Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/99922d4f-b1fc-43d5-9674-a085ad312500.roa
File:                     99922d4f-b1fc-43d5-9674-a085ad312500.roa (raw, json)
Hash identifier:          WZ1/GpuRqq9g9F1rYVCVemIn2T2bCHGtsTZ6zCg2WOs=
Subject key identifier:   D2:4A:C4:9B:41:40:FB:83:C4:AD:C2:F3:00:B8:EE:92:27:4C:92:B5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       428DB4647A906E04AE8E54A3123117FE8B8A98E8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/99922d4f-b1fc-43d5-9674-a085ad312500.roa
Signing time:             Tue 15 Jul 2025 00:01:09 +0000
ROA not before:           Tue 15 Jul 2025 00:01:09 +0000
ROA not after:            Tue 19 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        104.153.118.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            42:8d:b4:64:7a:90:6e:04:ae:8e:54:a3:12:31:17:fe:8b:8a:98:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 15 00:01:09 2025 GMT
            Not After : Aug 19 23:59:59 2025 GMT
        Subject: serialNumber=4a7fd20820a8947f8d7e15bed363058ecec0dd31f57b6b53d0f0189ac331c1b8, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:21:09:14:27:a5:5b:5c:b6:73:f0:14:ec:a3:
                    18:aa:f0:48:07:1e:c6:bd:36:20:64:5b:5e:6f:61:
                    2c:95:83:1f:f0:ff:b1:4d:64:d8:5d:c6:d0:a7:1d:
                    65:b8:bc:07:15:5f:f3:c5:fc:f3:0a:83:a2:3a:c8:
                    6d:90:e9:d3:7e:c2:83:13:93:7f:e1:6d:d9:5a:ed:
                    bf:a5:03:c8:27:d8:98:fe:90:dd:3d:a3:5a:03:ca:
                    c9:65:9d:02:4f:ae:b9:c3:8a:4a:20:f7:e4:b3:c3:
                    c1:23:86:77:ba:c4:61:8f:5b:20:4d:0f:6d:67:ee:
                    e5:9b:15:a1:28:15:bf:9e:94:8f:bc:6c:27:85:b1:
                    55:04:ce:c8:b9:fd:87:68:73:b0:e4:1a:d0:77:2f:
                    e8:14:9d:9f:99:ae:db:f3:2a:5d:cb:bc:73:ff:c5:
                    94:06:f6:81:8a:75:6d:49:c9:f4:9c:51:17:1c:90:
                    e4:2b:91:cc:fe:4c:c0:43:9b:2d:26:5c:15:b0:6d:
                    e1:96:49:70:7a:34:b8:fb:06:c8:08:32:8a:c5:f6:
                    be:55:38:79:85:07:af:9d:05:cc:73:d0:0b:7d:e2:
                    c3:d8:58:43:b9:26:65:83:4a:4d:2c:27:16:3b:21:
                    12:cb:4f:6a:c8:0e:cb:d0:16:d3:ed:87:fc:ba:6b:
                    e9:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:4A:C4:9B:41:40:FB:83:C4:AD:C2:F3:00:B8:EE:92:27:4C:92:B5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/99922d4f-b1fc-43d5-9674-a085ad312500.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.153.118.0/24

    Signature Algorithm: sha256WithRSAEncryption
         45:26:f4:0a:e8:b6:d6:1a:30:00:4f:6d:df:ec:f2:b9:01:8b:
         9a:26:07:ca:51:4b:8f:84:a9:f7:44:90:7b:ba:3c:4e:71:53:
         11:0e:ba:81:be:f7:47:f3:34:65:8f:50:1d:7f:4f:c5:19:d8:
         20:23:11:52:02:36:99:7c:2b:84:21:ba:ce:0e:7f:d6:d2:63:
         6a:7a:81:fb:8a:de:3c:76:f8:fa:2d:32:43:5c:09:9b:6b:ad:
         20:03:08:26:01:02:1f:64:fe:97:0c:f9:80:0b:f1:26:7c:0b:
         24:9f:f0:1e:a4:3c:90:31:b9:94:82:e4:96:75:f6:1e:e1:da:
         a7:68:05:1d:80:9a:85:4f:8e:cb:b3:d8:8d:8e:0d:fd:66:48:
         62:e5:cf:f5:de:1f:dd:95:60:00:7b:66:c9:00:f1:4f:45:2a:
         aa:8f:78:b8:35:f1:cb:72:8f:43:28:2f:be:0d:4f:5d:b7:a1:
         d0:46:54:71:b1:c0:ef:65:ca:c7:14:08:8a:d0:2c:4f:6c:63:
         0b:5c:7b:99:a7:33:fd:22:f9:6b:5b:dd:d2:95:a5:7c:a2:ea:
         a4:98:3c:26:af:54:a6:42:af:cd:40:d8:3a:74:ee:76:fd:ba:
         53:6f:3a:53:33:02:e8:93:e7:94:3f:49:d6:42:aa:cd:d1:a4:
         0c:ea:d2:bd
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQo20ZHqQbgSujlSjEjEX/ouKmOgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzE1MDAwMTA5WhcNMjUwODE5MjM1OTU5
WjB6MUkwRwYDVQQFE0A0YTdmZDIwODIwYTg5NDdmOGQ3ZTE1YmVkMzYzMDU4ZWNl
YzBkZDMxZjU3YjZiNTNkMGYwMTg5YWMzMzFjMWI4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3IQkUJ6VbXLZz8BTsoxiq8EgHHsa9NiBkW15vYSyVgx/w
/7FNZNhdxtCnHWW4vAcVX/PF/PMKg6I6yG2Q6dN+woMTk3/hbdla7b+lA8gn2Jj+
kN09o1oDysllnQJPrrnDikog9+Szw8Ejhne6xGGPWyBND21n7uWbFaEoFb+elI+8
bCeFsVUEzsi5/Ydoc7DkGtB3L+gUnZ+ZrtvzKl3LvHP/xZQG9oGKdW1JyfScURcc
kOQrkcz+TMBDmy0mXBWwbeGWSXB6NLj7BsgIMorF9r5VOHmFB6+dBcxz0At94sPY
WEO5JmWDSk0sJxY7IRLLT2rIDsvQFtPth/y6a+nfAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU0krEm0FA+4PErcLzALjukidMkrUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk5OTIyZDRmLWIxZmMtNDNkNS05Njc0LWEwODVhZDMxMjUwMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABomXYwDQYJKoZIhvcNAQELBQADggEBAEUm9ArottYaMABPbd/s8rkBi5om
B8pRS4+EqfdEkHu6PE5xUxEOuoG+90fzNGWPUB1/T8UZ2CAjEVICNpl8K4Qhus4O
f9bSY2p6gfuK3jx2+PotMkNcCZtrrSADCCYBAh9k/pcM+YAL8SZ8CySf8B6kPJAx
uZSC5JZ19h7h2qdoBR2AmoVPjsuz2I2ODf1mSGLlz/XeH92VYAB7ZskA8U9FKqqP
eLg18ctyj0MoL74NT123odBGVHGxwO9lyscUCIrQLE9sYwtce5mnM/0i+Wtb3dKV
pXyi6qSYPCavVKZCr81A2Dp07nb9ulNvOlMzAuiT55Q/SdZCqs3RpAzq0r0=
-----END CERTIFICATE-----
Generated at Wed Aug 6 16:16:06 2025 by rpki-client