Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ec792006-3ad4-432c-bc6d-ecaf9f2f840b.roa
File:                     ec792006-3ad4-432c-bc6d-ecaf9f2f840b.roa (raw, json)
Hash identifier:          /xfTZfglOditWyy3zG332gPUuvbTzzXFnSGacQAPqCk=
Subject key identifier:   87:A2:EE:F1:C7:68:1B:7A:A7:B0:DC:8E:DB:B1:EB:2F:34:CD:59:34
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3AE34E84F5DFE5FEDE814725015E30BB4CF512A9
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ec792006-3ad4-432c-bc6d-ecaf9f2f840b.roa
Signing time:             Sat 02 Aug 2025 00:21:41 +0000
ROA not before:           Sat 02 Aug 2025 00:21:41 +0000
ROA not after:            Sat 06 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        107.21.224.0/19 maxlen: 19
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:e3:4e:84:f5:df:e5:fe:de:81:47:25:01:5e:30:bb:4c:f5:12:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  2 00:21:41 2025 GMT
            Not After : Sep  6 23:59:59 2025 GMT
        Subject: serialNumber=f0176508ffae57fb67ff8777413a892be177a91ae6c3e2e281b939817ab03cf4, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:ac:af:91:81:f3:6e:16:37:89:8f:db:e4:e6:
                    6f:a9:ac:45:df:4b:a4:59:84:b9:c0:43:4c:62:5a:
                    3f:af:10:b2:01:8e:20:f0:9f:5d:eb:ee:0b:67:08:
                    9d:d6:b6:ea:78:f0:8e:35:23:be:37:5d:6d:77:8f:
                    db:5a:93:28:9f:a7:1e:53:c7:77:cf:ba:54:1f:ef:
                    d9:c7:11:74:d2:6e:af:f2:a7:d8:f5:b1:5d:1a:04:
                    7b:c9:82:08:8a:ab:86:98:bb:ee:3f:3c:18:6c:96:
                    31:24:bf:72:12:21:88:66:be:cd:96:59:52:7f:08:
                    96:65:b9:38:59:4e:89:24:a3:b7:8d:e5:a6:bf:80:
                    ea:c5:8e:55:58:24:d8:45:43:e1:0b:d0:c3:c8:c3:
                    35:55:9d:fb:52:f3:47:35:a8:6a:f4:14:07:a1:84:
                    30:7b:0d:cb:5f:68:eb:b7:cc:10:cf:16:a9:21:3f:
                    2a:28:36:95:c9:db:e4:2e:a3:84:30:96:97:d5:94:
                    96:e0:25:f8:55:85:81:d0:c9:71:82:64:5a:a2:eb:
                    5a:9b:b5:fb:e3:13:8b:98:24:7a:78:ce:83:b1:87:
                    39:2a:51:4c:1a:bd:33:66:5a:f9:4a:df:1b:3a:a2:
                    6e:43:de:c6:d7:9f:28:79:cb:18:0e:2d:f0:9a:b2:
                    5d:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:A2:EE:F1:C7:68:1B:7A:A7:B0:DC:8E:DB:B1:EB:2F:34:CD:59:34
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ec792006-3ad4-432c-bc6d-ecaf9f2f840b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  107.21.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         45:1f:51:d2:e9:bf:f7:cf:4a:35:9f:44:f2:89:19:cf:e4:b4:
         af:b1:e9:0b:19:a9:e6:34:04:d9:f9:f6:08:20:a0:32:19:67:
         53:6d:b9:4a:43:f8:10:4b:93:1c:05:21:95:a5:ff:3f:f4:04:
         a4:7a:51:7d:d8:dd:91:d9:7e:32:1b:2f:2b:4a:43:8e:49:05:
         d6:42:9f:d8:cc:24:76:05:40:65:ea:59:03:25:88:dd:c8:c0:
         39:3a:7b:6b:95:03:03:b6:c8:43:cc:7d:3d:bb:3f:68:b0:03:
         58:0f:88:db:cb:7d:35:9f:86:07:c0:e5:36:64:5c:d7:a4:a3:
         3e:12:88:d8:3e:7d:57:e3:c7:2d:f0:76:70:ab:e1:a0:f3:6d:
         af:7c:ca:4d:1b:64:40:dd:c5:fc:0f:49:ba:06:a9:79:8c:d3:
         5e:29:02:b7:fd:b9:7a:5d:83:cf:99:c2:ac:06:40:3f:d5:14:
         5a:79:f2:53:3b:98:cd:af:98:fc:dd:ff:2e:d7:fe:dd:ed:15:
         70:92:ac:4c:9a:52:42:91:bc:f1:e8:4c:56:b8:fb:bd:6d:3c:
         bd:50:6e:dd:f2:e0:1c:85:31:34:ee:ac:7b:08:76:1a:0e:16:
         65:c2:5f:65:3c:7d:fd:9e:9d:c6:e1:20:01:29:b9:cd:41:2e:
         01:f2:e1:c4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUOuNOhPXf5f7egUclAV4wu0z1EqkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODAyMDAyMTQxWhcNMjUwOTA2MjM1OTU5
WjB6MUkwRwYDVQQFE0BmMDE3NjUwOGZmYWU1N2ZiNjdmZjg3Nzc0MTNhODkyYmUx
NzdhOTFhZTZjM2UyZTI4MWI5Mzk4MTdhYjAzY2Y0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4rK+RgfNuFjeJj9vk5m+prEXfS6RZhLnAQ0xiWj+vELIB
jiDwn13r7gtnCJ3Wtup48I41I743XW13j9takyifpx5Tx3fPulQf79nHEXTSbq/y
p9j1sV0aBHvJggiKq4aYu+4/PBhsljEkv3ISIYhmvs2WWVJ/CJZluThZTokko7eN
5aa/gOrFjlVYJNhFQ+EL0MPIwzVVnftS80c1qGr0FAehhDB7DctfaOu3zBDPFqkh
PyooNpXJ2+Quo4QwlpfVlJbgJfhVhYHQyXGCZFqi61qbtfvjE4uYJHp4zoOxhzkq
UUwavTNmWvlK3xs6om5D3sbXnyh5yxgOLfCasl3nAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUh6Lu8cdoG3qnsNyO27HrLzTNWTQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2VjNzkyMDA2LTNhZDQtNDMyYy1iYzZkLWVjYWY5ZjJmODQwYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAVrFeAwDQYJKoZIhvcNAQELBQADggEBAEUfUdLpv/fPSjWfRPKJGc/ktK+x
6QsZqeY0BNn59gggoDIZZ1NtuUpD+BBLkxwFIZWl/z/0BKR6UX3Y3ZHZfjIbLytK
Q45JBdZCn9jMJHYFQGXqWQMliN3IwDk6e2uVAwO2yEPMfT27P2iwA1gPiNvLfTWf
hgfA5TZkXNekoz4SiNg+fVfjxy3wdnCr4aDzba98yk0bZEDdxfwPSboGqXmM014p
Arf9uXpdg8+ZwqwGQD/VFFp58lM7mM2vmPzd/y7X/t3tFXCSrEyaUkKRvPHoTFa4
+71tPL1Qbt3y4ByFMTTurHsIdhoOFmXCX2U8ff2encbhIAEpuc1BLgHy4cQ=
-----END CERTIFICATE-----
Generated at Mon Aug 4 22:10:58 2025 by rpki-client