Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f6b39c3e-9738-436a-82b3-baacdf83c549.roa
File:                     f6b39c3e-9738-436a-82b3-baacdf83c549.roa (raw, json)
Hash identifier:          MsWMSezwEcClBYSjxigM9daGiRStPHZCYEHcLwGp+6w=
Subject key identifier:   54:A2:A2:99:94:2E:01:86:80:12:A8:57:D9:48:2B:A4:AC:8A:64:B2
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1AA8AC4D6E8265C7C3D5B4C88AB2BFC3218860AD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f6b39c3e-9738-436a-82b3-baacdf83c549.roa
Signing time:             Fri 15 May 2026 02:20:07 +0000
ROA not before:           Fri 15 May 2026 02:20:07 +0000
ROA not after:            Thu 13 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        110.238.28.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:a8:ac:4d:6e:82:65:c7:c3:d5:b4:c8:8a:b2:bf:c3:21:88:60:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 15 02:20:07 2026 GMT
            Not After : Aug 13 23:59:59 2026 GMT
        Subject: serialNumber=8728f9fb9f34db18698707adc9d164c21fe68fd1501ecd24b53bc08a86ff8273, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:38:a4:30:8b:a0:3d:eb:f1:01:d3:b1:ff:12:
                    6f:b4:68:3c:fd:88:49:36:fa:1c:0c:46:83:e1:70:
                    a1:5d:bc:82:70:dc:0d:76:27:fd:2b:84:a7:4a:07:
                    21:4f:58:90:2b:e3:a8:2e:74:a3:d0:9f:7a:c1:03:
                    9f:bf:ea:54:96:64:9a:5c:83:28:9d:a4:e5:63:81:
                    1d:0b:28:b5:18:40:29:4e:90:b2:4f:a6:93:8f:e2:
                    f5:18:55:0d:8f:4a:6d:b7:79:cf:19:93:a4:6d:fb:
                    1e:f9:94:68:4e:ef:7f:dd:a7:82:d3:3b:0a:a9:00:
                    a6:53:3a:48:4d:f3:50:07:70:96:b3:4f:ba:48:36:
                    6e:b5:0d:f8:a3:54:14:97:72:43:a3:af:d6:33:58:
                    33:35:46:68:cf:6d:ab:fe:d7:01:07:3e:80:fe:c5:
                    3f:6d:99:bc:39:29:5d:59:18:87:87:52:06:25:94:
                    af:fd:4a:a3:ac:7f:ca:0b:f2:b5:ae:ca:4e:c8:fb:
                    9c:88:60:51:bc:cb:dc:55:f0:ec:d2:92:ec:4c:f4:
                    72:d9:f3:34:f3:03:7d:87:44:ae:bc:50:ea:4b:ce:
                    1f:68:04:bc:49:54:80:e7:38:4e:e2:32:fe:a0:30:
                    6f:11:32:43:f7:90:ea:65:aa:7a:d7:8a:7d:b4:21:
                    22:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:A2:A2:99:94:2E:01:86:80:12:A8:57:D9:48:2B:A4:AC:8A:64:B2
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f6b39c3e-9738-436a-82b3-baacdf83c549.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  110.238.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         68:5f:76:d9:95:97:57:dc:3c:88:7c:9f:fc:2f:31:93:8c:9c:
         80:31:0a:ba:a7:5f:88:7d:bb:db:2c:30:97:1c:c2:a4:d9:24:
         ed:d5:9f:b8:7d:33:95:b1:41:1a:b8:b1:3a:86:0e:62:9a:70:
         7f:2f:51:0c:ed:81:5a:08:f1:b3:cb:e0:5b:9a:8b:1b:6c:54:
         1d:bb:17:4d:8c:78:92:16:54:72:6e:a6:2d:42:df:06:d5:d8:
         26:b5:03:90:c6:27:53:d6:86:13:48:3d:50:00:12:ef:5d:aa:
         3a:a7:68:47:4f:df:7a:88:9a:7c:a1:bb:4e:98:de:4a:0e:0d:
         4d:73:45:42:86:ec:83:14:00:fc:f4:4b:10:64:1c:f0:ad:94:
         1d:84:a6:c5:99:f4:22:56:8d:10:38:ff:36:ac:ec:5f:77:3b:
         15:c1:94:f6:10:44:7d:ea:96:3d:65:28:fd:33:22:f7:55:b9:
         bd:7d:b5:94:06:3d:1e:88:2d:7b:33:ea:9e:79:01:76:01:1e:
         36:84:a5:69:fc:62:e9:be:b9:d2:71:90:b2:05:0d:11:b4:a7:
         62:23:1a:29:9a:b9:32:8b:16:d4:70:69:a2:60:3b:8b:13:7e:
         65:c6:40:0b:92:84:d3:c7:ea:42:59:bf:09:67:7b:95:c8:2f:
         2d:a0:c3:2e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUGqisTW6CZcfD1bTIirK/wyGIYK0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNTE1MDIyMDA3WhcNMjYwODEzMjM1OTU5
WjB6MUkwRwYDVQQFE0A4NzI4ZjlmYjlmMzRkYjE4Njk4NzA3YWRjOWQxNjRjMjFm
ZTY4ZmQxNTAxZWNkMjRiNTNiYzA4YTg2ZmY4MjczMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpOKQwi6A96/EB07H/Em+0aDz9iEk2+hwMRoPhcKFdvIJw
3A12J/0rhKdKByFPWJAr46gudKPQn3rBA5+/6lSWZJpcgyidpOVjgR0LKLUYQClO
kLJPppOP4vUYVQ2PSm23ec8Zk6Rt+x75lGhO73/dp4LTOwqpAKZTOkhN81AHcJaz
T7pINm61DfijVBSXckOjr9YzWDM1RmjPbav+1wEHPoD+xT9tmbw5KV1ZGIeHUgYl
lK/9SqOsf8oL8rWuyk7I+5yIYFG8y9xV8OzSkuxM9HLZ8zTzA32HRK68UOpLzh9o
BLxJVIDnOE7iMv6gMG8RMkP3kOplqnrXin20ISINAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUVKKimZQuAYaAEqhX2UgrpKyKZLIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Y2YjM5YzNlLTk3MzgtNDM2YS04MmIzLWJhYWNkZjgzYzU0OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJu7hwwDQYJKoZIhvcNAQELBQADggEBAGhfdtmVl1fcPIh8n/wvMZOMnIAx
CrqnX4h9u9ssMJccwqTZJO3Vn7h9M5WxQRq4sTqGDmKacH8vUQztgVoI8bPL4Fua
ixtsVB27F02MeJIWVHJupi1C3wbV2Ca1A5DGJ1PWhhNIPVAAEu9dqjqnaEdP33qI
mnyhu06Y3koODU1zRUKG7IMUAPz0SxBkHPCtlB2EpsWZ9CJWjRA4/zas7F93OxXB
lPYQRH3qlj1lKP0zIvdVub19tZQGPR6ILXsz6p55AXYBHjaEpWn8Yum+udJxkLIF
DRG0p2IjGimauTKLFtRwaaJgO4sTfmXGQAuShNPH6kJZvwlne5XILy2gwy4=
-----END CERTIFICATE-----