE2NC04N2YyLWZkNTU2ZmI2Zjk1MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJu7vQwDQYJKoZIhvcNAQELBQADggEBAAfcM7XN4Ftt8eqs5c/JxCmLz84I
xQm+sdaZWoE5V+kMzbjNa3E7VOyy2ssJGMs8L87hW/qfeAnDMnf/XCL0ZRB77/C0
dLZN/xcPHLx8YFK0upYMhJEGLjwpXmvxx25EnUMTmuK0hqrpo38XzQryBldDFjf3
M0LBc/UadYU/QuEUjVd2w6xt1xhfjL3oZXOViSRceS9rYni+mRiskVfQN000mR8z
VFQZzK17tLqF6Fp3mhTIPbw2GLGuvqvQ0+z2IrdomPBj9nM8ekOhu6uut7hMvzwF
O6wTjBgFZHwUfOBU2eRaNauu7TS7lS1iRJYTEd2bUaxfYzR9rLeFu2UgEgM=
-----END CERTIFICATE-----