Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3648dfb3-3fba-44c3-a005-f8fd5930f9b0.roa
File:                     3648dfb3-3fba-44c3-a005-f8fd5930f9b0.roa (raw, json)
Hash identifier:          rsqhcaG0rJjwPI5NkteVU6k+3Fw6lfrLTBOTxMjNMBc=
Subject key identifier:   D5:8E:2A:9C:C8:61:08:70:D2:BF:08:83:A6:B7:50:62:CA:B6:1D:8D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       26C86A4AF1EEF0F609FED8786E14D719590EC59C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3648dfb3-3fba-44c3-a005-f8fd5930f9b0.roa
Signing time:             Wed 30 Apr 2025 00:01:32 +0000
ROA not before:           Wed 30 Apr 2025 00:01:32 +0000
ROA not after:            Wed 04 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.62.0.0/15 maxlen: 15
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 06 May 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:c8:6a:4a:f1:ee:f0:f6:09:fe:d8:78:6e:14:d7:19:59:0e:c5:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 30 00:01:32 2025 GMT
            Not After : Jun  4 23:59:59 2025 GMT
        Subject: serialNumber=ac697c12bfef20e20d6c2d7b4f71f1af3b158a67ffa17836d4cc0abb776cdd51, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:eb:ec:08:9a:84:12:19:93:ca:e1:02:88:ee:
                    e8:ea:d0:7a:11:e8:ff:e2:b5:06:e5:d8:3d:7c:b9:
                    2c:c5:cb:ec:c6:bc:f8:d5:89:fc:ba:c5:c8:d1:4f:
                    f9:49:20:96:2b:b9:e4:f8:cf:e1:5a:be:67:f1:6b:
                    a7:8b:e4:dd:db:e0:df:b4:99:57:d7:4b:cc:e3:7c:
                    5e:a9:77:7f:3e:ec:6a:af:6d:7f:39:eb:a0:f0:e7:
                    69:5f:92:32:5e:2a:dc:f2:ad:7d:e1:74:16:e3:99:
                    b4:73:e6:f8:d2:d4:6f:69:76:8f:94:97:e4:67:ff:
                    c5:96:ef:8a:4c:e7:1c:e0:4f:0f:9c:6b:3f:fa:19:
                    e0:04:4f:b8:e1:36:8d:c1:09:d7:4a:5e:16:b5:e5:
                    f0:ad:10:05:3f:4d:02:f3:30:86:a3:d3:52:11:72:
                    88:0a:3e:37:46:d4:3f:2a:88:5b:12:cd:22:82:fc:
                    9f:52:36:6e:10:05:94:07:08:db:2b:ae:7a:bf:57:
                    89:51:81:68:e1:23:c1:80:4d:ac:33:38:f8:d7:29:
                    ce:36:e0:9e:cf:f9:a9:94:05:ef:85:50:1a:b6:b4:
                    a5:25:2e:73:3d:7b:60:77:11:a0:78:87:4e:3d:87:
                    d5:40:61:3a:39:d5:09:44:40:28:00:32:c0:0c:4b:
                    8f:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:8E:2A:9C:C8:61:08:70:D2:BF:08:83:A6:B7:50:62:CA:B6:1D:8D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3648dfb3-3fba-44c3-a005-f8fd5930f9b0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.62.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         be:ad:7a:a6:40:9a:f0:ff:f9:89:d1:8c:c4:ad:60:5b:f2:07:
         99:9c:32:51:fd:ec:91:55:42:9e:32:12:6a:0d:fe:0b:28:1d:
         94:a2:b6:93:10:68:65:c6:15:96:e6:4d:75:29:21:32:ee:ca:
         17:cb:23:3a:39:ae:d4:cf:c1:f2:e5:cc:9d:61:4d:9b:30:c6:
         bf:00:48:73:40:49:2f:a7:f5:60:1d:56:3c:48:d4:a9:eb:39:
         27:45:e6:b6:0b:7b:04:d1:87:ce:53:95:7f:07:ab:f9:e5:41:
         7f:f1:7b:a7:19:73:6b:ec:df:48:56:b8:2e:79:56:ac:08:32:
         e8:29:c8:4d:fb:72:ed:9a:02:79:52:b0:92:75:44:db:9f:7b:
         eb:a5:88:9c:f2:29:a6:ae:9b:6b:01:e0:f7:5e:b2:37:1d:b0:
         0b:d9:56:30:2e:41:e3:a1:31:f4:ac:ec:01:9d:00:83:f7:6a:
         fa:57:ac:eb:35:39:54:d5:f4:94:34:09:7d:a1:a1:37:34:a9:
         a3:ac:4e:50:96:2a:53:61:8c:de:b5:d5:80:73:c5:ba:ee:ae:
         c5:10:12:73:14:d1:79:36:3e:60:3d:e4:d4:ca:bf:07:bb:eb:
         e6:0e:bf:ac:9f:90:00:21:76:f7:32:03:74:a3:37:3d:67:84:
         6b:ea:0d:72
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUJshqSvHu8PYJ/th4bhTXGVkOxZwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDMwMDAwMTMyWhcNMjUwNjA0MjM1OTU5
WjB6MUkwRwYDVQQFE0BhYzY5N2MxMmJmZWYyMGUyMGQ2YzJkN2I0ZjcxZjFhZjNi
MTU4YTY3ZmZhMTc4MzZkNGNjMGFiYjc3NmNkZDUxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDH6+wImoQSGZPK4QKI7ujq0HoR6P/itQbl2D18uSzFy+zG
vPjVify6xcjRT/lJIJYrueT4z+Favmfxa6eL5N3b4N+0mVfXS8zjfF6pd38+7Gqv
bX8566Dw52lfkjJeKtzyrX3hdBbjmbRz5vjS1G9pdo+Ul+Rn/8WW74pM5xzgTw+c
az/6GeAET7jhNo3BCddKXha15fCtEAU/TQLzMIaj01IRcogKPjdG1D8qiFsSzSKC
/J9SNm4QBZQHCNsrrnq/V4lRgWjhI8GATawzOPjXKc424J7P+amUBe+FUBq2tKUl
LnM9e2B3EaB4h049h9VAYTo51QlEQCgAMsAMS4/pAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU1Y4qnMhhCHDSvwiDprdQYsq2HY0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM2NDhkZmIzLTNmYmEtNDRjMy1hMDA1LWY4ZmQ1OTMwZjliMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwENPjANBgkqhkiG9w0BAQsFAAOCAQEAvq16pkCa8P/5idGMxK1gW/IHmZwy
Uf3skVVCnjISag3+CygdlKK2kxBoZcYVluZNdSkhMu7KF8sjOjmu1M/B8uXMnWFN
mzDGvwBIc0BJL6f1YB1WPEjUqes5J0Xmtgt7BNGHzlOVfwer+eVBf/F7pxlza+zf
SFa4LnlWrAgy6CnITfty7ZoCeVKwknVE259766WInPIppq6bawHg916yNx2wC9lW
MC5B46Ex9KzsAZ0Ag/dq+les6zU5VNX0lDQJfaGhNzSpo6xOUJYqU2GM3rXVgHPF
uu6uxRAScxTReTY+YD3k1Mq/B7vr5g6/rJ+QACF29zIDdKM3PWeEa+oNcg==
-----END CERTIFICATE-----
Generated at Mon May 5 15:14:29 2025 by rpki-client