Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5a474b2e-a6fd-4298-b5df-ff9caa26f91c.roa
File:                     5a474b2e-a6fd-4298-b5df-ff9caa26f91c.roa (raw, json)
Hash identifier:          tR+Dp38ZITyQF1NwVFD3e1ZoGfU+dV9nmvGRnwGojJk=
Subject key identifier:   60:83:D5:DC:39:BA:6C:7E:02:C9:FA:6B:7A:09:53:DD:32:DC:CA:61
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1A81D4E87309560A5C03DB9B14419F9C99802163
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5a474b2e-a6fd-4298-b5df-ff9caa26f91c.roa
Signing time:             Tue 12 Aug 2025 00:31:38 +0000
ROA not before:           Tue 12 Aug 2025 00:31:38 +0000
ROA not after:            Tue 16 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.52.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:81:d4:e8:73:09:56:0a:5c:03:db:9b:14:41:9f:9c:99:80:21:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 12 00:31:38 2025 GMT
            Not After : Sep 16 23:59:59 2025 GMT
        Subject: serialNumber=c7c252f88f33423e621f726ebf4a8c52a57264cdca7a5adea9d82cfcc745093c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:8d:ea:a0:f9:30:95:f7:57:74:30:c8:3f:15:
                    d0:38:ee:c7:6e:0a:12:cb:6e:a0:8c:d7:23:fc:42:
                    b3:23:41:94:97:fd:cd:0f:89:da:af:b1:93:73:3f:
                    c9:b8:54:3b:be:1e:d3:db:be:86:55:2b:10:e0:4a:
                    e3:47:bb:d5:19:2c:30:53:9d:02:d0:f0:cc:77:57:
                    e6:6c:c4:39:6a:23:23:f2:98:7e:28:72:21:17:d4:
                    e7:9d:73:7b:ef:59:3d:fa:a7:c3:32:c7:b4:ef:c5:
                    b8:12:61:59:37:50:ee:b5:d9:63:19:ed:b9:b0:ba:
                    02:55:09:36:f9:29:55:5b:96:e8:2c:cc:d7:e8:23:
                    78:da:cc:6f:87:48:d3:36:41:94:ef:c3:60:51:18:
                    92:0e:40:55:2d:56:6c:3b:49:72:9e:be:b5:91:58:
                    b8:36:bf:ca:4f:47:d7:17:40:fb:44:ca:02:2e:7f:
                    19:2f:89:d9:ae:b7:cf:f3:ec:d9:2a:f3:3f:8d:38:
                    a3:42:4e:b8:99:ca:10:58:b4:c8:30:25:06:5c:b4:
                    d8:f8:64:f1:bf:bb:47:77:1b:c4:33:bb:6a:c1:15:
                    0c:46:e7:b6:55:b8:55:fd:b1:79:d2:a7:26:ee:b1:
                    da:9a:0b:98:57:98:c0:dd:23:5b:a1:9b:02:64:09:
                    32:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:83:D5:DC:39:BA:6C:7E:02:C9:FA:6B:7A:09:53:DD:32:DC:CA:61
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5a474b2e-a6fd-4298-b5df-ff9caa26f91c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.52.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         10:db:a3:82:dd:eb:4b:94:3b:8d:9a:36:79:f0:89:8d:91:19:
         f3:38:73:02:25:1e:c0:09:56:15:51:de:b0:18:e5:dc:2a:c1:
         c6:f5:e4:b6:85:5c:73:32:29:1d:8a:ab:1c:c7:ce:a3:81:62:
         d4:86:19:d6:ae:1c:b5:78:52:c1:38:a7:56:b7:b1:08:2a:78:
         93:b4:90:28:0c:fe:33:db:39:af:45:b8:ec:c8:ad:63:7d:c0:
         06:35:b6:99:11:9b:9c:32:57:f2:f6:7d:d0:f5:a8:d1:0b:fb:
         0c:ea:17:9a:fd:9b:ec:93:66:a9:72:83:f4:ed:b5:a9:d2:69:
         b0:da:94:ed:84:9a:ae:6a:ca:7c:8f:60:fa:c5:2a:e6:7e:fa:
         62:56:71:0e:92:df:87:c9:e0:af:6e:e0:9c:ba:54:a4:b0:ed:
         5d:9f:a8:f7:10:5a:db:c9:43:71:0d:a9:d6:ae:a3:64:e8:7f:
         0f:0e:d7:aa:08:fb:b7:f9:0a:fb:3c:e5:05:b1:18:b5:46:43:
         33:79:ce:52:24:1d:0f:96:63:42:9f:8e:a1:e4:3e:d2:e3:6e:
         4d:2f:56:90:93:a2:0c:86:bb:f1:f6:12:9d:01:12:d4:c3:8e:
         25:68:17:93:fb:d6:b7:bf:1c:94:0f:47:08:d2:f0:a8:cf:58:
         84:97:3e:91
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUGoHU6HMJVgpcA9ubFEGfnJmAIWMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODEyMDAzMTM4WhcNMjUwOTE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BjN2MyNTJmODhmMzM0MjNlNjIxZjcyNmViZjRhOGM1MmE1
NzI2NGNkY2E3YTVhZGVhOWQ4MmNmY2M3NDUwOTNjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCyjeqg+TCV91d0MMg/FdA47sduChLLbqCM1yP8QrMjQZSX
/c0PidqvsZNzP8m4VDu+HtPbvoZVKxDgSuNHu9UZLDBTnQLQ8Mx3V+ZsxDlqIyPy
mH4ociEX1Oedc3vvWT36p8Myx7TvxbgSYVk3UO612WMZ7bmwugJVCTb5KVVblugs
zNfoI3jazG+HSNM2QZTvw2BRGJIOQFUtVmw7SXKevrWRWLg2v8pPR9cXQPtEygIu
fxkvidmut8/z7Nkq8z+NOKNCTriZyhBYtMgwJQZctNj4ZPG/u0d3G8Qzu2rBFQxG
57ZVuFX9sXnSpybusdqaC5hXmMDdI1uhmwJkCTLtAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUYIPV3Dm6bH4CyfpreglT3TLcymEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzVhNDc0YjJlLWE2ZmQtNDI5OC1iNWRmLWZmOWNhYTI2ZjkxYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4NDANBgkqhkiG9w0BAQsFAAOCAQEAENujgt3rS5Q7jZo2efCJjZEZ8zhz
AiUewAlWFVHesBjl3CrBxvXktoVcczIpHYqrHMfOo4Fi1IYZ1q4ctXhSwTinVrex
CCp4k7SQKAz+M9s5r0W47MitY33ABjW2mRGbnDJX8vZ90PWo0Qv7DOoXmv2b7JNm
qXKD9O21qdJpsNqU7YSarmrKfI9g+sUq5n76YlZxDpLfh8ngr27gnLpUpLDtXZ+o
9xBa28lDcQ2p1q6jZOh/Dw7Xqgj7t/kK+zzlBbEYtUZDM3nOUiQdD5ZjQp+OoeQ+
0uNuTS9WkJOiDIa78fYSnQES1MOOJWgXk/vWt78clA9HCNLwqM9YhJc+kQ==
-----END CERTIFICATE-----