Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bbb2c05d-a62f-48bf-92eb-7334e4a7e202.roa
File:                     bbb2c05d-a62f-48bf-92eb-7334e4a7e202.roa (raw, json)
Hash identifier:          HfPAQ+Zdw9kReC6IWWTsgRZApsAy6oK4Zfx72ffHvfY=
Subject key identifier:   BD:C3:42:51:F0:5A:78:7B:67:1E:E6:8D:04:EB:B7:A9:0F:D7:46:4F
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       059F349F792C868D1DEB1D09F61291F3CBF57BE3
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bbb2c05d-a62f-48bf-92eb-7334e4a7e202.roa
Signing time:             Fri 25 Jul 2025 15:41:48 +0000
ROA not before:           Fri 25 Jul 2025 15:41:48 +0000
ROA not after:            Fri 29 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.18.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:9f:34:9f:79:2c:86:8d:1d:eb:1d:09:f6:12:91:f3:cb:f5:7b:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 25 15:41:48 2025 GMT
            Not After : Aug 29 23:59:59 2025 GMT
        Subject: serialNumber=8480a8e311a225cba716280524b70b3e15a891b3da140db4d14317d33bceac2a, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:a6:05:e4:ae:39:6b:a2:5a:2f:d1:ef:81:fd:
                    f5:00:bc:a1:13:62:20:66:b5:60:9b:39:ae:51:b2:
                    ba:6b:9c:75:ff:61:75:aa:30:f1:73:0b:a2:55:8f:
                    eb:e5:08:a5:fe:cc:c3:8f:93:b0:e6:cc:7e:bc:92:
                    d7:4c:31:2b:b5:37:33:06:85:48:e6:8e:9a:96:cd:
                    1a:46:70:65:90:20:e6:f0:1c:bb:af:81:94:57:9c:
                    da:f8:f3:28:7d:c4:ba:18:8f:bd:2b:82:7a:65:ca:
                    87:46:91:77:9f:ba:83:a6:5e:0a:86:a9:c3:4a:b3:
                    5d:18:9d:da:79:80:df:09:5a:4f:45:e0:7e:1d:79:
                    cb:e7:73:d1:36:07:fe:51:6f:9d:c0:3d:04:de:f6:
                    48:09:6e:66:b7:f8:2d:ce:12:d4:b7:21:6e:04:cb:
                    79:d7:b9:cf:32:7c:da:d5:7a:db:97:23:0f:00:8d:
                    44:3f:81:03:06:6d:c8:aa:f4:39:17:cc:76:51:20:
                    ce:4e:d4:bd:09:79:e8:4f:d9:7d:c9:64:99:f2:ce:
                    64:87:0c:1f:1f:41:27:3d:21:8a:0a:f4:11:4d:cf:
                    d6:c3:ab:cb:37:79:54:27:54:84:0f:86:36:7c:84:
                    26:e3:0c:c6:eb:9d:62:46:87:c4:b8:cc:b0:bb:d4:
                    a6:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:C3:42:51:F0:5A:78:7B:67:1E:E6:8D:04:EB:B7:A9:0F:D7:46:4F
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bbb2c05d-a62f-48bf-92eb-7334e4a7e202.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.18.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         90:14:c1:f2:be:fe:03:f7:af:a2:e3:2d:99:3e:67:04:d6:85:
         3a:dc:02:ec:ec:cb:16:db:18:ab:38:9b:17:95:de:eb:de:08:
         3b:0c:92:4c:99:6f:e9:a8:06:4f:8b:a8:69:fa:00:3f:e0:22:
         a7:8e:c1:d6:8f:bb:da:16:36:79:f3:ec:5c:f2:c8:e1:97:5e:
         f8:d2:a7:c1:01:3d:dc:fe:7a:20:4a:3c:99:fc:92:61:f3:ed:
         1e:08:7a:ba:61:77:06:f4:20:59:4b:5d:ad:c5:b2:c9:ca:61:
         b1:f3:1b:2f:79:01:5a:d8:f8:16:f4:25:e0:45:24:d9:04:db:
         26:2f:65:8b:78:9b:c8:31:74:49:ea:b8:53:ad:db:a8:1d:07:
         94:ac:3e:53:ff:82:26:d5:30:53:31:c3:32:42:51:cb:33:a6:
         72:56:6f:cd:1d:12:03:f1:63:f1:13:c4:22:e3:d0:99:84:4a:
         69:1e:c6:ac:06:83:b8:ba:9d:27:46:e4:1a:61:15:62:b5:47:
         8d:9f:5d:79:da:57:c0:eb:bc:2b:4b:24:47:96:41:2e:c9:8e:
         2a:4e:ba:0c:5d:25:ee:28:56:1f:63:ba:bb:32:db:d5:a1:5d:
         82:6d:ef:2a:e7:03:be:c0:71:72:a5:2e:69:e2:d6:dd:1c:82:
         11:6e:63:6b
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUBZ80n3ksho0d6x0J9hKR88v1e+MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNzI1MTU0MTQ4WhcNMjUwODI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A4NDgwYThlMzExYTIyNWNiYTcxNjI4MDUyNGI3MGIzZTE1
YTg5MWIzZGExNDBkYjRkMTQzMTdkMzNiY2VhYzJhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC6pgXkrjlrolov0e+B/fUAvKETYiBmtWCbOa5RsrprnHX/
YXWqMPFzC6JVj+vlCKX+zMOPk7DmzH68ktdMMSu1NzMGhUjmjpqWzRpGcGWQIObw
HLuvgZRXnNr48yh9xLoYj70rgnplyodGkXefuoOmXgqGqcNKs10Yndp5gN8JWk9F
4H4decvnc9E2B/5Rb53APQTe9kgJbma3+C3OEtS3IW4Ey3nXuc8yfNrVetuXIw8A
jUQ/gQMGbciq9DkXzHZRIM5O1L0JeehP2X3JZJnyzmSHDB8fQSc9IYoK9BFNz9bD
q8s3eVQnVIQPhjZ8hCbjDMbrnWJGh8S4zLC71KaLAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUvcNCUfBaeHtnHuaNBOu3qQ/XRk8wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2JiYjJjMDVkLWE2MmYtNDhiZi05MmViLTczMzRlNGE3ZTIwMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA0EjANBgkqhkiG9w0BAQsFAAOCAQEAkBTB8r7+A/evouMtmT5nBNaFOtwC
7OzLFtsYqzibF5Xe694IOwySTJlv6agGT4uoafoAP+Aip47B1o+72hY2efPsXPLI
4Zde+NKnwQE93P56IEo8mfySYfPtHgh6umF3BvQgWUtdrcWyycphsfMbL3kBWtj4
FvQl4EUk2QTbJi9li3ibyDF0Seq4U63bqB0HlKw+U/+CJtUwUzHDMkJRyzOmclZv
zR0SA/Fj8RPEIuPQmYRKaR7GrAaDuLqdJ0bkGmEVYrVHjZ9dedpXwOu8K0skR5ZB
LsmOKk66DF0l7ihWH2O6uzLb1aFdgm3vKucDvsBxcqUuaeLW3RyCEW5jaw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:52:20 2025 by rpki-client