Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/a826b4c5-814a-445f-a0db-f0f6c166ab63.roa
File:                     a826b4c5-814a-445f-a0db-f0f6c166ab63.roa (raw, json)
Hash identifier:          BffY8Xkgz4cUTY4ortvZWYgYuK8p/aUIgz1SK61+yQM=
Subject key identifier:   EE:31:FC:B2:DE:58:7C:59:24:EB:B0:59:D7:E8:C1:6B:FB:D1:4D:D4
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       6524018A0FE4C66157C1B0A554FB4BA7176E66B9
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/a826b4c5-814a-445f-a0db-f0f6c166ab63.roa
Signing time:             Fri 11 Jul 2025 18:01:02 +0000
ROA not before:           Fri 11 Jul 2025 18:01:02 +0000
ROA not after:            Fri 15 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        173.82.14.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 01:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:24:01:8a:0f:e4:c6:61:57:c1:b0:a5:54:fb:4b:a7:17:6e:66:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jul 11 18:01:02 2025 GMT
            Not After : Aug 15 23:59:59 2025 GMT
        Subject: serialNumber=b76c7e16bec0e97a35108c07fda876f21acc9e9b19fbaace8f88cdc4235a703f, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:fb:bc:5f:f9:3d:29:a2:ad:25:55:c5:6f:aa:
                    c4:98:73:90:35:ee:38:6b:af:26:35:49:87:bb:23:
                    60:2b:21:9f:f4:7a:f3:19:a2:47:3b:34:b2:93:de:
                    6f:12:fa:f7:0d:7e:db:9c:c2:05:5f:0d:50:30:a5:
                    d2:67:84:07:28:32:b6:bd:3e:e6:32:46:40:d9:14:
                    09:a2:92:b8:b3:bf:1f:3a:96:6a:4d:33:35:19:11:
                    7c:4a:89:23:e3:56:bf:e1:f3:58:36:0c:87:db:92:
                    71:33:26:f4:e4:ba:7b:99:50:ff:06:35:3b:29:ee:
                    19:fa:e9:de:42:97:a9:f2:24:08:66:26:31:eb:cf:
                    56:0f:85:f6:5a:c8:1b:5f:2d:fe:37:25:0c:2f:d2:
                    e6:06:c8:fd:ec:7d:51:40:42:d3:d8:f2:34:f0:f7:
                    73:09:f0:34:30:3d:d9:7d:a8:84:79:1b:b1:ed:45:
                    9f:f0:f8:4c:34:8d:57:10:be:b8:ca:b0:73:53:66:
                    6c:52:4a:2d:0f:30:c5:6e:3c:f3:57:83:b1:31:24:
                    bc:df:f7:a5:64:1b:ba:5a:26:87:5f:6e:4c:ec:f5:
                    af:3c:69:c0:be:6c:9d:53:38:47:59:f2:a9:e0:94:
                    39:73:dd:47:8b:4d:2c:c1:71:b1:aa:21:53:ce:ec:
                    14:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:31:FC:B2:DE:58:7C:59:24:EB:B0:59:D7:E8:C1:6B:FB:D1:4D:D4
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/a826b4c5-814a-445f-a0db-f0f6c166ab63.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  173.82.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:bd:c5:ec:32:6c:01:6e:b0:e3:64:b0:5b:f1:ee:6f:28:f0:
         13:26:e7:81:58:cc:67:fe:f0:c6:9b:30:be:3b:16:0a:d4:3d:
         a8:d8:84:f5:cf:d7:d3:f3:2a:7f:bb:6e:01:7d:64:4e:38:aa:
         13:f5:3c:df:55:40:26:f0:40:34:fe:63:6e:84:a5:68:f4:1d:
         18:3c:ec:c7:8c:ae:fc:75:52:2a:76:ae:57:93:ef:8c:5a:6d:
         cc:10:df:9a:97:b3:be:4b:52:01:3c:29:79:97:1f:78:4f:5f:
         df:c4:56:ea:b1:93:11:80:bc:9e:c4:a3:27:b3:84:a6:ea:4e:
         8f:e1:81:ce:39:8b:ce:e7:bc:ee:da:c4:b6:01:23:cc:67:32:
         cc:12:43:c8:6c:0f:3d:6c:ef:76:ef:10:56:b1:23:34:4b:1c:
         68:fa:57:ff:c5:d5:5d:79:f7:66:29:1d:5b:c6:11:77:da:c5:
         02:0e:42:20:9d:b6:32:70:7c:8b:9e:a5:d6:89:ac:cf:82:90:
         44:fa:e3:90:71:b9:1a:7e:e7:22:2a:80:c9:95:7b:89:42:16:
         a6:0a:d3:af:4d:fb:a1:d8:df:e4:a1:7a:d9:6a:fb:62:cf:88:
         1f:23:fd:62:3f:ff:99:df:b0:aa:c7:aa:02:5f:05:d1:06:28:
         f0:22:90:c5
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUZSQBig/kxmFXwbClVPtLpxduZrkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNzExMTgwMTAyWhcNMjUwODE1MjM1OTU5
WjB6MUkwRwYDVQQFE0BiNzZjN2UxNmJlYzBlOTdhMzUxMDhjMDdmZGE4NzZmMjFh
Y2M5ZTliMTlmYmFhY2U4Zjg4Y2RjNDIzNWE3MDNmMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCt+7xf+T0poq0lVcVvqsSYc5A17jhrryY1SYe7I2ArIZ/0
evMZokc7NLKT3m8S+vcNftucwgVfDVAwpdJnhAcoMra9PuYyRkDZFAmikrizvx86
lmpNMzUZEXxKiSPjVr/h81g2DIfbknEzJvTkunuZUP8GNTsp7hn66d5Cl6nyJAhm
JjHrz1YPhfZayBtfLf43JQwv0uYGyP3sfVFAQtPY8jTw93MJ8DQwPdl9qIR5G7Ht
RZ/w+Ew0jVcQvrjKsHNTZmxSSi0PMMVuPPNXg7ExJLzf96VkG7paJodfbkzs9a88
acC+bJ1TOEdZ8qnglDlz3UeLTSzBcbGqIVPO7BSFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU7jH8st5YfFkk67BZ1+jBa/vRTdQwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2E4MjZiNGM1LTgxNGEtNDQ1Zi1hMGRiLWYwZjZjMTY2YWI2My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACtUg4wDQYJKoZIhvcNAQELBQADggEBAFa9xewybAFusONksFvx7m8o8BMm
54FYzGf+8MabML47FgrUPajYhPXP19PzKn+7bgF9ZE44qhP1PN9VQCbwQDT+Y26E
pWj0HRg87MeMrvx1Uip2rleT74xabcwQ35qXs75LUgE8KXmXH3hPX9/EVuqxkxGA
vJ7EoyezhKbqTo/hgc45i87nvO7axLYBI8xnMswSQ8hsDz1s73bvEFaxIzRLHGj6
V//F1V1592YpHVvGEXfaxQIOQiCdtjJwfIuepdaJrM+CkET645BxuRp+5yIqgMmV
e4lCFqYK069N+6HY3+Shetlq+2LPiB8j/WI//5nfsKrHqgJfBdEGKPAikMU=
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:37:52 2025 by rpki-client