Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/154534d5-da69-43fe-9f0c-aad88b97483b.roa
File:                     154534d5-da69-43fe-9f0c-aad88b97483b.roa (raw, json)
Hash identifier:          4XvlXR/ZrQmfXN0rZGO134SGOuwJ0cpZ2dPM9R704RM=
Subject key identifier:   D9:09:D4:A2:7C:C4:53:96:06:A0:34:DE:4B:CB:98:8B:D5:65:C4:32
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       2C4C01107265D814CE572C0B552258FD9A686C91
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/154534d5-da69-43fe-9f0c-aad88b97483b.roa
Signing time:             Tue 08 Jul 2025 00:10:15 +0000
ROA not before:           Tue 08 Jul 2025 00:10:15 +0000
ROA not after:            Tue 12 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        23.251.250.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 15:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:4c:01:10:72:65:d8:14:ce:57:2c:0b:55:22:58:fd:9a:68:6c:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Jul  8 00:10:15 2025 GMT
            Not After : Aug 12 23:59:59 2025 GMT
        Subject: serialNumber=eb08de975c72a0f96fea335b85a1908e2cf2235575a80c4599d6b2560a5e789b, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:dd:2b:74:fe:5a:28:cb:25:b8:1d:2f:38:f9:
                    f9:60:45:0d:71:70:5c:89:32:55:1c:3d:af:52:9e:
                    86:d6:84:5f:85:83:41:15:cf:57:af:65:85:c9:88:
                    a1:37:52:c8:49:95:2a:e9:c6:c6:b6:ea:46:33:35:
                    f9:32:d7:90:9c:bb:d4:ab:4f:73:51:cb:fc:5d:50:
                    bb:53:31:c7:8b:07:83:84:ef:f1:4a:cc:42:3a:77:
                    b2:fb:f2:e7:b6:3f:8b:f3:53:7b:7d:46:61:fe:bd:
                    5a:e2:b0:4c:c2:70:d7:3d:e6:48:3d:41:df:cc:e2:
                    35:07:85:d7:84:d9:2a:5a:b0:99:fd:8c:27:22:db:
                    99:ad:e9:d4:d4:cc:b9:a6:5d:05:17:d2:34:34:58:
                    19:45:d8:cf:80:9f:7d:3b:c6:08:3f:40:8f:a3:94:
                    99:fd:fa:79:10:5e:6b:50:d4:c3:1a:4a:96:fb:99:
                    5b:a3:04:59:a1:26:a3:aa:a9:b7:2b:3e:e6:de:80:
                    f1:e4:72:26:47:d4:58:61:45:f1:f4:d3:1e:33:8a:
                    44:52:79:d9:1a:1c:0a:0a:3d:3e:9f:95:44:de:b2:
                    87:b3:01:3c:96:25:93:fb:79:a0:9a:a5:17:42:a2:
                    d7:3a:4f:d8:ea:61:30:4c:2a:63:12:1b:ca:fe:ee:
                    e4:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:09:D4:A2:7C:C4:53:96:06:A0:34:DE:4B:CB:98:8B:D5:65:C4:32
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/154534d5-da69-43fe-9f0c-aad88b97483b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.251.250.0/23

    Signature Algorithm: sha256WithRSAEncryption
         57:15:81:a5:d5:a3:d1:31:3b:51:27:db:b3:8b:57:45:e0:0b:
         6d:3f:7e:c2:97:df:71:8d:46:2f:24:84:f6:a6:26:6c:d1:2f:
         27:0e:1c:78:b9:ef:fa:c5:67:43:c3:42:39:cf:97:a3:05:ac:
         f3:fa:85:3d:8f:4e:b6:78:81:db:8e:76:08:a0:92:cc:69:3d:
         8d:95:71:5e:13:c0:42:5a:2b:93:62:57:eb:c8:82:8c:31:5a:
         7c:34:42:2d:1f:bc:91:47:e8:9b:2a:a3:2a:0b:6d:a3:d2:16:
         4a:57:ca:34:37:c8:68:98:a9:76:19:48:9f:25:de:49:a2:4a:
         87:51:ed:db:1d:b8:77:d8:f0:17:71:33:f2:75:ba:79:ca:18:
         68:44:3d:ab:27:5f:47:7c:7f:ed:fb:22:29:f5:42:31:cf:6a:
         39:78:e2:53:c4:8d:dd:df:3a:ee:a7:6c:55:94:a2:f7:33:78:
         8b:fd:0d:6e:ad:63:09:2f:c7:ef:2c:62:0e:78:c8:9c:2d:b1:
         75:13:95:fa:16:66:5a:0c:f8:8d:2d:0e:ed:c4:af:41:5d:ee:
         aa:ae:57:01:d8:5a:62:ab:bd:37:fa:69:aa:82:a6:17:ca:16:
         c8:81:2d:aa:48:a8:5f:a2:2b:2b:28:6e:5f:70:1d:6c:bc:8e:
         41:5b:b8:7e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULEwBEHJl2BTOVywLVSJY/ZpobJEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUwNzA4MDAxMDE1WhcNMjUwODEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BlYjA4ZGU5NzVjNzJhMGY5NmZlYTMzNWI4NWExOTA4ZTJj
ZjIyMzU1NzVhODBjNDU5OWQ2YjI1NjBhNWU3ODliMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDC3St0/looyyW4HS84+flgRQ1xcFyJMlUcPa9SnobWhF+F
g0EVz1evZYXJiKE3UshJlSrpxsa26kYzNfky15Ccu9SrT3NRy/xdULtTMceLB4OE
7/FKzEI6d7L78ue2P4vzU3t9RmH+vVrisEzCcNc95kg9Qd/M4jUHhdeE2SpasJn9
jCci25mt6dTUzLmmXQUX0jQ0WBlF2M+An307xgg/QI+jlJn9+nkQXmtQ1MMaSpb7
mVujBFmhJqOqqbcrPubegPHkciZH1FhhRfH00x4zikRSedkaHAoKPT6flUTesoez
ATyWJZP7eaCapRdCotc6T9jqYTBMKmMSG8r+7uS/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU2QnUonzEU5YGoDTeS8uYi9VlxDIwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkLzE1NDUzNGQ1LWRhNjktNDNmZS05ZjBjLWFhZDg4Yjk3NDgzYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEX+/owDQYJKoZIhvcNAQELBQADggEBAFcVgaXVo9ExO1En27OLV0XgC20/
fsKX33GNRi8khPamJmzRLycOHHi57/rFZ0PDQjnPl6MFrPP6hT2PTrZ4gduOdgig
ksxpPY2VcV4TwEJaK5NiV+vIgowxWnw0Qi0fvJFH6JsqoyoLbaPSFkpXyjQ3yGiY
qXYZSJ8l3kmiSodR7dsduHfY8BdxM/J1unnKGGhEPasnX0d8f+37Iin1QjHPajl4
4lPEjd3fOu6nbFWUovczeIv9DW6tYwkvx+8sYg54yJwtsXUTlfoWZloM+I0tDu3E
r0Fd7qquVwHYWmKrvTf6aaqCphfKFsiBLapIqF+iKysobl9wHWy8jkFbuH4=
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:32:53 2025 by rpki-client