Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c57b48a9-57b4-4667-a395-39fe095c030f.roa
File:                     c57b48a9-57b4-4667-a395-39fe095c030f.roa (raw, json)
Hash identifier:          Om4HTQd0uNnMZRrSxjAZgL0VgmxLwCMp46NRGos4Xvo=
Subject key identifier:   20:05:89:E4:39:8E:E4:1B:BA:67:6C:E7:32:82:EC:E9:B9:B0:FD:20
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       02463FADBD82C687C4B7606D896D3EA3AC204B0B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c57b48a9-57b4-4667-a395-39fe095c030f.roa
Signing time:             Fri 01 Aug 2025 15:00:24 +0000
ROA not before:           Fri 01 Aug 2025 15:00:24 +0000
ROA not after:            Fri 05 Sep 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        136.18.0.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:46:3f:ad:bd:82:c6:87:c4:b7:60:6d:89:6d:3e:a3:ac:20:4b:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  1 15:00:24 2025 GMT
            Not After : Sep  5 23:59:59 2025 GMT
        Subject: serialNumber=c04097522244f3c23238fee85f81761a96a5d1175706916e209ae5cd10f04dba, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:db:53:08:04:62:2c:58:ca:a5:bb:0c:56:41:
                    f8:52:8b:d3:93:c3:7b:c4:78:fa:41:c9:46:10:67:
                    24:2f:5b:52:5e:21:eb:af:22:e4:49:49:5c:6e:cf:
                    45:27:92:52:94:1f:02:6a:bb:c4:4c:db:95:1d:d5:
                    7c:3a:ee:3f:c4:5b:c9:55:a4:d0:75:5d:22:80:83:
                    0b:41:ca:47:92:a8:c0:c9:a0:f7:65:25:30:a6:bd:
                    1b:dd:3d:55:83:8a:5e:12:c9:2d:3c:97:6d:7c:b3:
                    dd:ff:ab:ee:fb:f5:86:7d:c7:eb:40:43:2e:53:4c:
                    f0:98:d1:4f:ea:98:48:66:f9:d6:a5:3b:0f:c1:69:
                    20:d9:e6:c8:1e:07:51:59:a7:e5:15:54:ed:ab:3d:
                    ec:fb:c2:50:46:bf:fb:0a:2c:0a:17:a5:e7:71:0e:
                    5e:6b:8c:7d:4a:f4:a3:ed:16:41:bc:d4:4d:cf:df:
                    fb:96:4c:f4:81:8a:40:20:e9:6f:8e:98:77:18:ab:
                    65:48:e8:db:3a:d8:37:b3:61:73:6c:5c:3c:71:9e:
                    13:53:b6:91:94:11:f8:72:aa:3d:5f:86:98:80:e7:
                    51:fc:8c:26:e5:84:3b:6e:6c:57:39:70:9d:aa:8b:
                    1e:66:34:36:a5:e3:e5:ca:60:00:3b:fd:03:6e:bd:
                    ee:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:05:89:E4:39:8E:E4:1B:BA:67:6C:E7:32:82:EC:E9:B9:B0:FD:20
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c57b48a9-57b4-4667-a395-39fe095c030f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  136.18.0.0/23

    Signature Algorithm: sha256WithRSAEncryption
         82:6c:4f:c7:0d:24:c3:7f:d1:61:5b:b9:13:96:f9:12:41:60:
         ba:c4:16:73:f4:bf:91:a8:47:d3:fc:f4:14:f9:df:d2:7b:c3:
         54:df:e6:00:26:91:e9:c9:fb:aa:7d:60:53:da:11:f9:5a:01:
         9a:8e:6b:80:4f:e1:8a:99:f1:e5:d4:91:8a:97:eb:aa:e2:8a:
         66:cb:89:73:86:ce:80:07:58:47:cd:e4:2d:0a:11:4d:66:4b:
         7a:aa:04:96:4c:5c:16:8a:62:17:ad:cb:77:b4:5c:d0:37:53:
         b3:13:c4:9c:ab:a8:e4:ba:94:b4:7c:f7:9b:11:da:21:be:39:
         08:16:22:63:5a:da:b4:aa:f8:e9:58:26:bd:0b:51:2b:85:01:
         71:cc:1e:05:fd:2c:b3:e6:cb:cd:36:9b:b9:99:63:67:ea:91:
         ce:20:9c:57:33:f7:cd:63:e0:2d:13:81:cf:f6:41:f7:64:2a:
         75:f8:27:a7:27:04:a1:a6:ef:d8:33:79:b8:d1:6c:8a:fc:80:
         19:cd:6e:b0:79:22:80:f0:8f:b3:2b:87:43:8b:da:06:af:c4:
         4c:8a:27:82:6a:fc:51:b0:8b:f2:be:b6:b5:7a:6f:76:8f:b0:
         db:87:c6:6b:28:be:2a:94:46:fa:c3:91:6c:a7:e7:01:2d:b7:
         a1:b8:f1:f4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAkY/rb2CxofEt2BtiW0+o6wgSwswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODAxMTUwMDI0WhcNMjUwOTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BjMDQwOTc1MjIyNDRmM2MyMzIzOGZlZTg1ZjgxNzYxYTk2
YTVkMTE3NTcwNjkxNmUyMDlhZTVjZDEwZjA0ZGJhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDc21MIBGIsWMqluwxWQfhSi9OTw3vEePpByUYQZyQvW1Je
IeuvIuRJSVxuz0UnklKUHwJqu8RM25Ud1Xw67j/EW8lVpNB1XSKAgwtBykeSqMDJ
oPdlJTCmvRvdPVWDil4SyS08l218s93/q+779YZ9x+tAQy5TTPCY0U/qmEhm+dal
Ow/BaSDZ5sgeB1FZp+UVVO2rPez7wlBGv/sKLAoXpedxDl5rjH1K9KPtFkG81E3P
3/uWTPSBikAg6W+OmHcYq2VI6Ns62DezYXNsXDxxnhNTtpGUEfhyqj1fhpiA51H8
jCblhDtubFc5cJ2qix5mNDal4+XKYAA7/QNuve7VAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUIAWJ5DmO5Bu6Z2znMoLs6bmw/SAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M1N2I0OGE5LTU3YjQtNDY2Ny1hMzk1LTM5ZmUwOTVjMDMwZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAGIEgAwDQYJKoZIhvcNAQELBQADggEBAIJsT8cNJMN/0WFbuROW+RJBYLrE
FnP0v5GoR9P89BT539J7w1Tf5gAmkenJ+6p9YFPaEflaAZqOa4BP4YqZ8eXUkYqX
66riimbLiXOGzoAHWEfN5C0KEU1mS3qqBJZMXBaKYhety3e0XNA3U7MTxJyrqOS6
lLR895sR2iG+OQgWImNa2rSq+OlYJr0LUSuFAXHMHgX9LLPmy802m7mZY2fqkc4g
nFcz981j4C0Tgc/2QfdkKnX4J6cnBKGm79gzebjRbIr8gBnNbrB5IoDwj7Mrh0OL
2gavxEyKJ4Jq/FGwi/K+trV6b3aPsNuHxmsoviqURvrDkWyn5wEtt6G48fQ=
-----END CERTIFICATE-----
Generated at Wed Aug 6 14:08:02 2025 by rpki-client