Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b2262b90-44fa-401f-842c-4ae44ec786a4.roa
File:                     b2262b90-44fa-401f-842c-4ae44ec786a4.roa (raw, json)
Hash identifier:          gul+Qs4Wt5fR34UhfL+hdbBFxo3sD7Du5WrhcNYaJpQ=
Subject key identifier:   AD:50:29:F5:66:D2:2C:68:F8:7A:22:83:6B:25:16:90:F4:83:F2:A2
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6EE3EFC9014C7511276F7A7D649BECC818C7CA04
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b2262b90-44fa-401f-842c-4ae44ec786a4.roa
Signing time:             Tue 05 May 2026 00:40:37 +0000
ROA not before:           Tue 05 May 2026 00:40:37 +0000
ROA not after:            Mon 03 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        184.73.144.0/21 maxlen: 21
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 14 May 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:e3:ef:c9:01:4c:75:11:27:6f:7a:7d:64:9b:ec:c8:18:c7:ca:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May  5 00:40:37 2026 GMT
            Not After : Aug  3 23:59:59 2026 GMT
        Subject: serialNumber=8640b8e96db2231657af34ed5cf693f37b5884b7d069c461bd07edf41355b5ba, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:98:dc:66:b1:19:56:ab:55:09:ae:91:96:e7:
                    22:e6:87:d5:f1:91:bf:b2:94:12:96:c5:39:7e:5f:
                    9c:1f:e4:89:ac:ae:1f:5b:2c:48:6a:23:75:7c:21:
                    71:60:35:0e:0e:a9:c9:91:1d:ec:07:68:af:22:af:
                    f5:1c:d4:21:a9:ea:d0:62:20:0d:c5:53:78:83:0d:
                    fe:03:87:95:41:68:5a:71:92:5a:66:35:fb:55:7c:
                    9b:62:7d:63:b2:60:a3:57:1a:b3:ab:ce:6d:31:46:
                    ed:ab:02:0a:d9:6b:d2:73:17:e3:47:d4:fe:7e:e2:
                    0c:d6:6d:ef:e6:f6:89:fb:d6:00:c2:f6:29:05:a8:
                    c1:3e:87:06:8c:4b:31:85:0e:39:b4:9a:0c:a9:9b:
                    99:b2:c4:04:6d:9c:31:d5:31:0f:b2:a1:31:9c:fd:
                    62:25:fd:7e:d1:41:2e:5a:c7:d6:60:61:65:b6:6b:
                    11:33:93:4e:52:25:35:7e:93:fb:c7:1d:e3:35:d5:
                    8f:23:6c:8b:3f:99:8a:7e:b9:4e:5f:09:90:31:b4:
                    fd:ae:2c:c2:1c:7c:f0:8e:25:b7:f9:3d:2f:8e:95:
                    b4:a6:da:f0:6f:31:68:d7:b7:80:32:55:a2:dd:85:
                    93:cd:f1:f7:89:32:f2:02:3f:2b:e5:55:10:5e:db:
                    19:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:50:29:F5:66:D2:2C:68:F8:7A:22:83:6B:25:16:90:F4:83:F2:A2
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b2262b90-44fa-401f-842c-4ae44ec786a4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  184.73.144.0/21

    Signature Algorithm: sha256WithRSAEncryption
         85:bc:4a:10:e5:5f:33:c6:b1:c8:58:d8:26:c9:44:a3:c1:2a:
         ab:cc:54:9d:7a:ac:99:3f:db:de:b5:ae:cd:06:6b:b9:07:d9:
         47:5a:70:11:48:b6:f5:f0:02:41:e4:99:6a:b5:c7:57:1d:54:
         bf:1e:d1:9b:99:64:68:8d:f7:09:6d:fd:4c:1d:e0:72:a1:bd:
         6b:d7:0b:38:a1:e6:51:df:47:2d:c4:9e:97:ec:0c:73:b4:51:
         58:8d:e2:bc:1b:29:db:03:2f:83:8c:50:65:05:73:c1:d7:71:
         8f:1d:42:9c:5f:e2:6d:81:78:da:9b:5f:45:55:cd:fd:56:5d:
         17:9c:5e:99:a2:c8:95:90:29:e9:33:9d:1f:35:96:54:46:3b:
         1e:74:a2:ab:d8:23:9f:2c:aa:b8:f5:cf:84:a1:31:18:48:78:
         e9:72:b3:fd:65:25:80:f8:00:ce:58:33:29:13:32:a7:00:72:
         cd:10:8c:b7:0a:37:57:d1:cf:f5:3b:78:f3:bd:f7:55:17:ed:
         ed:21:99:b0:44:67:a4:67:3a:38:95:24:b3:99:78:71:5d:c7:
         dd:41:be:20:3f:43:5f:2d:ed:08:40:32:b1:f0:7c:3d:01:00:
         d5:22:b6:02:45:d0:0b:7b:3e:d9:67:81:4f:c1:58:7b:b5:7a:
         6b:7c:ef:84
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbuPvyQFMdREnb3p9ZJvsyBjHygQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNTA1MDA0MDM3WhcNMjYwODAzMjM1OTU5
WjB6MUkwRwYDVQQFE0A4NjQwYjhlOTZkYjIyMzE2NTdhZjM0ZWQ1Y2Y2OTNmMzdi
NTg4NGI3ZDA2OWM0NjFiZDA3ZWRmNDEzNTViNWJhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvmNxmsRlWq1UJrpGW5yLmh9Xxkb+ylBKWxTl+X5wf5Ims
rh9bLEhqI3V8IXFgNQ4OqcmRHewHaK8ir/Uc1CGp6tBiIA3FU3iDDf4Dh5VBaFpx
klpmNftVfJtifWOyYKNXGrOrzm0xRu2rAgrZa9JzF+NH1P5+4gzWbe/m9on71gDC
9ikFqME+hwaMSzGFDjm0mgypm5myxARtnDHVMQ+yoTGc/WIl/X7RQS5ax9ZgYWW2
axEzk05SJTV+k/vHHeM11Y8jbIs/mYp+uU5fCZAxtP2uLMIcfPCOJbf5PS+OlbSm
2vBvMWjXt4AyVaLdhZPN8feJMvICPyvlVRBe2xk1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUrVAp9WbSLGj4eiKDayUWkPSD8qIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2IyMjYyYjkwLTQ0ZmEtNDAxZi04NDJjLTRhZTQ0ZWM3ODZhNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAO4SZAwDQYJKoZIhvcNAQELBQADggEBAIW8ShDlXzPGschY2CbJRKPBKqvM
VJ16rJk/2961rs0Ga7kH2UdacBFItvXwAkHkmWq1x1cdVL8e0ZuZZGiN9wlt/Uwd
4HKhvWvXCzih5lHfRy3EnpfsDHO0UViN4rwbKdsDL4OMUGUFc8HXcY8dQpxf4m2B
eNqbX0VVzf1WXRecXpmiyJWQKekznR81llRGOx50oqvYI58sqrj1z4ShMRhIeOly
s/1lJYD4AM5YMykTMqcAcs0QjLcKN1fRz/U7ePO991UX7e0hmbBEZ6RnOjiVJLOZ
eHFdx91BviA/Q18t7QhAMrHwfD0BANUitgJF0At7PtlngU/BWHu1emt874Q=
-----END CERTIFICATE-----