Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7a19e1d6-85dd-496f-9394-ac0ddaf78b7d.roa
File:                     7a19e1d6-85dd-496f-9394-ac0ddaf78b7d.roa (raw, json)
Hash identifier:          /xavQ5M80Od8CkbdqH6LSi9nBHRLGLhunfUfBuQzreU=
Subject key identifier:   13:ED:75:B2:9B:03:65:07:DC:E2:9C:8B:BD:C1:E3:FA:8D:14:6E:F9
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4B4667F4C9FE17EE5EEAE60FBC4CF3EF08FFCCEC
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7a19e1d6-85dd-496f-9394-ac0ddaf78b7d.roa
Signing time:             Wed 06 May 2026 00:11:38 +0000
ROA not before:           Wed 06 May 2026 00:11:38 +0000
ROA not after:            Tue 04 Aug 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        98.87.170.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 14 May 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:46:67:f4:c9:fe:17:ee:5e:ea:e6:0f:bc:4c:f3:ef:08:ff:cc:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May  6 00:11:38 2026 GMT
            Not After : Aug  4 23:59:59 2026 GMT
        Subject: serialNumber=e4ffc911f6ce53759c84ede51185deef827f3dd58e84c1bc1620006cac34fd5f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:fb:76:36:a1:6c:73:3d:47:9e:ba:38:de:1a:
                    e2:0e:55:eb:0d:d9:32:bb:90:02:b5:58:08:56:f8:
                    3b:15:43:b7:19:2c:28:9d:52:b7:93:de:0a:a1:b7:
                    70:3b:08:53:af:28:13:0b:25:15:e1:59:42:ec:88:
                    a3:50:3e:5b:40:e7:84:15:62:c3:d2:ff:1a:9c:71:
                    ba:a3:aa:a5:75:14:06:1b:0e:67:c0:68:1f:72:d0:
                    76:0c:22:a2:3f:0f:4b:8d:8f:7a:3a:f8:ee:ef:fe:
                    1b:5b:8a:2d:b6:79:13:06:1d:f8:a0:24:43:ca:00:
                    8e:94:d6:7b:d6:ac:cf:ef:52:65:39:00:8f:21:cd:
                    98:81:c0:7c:c7:aa:37:a2:6f:cd:28:e4:28:68:bb:
                    3d:4a:e1:c3:f7:18:85:30:07:51:52:e1:92:63:03:
                    14:13:d5:82:46:34:f1:6d:67:99:e6:1e:ee:29:45:
                    3c:ce:a0:35:7a:b4:b4:15:a2:45:c9:b2:58:88:ed:
                    d1:a5:93:c5:8f:88:1f:19:94:6e:eb:35:67:c9:de:
                    a4:c8:84:20:7c:bd:61:98:56:a9:e9:7e:43:62:42:
                    60:cb:47:35:9f:f7:fe:dc:aa:e7:20:f2:39:d0:42:
                    8d:98:50:d3:54:08:7e:be:0a:01:7c:ec:bb:59:5d:
                    ec:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:ED:75:B2:9B:03:65:07:DC:E2:9C:8B:BD:C1:E3:FA:8D:14:6E:F9
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7a19e1d6-85dd-496f-9394-ac0ddaf78b7d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  98.87.170.0/23

    Signature Algorithm: sha256WithRSAEncryption
         51:ae:79:5f:8a:e5:62:30:e1:e9:2e:4c:06:57:b6:4f:44:a4:
         3e:ee:1e:5d:37:26:e6:db:cf:48:89:98:3f:00:b1:2f:a7:5b:
         30:5b:b9:c5:0b:b2:9d:80:c2:33:e2:29:ed:de:52:b2:fc:00:
         57:ac:4a:f9:88:26:2e:e9:96:be:2d:6f:da:2a:30:2a:9c:f1:
         29:af:f2:e4:72:a8:02:52:dd:b5:ea:94:e7:2e:f3:78:5b:d0:
         8d:e7:9f:91:49:31:8b:47:5d:09:5d:fd:50:95:71:59:4a:19:
         cd:82:cd:48:6f:b4:5a:8a:5a:39:93:1c:32:9a:4f:6c:67:4e:
         d4:54:a1:8c:07:9b:5e:82:f0:9b:94:df:71:fe:aa:76:19:c9:
         7a:69:c7:7a:c4:95:3e:60:07:38:d7:7a:92:a4:7a:0e:6a:35:
         2e:ed:eb:a5:6a:da:a6:30:d9:29:b8:49:b5:a9:14:7b:4c:3c:
         97:42:fa:68:4b:c5:16:5b:39:1a:82:51:03:7d:7c:ce:80:89:
         ad:5d:4a:f4:80:8c:f8:a8:7d:ac:3b:4e:63:46:6b:d3:2d:1a:
         3d:c2:cf:b7:43:6c:57:0c:a6:76:3e:dc:a7:a3:bd:7f:72:ea:
         01:bc:b9:54:2d:40:42:f3:ba:78:c1:85:9e:08:53:68:f8:16:
         1e:ad:16:6c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUS0Zn9Mn+F+5e6uYPvEzz7wj/zOwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNTA2MDAxMTM4WhcNMjYwODA0MjM1OTU5
WjB6MUkwRwYDVQQFE0BlNGZmYzkxMWY2Y2U1Mzc1OWM4NGVkZTUxMTg1ZGVlZjgy
N2YzZGQ1OGU4NGMxYmMxNjIwMDA2Y2FjMzRmZDVmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCz+3Y2oWxzPUeeujjeGuIOVesN2TK7kAK1WAhW+DsVQ7cZ
LCidUreT3gqht3A7CFOvKBMLJRXhWULsiKNQPltA54QVYsPS/xqccbqjqqV1FAYb
DmfAaB9y0HYMIqI/D0uNj3o6+O7v/htbii22eRMGHfigJEPKAI6U1nvWrM/vUmU5
AI8hzZiBwHzHqjeib80o5Chouz1K4cP3GIUwB1FS4ZJjAxQT1YJGNPFtZ5nmHu4p
RTzOoDV6tLQVokXJsliI7dGlk8WPiB8ZlG7rNWfJ3qTIhCB8vWGYVqnpfkNiQmDL
RzWf9/7cqucg8jnQQo2YUNNUCH6+CgF87LtZXex3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUE+11spsDZQfc4pyLvcHj+o0UbvkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdhMTllMWQ2LTg1ZGQtNDk2Zi05Mzk0LWFjMGRkYWY3OGI3ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFiV6owDQYJKoZIhvcNAQELBQADggEBAFGueV+K5WIw4ekuTAZXtk9EpD7u
Hl03Jubbz0iJmD8AsS+nWzBbucULsp2AwjPiKe3eUrL8AFesSvmIJi7plr4tb9oq
MCqc8Smv8uRyqAJS3bXqlOcu83hb0I3nn5FJMYtHXQld/VCVcVlKGc2CzUhvtFqK
WjmTHDKaT2xnTtRUoYwHm16C8JuU33H+qnYZyXppx3rElT5gBzjXepKkeg5qNS7t
66Vq2qYw2Sm4SbWpFHtMPJdC+mhLxRZbORqCUQN9fM6Aia1dSvSAjPiofaw7TmNG
a9MtGj3Cz7dDbFcMpnY+3KejvX9y6gG8uVQtQELzunjBhZ4IU2j4Fh6tFmw=
-----END CERTIFICATE-----