Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7f655dc6-89d0-4748-9c62-d3bc957b920c.roa
File:                     7f655dc6-89d0-4748-9c62-d3bc957b920c.roa (raw, json)
Hash identifier:          AHkBP0rwDWrU9o2/kzfjVe1V23tkXut31ryBvO3B38E=
Subject key identifier:   A9:A3:F7:79:D2:BC:9C:B0:F4:DA:0A:5C:66:60:89:59:42:F0:2C:09
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       46DDFF006544782D91CC6142B9E8CF030F80EE1C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7f655dc6-89d0-4748-9c62-d3bc957b920c.roa
Signing time:             Sat 16 Aug 2025 00:31:39 +0000
ROA not before:           Sat 16 Aug 2025 00:31:39 +0000
ROA not after:            Sat 20 Sep 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        44.223.121.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:dd:ff:00:65:44:78:2d:91:cc:61:42:b9:e8:cf:03:0f:80:ee:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 16 00:31:39 2025 GMT
            Not After : Sep 20 23:59:59 2025 GMT
        Subject: serialNumber=e1b6fd1832e9cecd5a67f060a89fce0dca9abfd47b1324a00890c0c7b9349b62, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:d9:36:db:43:12:8e:fb:8a:32:d5:cd:3c:57:
                    60:a6:ae:4f:0d:6c:c4:42:b9:6f:5e:6f:e3:b2:d7:
                    64:5b:84:b1:9b:1b:0a:7b:2f:48:02:ee:53:41:86:
                    47:61:ca:48:a1:03:6c:f3:c8:ef:de:1e:63:19:17:
                    52:de:0c:b0:da:54:36:16:e4:13:f8:30:bb:f5:2e:
                    2a:19:82:22:ef:f0:36:a9:0c:14:4b:3f:1f:11:17:
                    50:ff:43:8d:c9:bb:f3:2d:08:de:4f:b4:ec:0e:a5:
                    02:e8:41:b7:8e:c7:1c:fd:ca:f5:55:3d:32:1c:df:
                    5f:e6:ca:30:b8:ab:b8:30:10:0d:81:51:3d:32:09:
                    02:af:0b:68:bc:af:ee:e6:2c:c7:f9:dd:7e:3f:2e:
                    ee:28:c9:bc:fc:d9:65:b5:af:b8:96:0e:6a:10:00:
                    06:c3:05:3a:74:5f:11:21:70:7b:7c:90:a8:a7:87:
                    2d:f6:77:95:3e:94:15:3c:7b:b8:55:39:4d:fa:c2:
                    48:4f:44:00:29:43:9c:7d:14:04:8d:c9:0c:69:4c:
                    00:5e:ee:56:34:df:8c:bb:4f:b1:c9:12:0c:96:67:
                    eb:83:c8:27:8a:2e:47:7e:1a:45:90:d0:aa:da:34:
                    af:cf:c3:cd:12:06:86:b6:95:04:90:0b:9d:4c:46:
                    a7:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:A3:F7:79:D2:BC:9C:B0:F4:DA:0A:5C:66:60:89:59:42:F0:2C:09
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7f655dc6-89d0-4748-9c62-d3bc957b920c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  44.223.121.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:ab:1b:83:ce:cc:e2:0b:f0:8f:c3:c9:df:bf:35:47:6d:24:
         ba:6a:63:7e:98:a3:e4:20:9c:19:f4:48:de:64:be:9e:9f:f6:
         72:00:e5:8d:af:c5:cb:53:73:b1:10:ca:80:1e:d9:13:23:61:
         08:ce:f1:49:b0:d9:c2:49:72:9f:db:6b:bf:36:36:33:9e:d1:
         67:32:fb:6a:1e:94:c4:76:bc:a6:c3:b5:00:96:00:08:7c:60:
         b0:47:ce:ab:c5:bc:fc:d3:f5:1b:eb:7b:ed:c1:da:84:92:2f:
         0a:83:a0:5e:01:55:97:94:e0:83:12:24:24:45:82:5b:0e:c6:
         0c:32:9a:3f:63:5a:79:ae:69:41:15:01:c0:e7:f8:5d:a0:8c:
         84:8c:e5:21:02:1e:0c:0d:e7:2a:0d:13:1d:ad:1a:f3:19:21:
         75:a4:d6:17:a2:1f:6d:79:c0:0c:a2:f4:94:32:d3:04:b0:54:
         f5:2b:63:4c:e7:4a:f2:4a:6f:6c:18:33:aa:80:2c:d9:1f:bc:
         70:84:0b:92:44:4a:b9:ec:46:ea:61:a7:c3:94:7a:ba:64:66:
         9b:90:0c:23:97:c7:e4:83:8c:c8:37:81:40:08:e3:09:5b:b0:
         d1:69:ae:94:a6:86:76:aa:6c:81:45:b4:a8:c4:3a:74:69:c4:
         55:8c:70:a3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURt3/AGVEeC2RzGFCuejPAw+A7hwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODE2MDAzMTM5WhcNMjUwOTIwMjM1OTU5
WjB6MUkwRwYDVQQFE0BlMWI2ZmQxODMyZTljZWNkNWE2N2YwNjBhODlmY2UwZGNh
OWFiZmQ0N2IxMzI0YTAwODkwYzBjN2I5MzQ5YjYyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDa2TbbQxKO+4oy1c08V2Cmrk8NbMRCuW9eb+Oy12RbhLGb
Gwp7L0gC7lNBhkdhykihA2zzyO/eHmMZF1LeDLDaVDYW5BP4MLv1LioZgiLv8Dap
DBRLPx8RF1D/Q43Ju/MtCN5PtOwOpQLoQbeOxxz9yvVVPTIc31/myjC4q7gwEA2B
UT0yCQKvC2i8r+7mLMf53X4/Lu4oybz82WW1r7iWDmoQAAbDBTp0XxEhcHt8kKin
hy32d5U+lBU8e7hVOU36wkhPRAApQ5x9FASNyQxpTABe7lY034y7T7HJEgyWZ+uD
yCeKLkd+GkWQ0KraNK/Pw80SBoa2lQSQC51MRqfJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUqaP3edK8nLD02gpcZmCJWULwLAkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdmNjU1ZGM2LTg5ZDAtNDc0OC05YzYyLWQzYmM5NTdiOTIwYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAs33kwDQYJKoZIhvcNAQELBQADggEBAESrG4POzOIL8I/Dyd+/NUdtJLpq
Y36Yo+QgnBn0SN5kvp6f9nIA5Y2vxctTc7EQyoAe2RMjYQjO8Umw2cJJcp/ba782
NjOe0Wcy+2oelMR2vKbDtQCWAAh8YLBHzqvFvPzT9Rvre+3B2oSSLwqDoF4BVZeU
4IMSJCRFglsOxgwymj9jWnmuaUEVAcDn+F2gjISM5SECHgwN5yoNEx2tGvMZIXWk
1heiH215wAyi9JQy0wSwVPUrY0znSvJKb2wYM6qALNkfvHCEC5JESrnsRuphp8OU
erpkZpuQDCOXx+SDjMg3gUAI4wlbsNFprpSmhnaqbIFFtKjEOnRpxFWMcKM=
-----END CERTIFICATE-----