Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d1922148-0081-4f06-b9be-a02446d66975.roa
File:                     d1922148-0081-4f06-b9be-a02446d66975.roa (raw, json)
Hash identifier:          tb3Ch9cBo/DSrx+OkC6ZHzR+/sjC4v2bYEbZ5If37+I=
Subject key identifier:   BA:37:53:B1:FF:3D:93:8B:10:68:FE:11:50:64:97:CC:D5:CF:E1:09
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       113F06857934FF6BCAD2E83D10E65CC5382F1DF0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d1922148-0081-4f06-b9be-a02446d66975.roa
Signing time:             Fri 18 Jul 2025 00:20:23 +0000
ROA not before:           Fri 18 Jul 2025 00:20:23 +0000
ROA not after:            Fri 22 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f2c:4000::/36 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 09 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:3f:06:85:79:34:ff:6b:ca:d2:e8:3d:10:e6:5c:c5:38:2f:1d:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 18 00:20:23 2025 GMT
            Not After : Aug 22 23:59:59 2025 GMT
        Subject: serialNumber=ce05078eb53d0b6a701b66f9a05031dff5595067511980d02c82b448b73bad2b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:5c:a1:60:b2:91:22:69:a8:bb:66:ec:63:7d:
                    3b:51:4b:c7:55:f3:a6:af:a1:16:95:91:da:b5:7e:
                    a0:e2:27:cb:45:fb:89:60:73:a3:d9:11:db:df:07:
                    99:0f:0f:e5:5c:cf:ec:3a:17:b5:d9:94:9e:5b:c0:
                    68:0a:a0:b8:a0:fe:25:ad:1a:8c:68:cb:65:cd:51:
                    be:a7:df:2b:28:f9:94:2f:8c:c4:82:c2:6f:e8:ee:
                    58:8b:53:42:0c:cf:c2:1d:b3:21:67:4d:60:e8:e1:
                    d2:c0:61:4f:45:22:4e:f2:bc:29:7a:c1:6d:cd:e5:
                    7b:a3:c6:d3:18:f0:82:66:bf:3a:39:35:94:05:22:
                    84:11:10:f1:d4:bf:cb:20:c7:c5:95:0b:bd:4e:c7:
                    02:3e:2b:e3:3e:2f:db:fd:d0:ad:f9:5a:73:78:71:
                    f2:3e:7a:f8:89:89:e6:02:e0:3e:32:52:70:31:f0:
                    01:ff:c8:58:91:db:32:18:2b:09:c4:5a:c8:81:46:
                    49:e4:87:9b:a9:c2:42:bb:7b:06:f7:e1:c4:98:01:
                    6b:5e:2f:4f:e5:ec:9b:97:a1:8d:db:26:db:78:7c:
                    64:c4:6d:2d:6d:11:7b:a8:5f:94:fb:41:85:11:18:
                    47:5d:1e:59:b0:4d:40:b6:cd:14:f4:6f:8e:ac:27:
                    f3:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:37:53:B1:FF:3D:93:8B:10:68:FE:11:50:64:97:CC:D5:CF:E1:09
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d1922148-0081-4f06-b9be-a02446d66975.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f2c:4000::/36

    Signature Algorithm: sha256WithRSAEncryption
         af:73:69:a1:14:f5:4a:ac:b7:a2:49:69:0f:ed:b1:10:d4:1f:
         db:c7:e9:83:f8:83:b2:c7:ea:c7:0e:0b:d7:b3:2f:e5:65:3e:
         90:79:a4:ad:e3:dd:47:2f:ea:e8:a5:04:29:3f:e6:d3:9a:9e:
         95:bb:e8:39:76:cb:22:e6:2c:b3:3f:8e:22:0e:17:23:eb:ef:
         39:6a:16:c4:f0:1c:7a:38:a5:2a:72:65:ec:12:e5:f2:14:ea:
         08:59:c3:86:1b:8c:8d:16:33:70:88:b5:46:64:72:5a:92:0d:
         10:07:f7:f5:2e:df:59:b9:24:74:e8:52:54:eb:04:2f:09:e2:
         5e:54:cc:ea:03:1a:41:8c:ab:fb:56:5e:48:4a:7a:2f:bb:a8:
         07:da:f1:41:7e:57:e0:b7:b2:77:88:8a:e1:a8:e6:85:43:2b:
         74:bf:78:68:76:4e:16:a8:31:3f:96:59:04:ea:27:e1:76:08:
         b6:3e:75:3f:22:f3:9b:7a:e7:84:87:fb:12:8f:28:bb:7b:31:
         52:ea:dd:a0:ee:01:7f:a3:b3:1f:74:d5:5d:f4:fe:09:fd:18:
         59:bb:a0:d0:b6:2a:94:d0:d7:ff:16:fa:05:14:8b:a2:28:15:
         23:1a:cd:06:d4:db:89:ed:aa:a5:f0:c3:de:55:51:db:69:38:
         fa:83:b6:c9
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUET8GhXk0/2vK0ug9EOZcxTgvHfAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzE4MDAyMDIzWhcNMjUwODIyMjM1OTU5
WjB6MUkwRwYDVQQFE0BjZTA1MDc4ZWI1M2QwYjZhNzAxYjY2ZjlhMDUwMzFkZmY1
NTk1MDY3NTExOTgwZDAyYzgyYjQ0OGI3M2JhZDJiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDSXKFgspEiaai7ZuxjfTtRS8dV86avoRaVkdq1fqDiJ8tF
+4lgc6PZEdvfB5kPD+Vcz+w6F7XZlJ5bwGgKoLig/iWtGoxoy2XNUb6n3yso+ZQv
jMSCwm/o7liLU0IMz8IdsyFnTWDo4dLAYU9FIk7yvCl6wW3N5XujxtMY8IJmvzo5
NZQFIoQREPHUv8sgx8WVC71OxwI+K+M+L9v90K35WnN4cfI+eviJieYC4D4yUnAx
8AH/yFiR2zIYKwnEWsiBRknkh5upwkK7ewb34cSYAWteL0/l7JuXoY3bJtt4fGTE
bS1tEXuoX5T7QYURGEddHlmwTUC2zRT0b46sJ/PHAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUujdTsf89k4sQaP4RUGSXzNXP4QkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2QxOTIyMTQ4LTAwODEtNGYwNi1iOWJlLWEwMjQ0NmQ2Njk3NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8sQDANBgkqhkiG9w0BAQsFAAOCAQEAr3NpoRT1Sqy3oklpD+2xENQf
28fpg/iDssfqxw4L17Mv5WU+kHmkrePdRy/q6KUEKT/m05qelbvoOXbLIuYssz+O
Ig4XI+vvOWoWxPAcejilKnJl7BLl8hTqCFnDhhuMjRYzcIi1RmRyWpINEAf39S7f
WbkkdOhSVOsELwniXlTM6gMaQYyr+1ZeSEp6L7uoB9rxQX5X4Leyd4iK4ajmhUMr
dL94aHZOFqgxP5ZZBOon4XYItj51PyLzm3rnhIf7Eo8ou3sxUurdoO4Bf6OzH3TV
XfT+Cf0YWbug0LYqlNDX/xb6BRSLoigVIxrNBtTbie2qpfDD3lVR22k4+oO2yQ==
-----END CERTIFICATE-----
Generated at Fri Aug 8 12:53:23 2025 by rpki-client