Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9f6f7c31-6468-4794-addf-4e261bbd9e31.roa
File:                     9f6f7c31-6468-4794-addf-4e261bbd9e31.roa (raw, json)
Hash identifier:          NeA7xqJ/nxVML3ExaMxj9oCt8D5x1MV4Dthb4nMjNF0=
Subject key identifier:   01:DE:15:70:40:75:07:CE:7F:4B:33:69:E6:B0:6C:08:32:97:95:39
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6062FE8A91C5B3972BCD512259CAE74097DC89A7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9f6f7c31-6468-4794-addf-4e261bbd9e31.roa
Signing time:             Fri 18 Jul 2025 00:40:23 +0000
ROA not before:           Fri 18 Jul 2025 00:40:23 +0000
ROA not after:            Fri 22 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        64.252.98.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:62:fe:8a:91:c5:b3:97:2b:cd:51:22:59:ca:e7:40:97:dc:89:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 18 00:40:23 2025 GMT
            Not After : Aug 22 23:59:59 2025 GMT
        Subject: serialNumber=ad6349236c29bfb42560904cf7f2612544735ef8c004fcf0100a3d796bc58ab5, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:42:77:4c:ac:a3:34:d0:92:9f:25:15:78:84:
                    1f:de:e8:f6:59:ad:c2:45:3f:37:cc:c3:06:02:2d:
                    62:ff:5a:4d:97:87:3b:f6:20:0b:9f:d4:3f:3b:a5:
                    14:da:fe:9c:f4:58:7c:e3:d4:c1:3a:6c:9a:5d:6e:
                    d8:bc:9a:fb:76:24:c1:2d:76:fa:65:7d:64:db:63:
                    8f:c0:84:7d:f8:21:c4:16:b9:ff:38:9a:ba:43:31:
                    e5:40:d2:41:46:66:7e:0e:ef:07:6d:dd:da:32:f0:
                    5f:7e:3a:a6:c2:0b:16:f1:c8:81:b6:37:47:79:47:
                    0a:f5:14:89:20:e2:fe:93:41:01:24:6c:ed:3e:0b:
                    e5:d1:b5:41:bd:e5:7d:d2:7d:fb:15:df:7d:b3:33:
                    bc:a3:6f:0b:2b:d9:23:39:d9:c2:50:ec:36:12:cf:
                    f0:8b:cc:95:da:ac:26:95:67:52:c1:64:a4:ca:b3:
                    ac:e8:c6:64:49:13:1d:d6:10:0e:95:71:e0:74:59:
                    5e:cc:f2:53:f4:a9:db:2c:4c:07:f9:aa:73:aa:97:
                    3e:22:4d:51:59:dd:b8:3a:67:f2:6e:3c:b9:70:ab:
                    e6:43:8e:23:f1:b1:1a:91:54:05:84:57:ee:cd:6f:
                    4f:75:cd:5d:8a:5c:d2:4f:fe:59:8c:04:84:f6:72:
                    94:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:DE:15:70:40:75:07:CE:7F:4B:33:69:E6:B0:6C:08:32:97:95:39
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9f6f7c31-6468-4794-addf-4e261bbd9e31.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.252.98.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d6:6e:e5:39:a0:c3:51:e0:80:ae:61:ad:57:2d:41:83:a4:b5:
         77:c6:a1:4a:f4:47:9e:e1:7c:39:69:72:92:76:be:88:2b:32:
         fc:22:1a:fc:60:46:59:94:55:db:22:fd:fb:bf:11:14:9e:92:
         cd:96:77:cc:39:0a:a8:59:8d:79:98:5a:ee:2e:e3:1e:45:5d:
         ae:c1:ff:e3:13:20:17:7d:5b:69:21:d7:01:4b:7e:87:02:f1:
         b3:85:76:39:9f:89:e3:5b:f0:58:37:de:ab:0f:b6:f9:6b:3e:
         4a:65:0f:95:8b:4c:8f:f7:5e:bf:ef:ac:12:00:1f:42:2a:18:
         94:81:8a:13:62:a7:38:ef:22:28:5f:d4:1c:46:e4:3e:30:e8:
         78:b4:33:32:8a:7e:88:28:89:57:ca:c7:4e:01:2c:e4:2e:8e:
         97:42:2e:54:d5:f6:40:28:27:be:f0:90:9f:ec:58:a2:44:0e:
         70:d5:87:5f:9e:3c:1e:8b:82:9d:4c:6c:33:40:4e:98:2b:f9:
         7e:3b:5e:bc:b8:89:5b:b6:be:2c:8f:eb:ed:10:52:ab:dc:ec:
         6d:cc:dd:5b:b9:8c:53:6b:59:cb:8e:7f:c0:0b:d3:b9:2d:9b:
         3c:e5:e4:d1:4c:b5:a6:01:14:3f:02:43:e7:71:b8:71:3e:f1:
         1f:fd:01:d3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYGL+ipHFs5crzVEiWcrnQJfciacwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzE4MDA0MDIzWhcNMjUwODIyMjM1OTU5
WjB6MUkwRwYDVQQFE0BhZDYzNDkyMzZjMjliZmI0MjU2MDkwNGNmN2YyNjEyNTQ0
NzM1ZWY4YzAwNGZjZjAxMDBhM2Q3OTZiYzU4YWI1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQChQndMrKM00JKfJRV4hB/e6PZZrcJFPzfMwwYCLWL/Wk2X
hzv2IAuf1D87pRTa/pz0WHzj1ME6bJpdbti8mvt2JMEtdvplfWTbY4/AhH34IcQW
uf84mrpDMeVA0kFGZn4O7wdt3doy8F9+OqbCCxbxyIG2N0d5Rwr1FIkg4v6TQQEk
bO0+C+XRtUG95X3SffsV332zM7yjbwsr2SM52cJQ7DYSz/CLzJXarCaVZ1LBZKTK
s6zoxmRJEx3WEA6VceB0WV7M8lP0qdssTAf5qnOqlz4iTVFZ3bg6Z/JuPLlwq+ZD
jiPxsRqRVAWEV+7Nb091zV2KXNJP/lmMBIT2cpSbAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUAd4VcEB1B85/SzNp5rBsCDKXlTkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzlmNmY3YzMxLTY0NjgtNDc5NC1hZGRmLTRlMjYxYmJkOWUzMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABA/GIwDQYJKoZIhvcNAQELBQADggEBANZu5Tmgw1HggK5hrVctQYOktXfG
oUr0R57hfDlpcpJ2vogrMvwiGvxgRlmUVdsi/fu/ERSeks2Wd8w5CqhZjXmYWu4u
4x5FXa7B/+MTIBd9W2kh1wFLfocC8bOFdjmfieNb8Fg33qsPtvlrPkplD5WLTI/3
Xr/vrBIAH0IqGJSBihNipzjvIihf1BxG5D4w6Hi0MzKKfogoiVfKx04BLOQujpdC
LlTV9kAoJ77wkJ/sWKJEDnDVh1+ePB6Lgp1MbDNATpgr+X47Xry4iVu2viyP6+0Q
Uqvc7G3M3Vu5jFNrWcuOf8AL07ktmzzl5NFMtaYBFD8CQ+dxuHE+8R/9AdM=
-----END CERTIFICATE-----
Generated at Fri Aug 8 20:59:24 2025 by rpki-client