Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/60789a29-f516-47ec-9154-b2b610f7282e.roa
File:                     60789a29-f516-47ec-9154-b2b610f7282e.roa (raw, json)
Hash identifier:          6JC5/16PsOlWWifnd6sRiYHKtb4MLhaiSQ13pnhFAVw=
Subject key identifier:   C0:F5:8C:82:A6:9F:78:0B:CD:CB:F2:74:DE:71:56:0D:2C:74:79:CC
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       5A498849A565729CCDD2B1D9E8783A1B732C638B
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/60789a29-f516-47ec-9154-b2b610f7282e.roa
Signing time:             Sat 19 Jul 2025 00:00:08 +0000
ROA not before:           Sat 19 Jul 2025 00:00:08 +0000
ROA not after:            Sat 23 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        216.221.168.0/21 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 24 Jul 2025 15:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:49:88:49:a5:65:72:9c:cd:d2:b1:d9:e8:78:3a:1b:73:2c:63:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Jul 19 00:00:08 2025 GMT
            Not After : Aug 23 23:59:59 2025 GMT
        Subject: serialNumber=177c2735f1b6cb8b23be48e821ef7502dde0553d66c09d6b86d7b300cca82db5, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:9c:69:80:f8:5b:46:55:25:7f:40:c1:c9:55:
                    56:e0:c8:e7:49:69:07:51:f6:48:af:2c:1f:59:60:
                    11:04:ce:2a:c8:4d:64:fa:a0:13:b7:ec:91:a8:fa:
                    fa:0c:ac:5c:45:13:9d:b6:fc:05:2f:00:ed:93:dc:
                    19:ad:c3:8f:51:6d:ae:b5:ce:87:ac:36:fd:41:80:
                    b8:2e:53:56:3d:b7:9a:17:dc:b6:6b:cd:96:c4:63:
                    aa:97:a9:89:ba:4b:62:6f:ca:d7:08:c0:a1:b8:b3:
                    af:ed:85:a4:c4:a4:ed:41:1d:bc:c0:8e:6e:cf:21:
                    26:c5:2d:e9:04:4c:37:19:75:86:75:d0:53:c9:a3:
                    96:7a:53:10:36:fd:d6:fa:e0:9a:3a:2b:37:2f:9e:
                    69:28:3f:49:7a:33:39:ce:7f:3e:e8:8b:ad:1d:4d:
                    c2:ac:b5:21:fa:20:57:ff:b8:4d:bd:c4:89:cb:85:
                    02:de:f7:5c:d5:6f:da:03:a9:1a:15:8d:6a:ef:8c:
                    10:28:89:ad:f4:eb:00:32:f2:0e:7a:96:b6:f1:dc:
                    08:be:aa:20:6e:eb:d1:72:83:71:0c:7e:92:1b:54:
                    b8:60:df:30:f8:cc:e8:b8:98:a9:07:90:9e:a7:68:
                    f4:4e:0a:9c:b9:e2:43:dc:f8:2b:bc:1d:0b:c6:e8:
                    db:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:F5:8C:82:A6:9F:78:0B:CD:CB:F2:74:DE:71:56:0D:2C:74:79:CC
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/60789a29-f516-47ec-9154-b2b610f7282e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.221.168.0/21

    Signature Algorithm: sha256WithRSAEncryption
         5b:52:1c:18:70:f5:c6:d9:20:8a:69:20:99:d2:e9:0a:ff:4c:
         0c:00:c8:81:39:1e:7b:5d:3a:71:5c:6a:5b:b0:33:cd:24:d5:
         47:5d:5f:4c:a6:f5:c1:c4:49:2d:14:4a:37:ab:79:e6:15:ea:
         54:c5:eb:6f:1f:a4:b6:ee:38:d0:22:ed:0b:18:7a:79:a4:ab:
         9a:d2:c7:13:56:82:65:4c:01:66:56:cd:35:76:d4:bc:27:f4:
         9a:f7:a1:13:86:02:db:0d:85:f8:b4:d5:d4:0c:03:fd:fe:ef:
         85:98:00:83:4d:6a:6a:f1:a7:b4:e8:d9:e6:65:f1:02:59:fd:
         2c:31:7c:a4:0c:56:72:0b:29:6e:b9:ad:c8:a3:89:cc:00:6d:
         cc:0f:1e:5f:fb:5d:af:2a:27:dc:f9:76:a5:bf:c0:98:56:a8:
         e3:ce:9b:d8:a3:7a:b1:cd:69:95:21:de:be:1a:de:44:f8:9d:
         a1:f1:a3:b2:34:c1:94:c9:20:18:cc:03:b3:d6:67:27:e3:98:
         99:2a:f3:3c:16:6f:d5:7b:a8:9f:83:6a:01:5b:68:8a:fd:59:
         73:57:be:ea:80:da:fe:95:2c:23:98:1a:bc:e6:a2:d2:2c:3f:
         a4:9b:19:06:c9:06:66:e1:a3:19:50:8f:bf:d6:72:4e:89:8d:
         17:9f:10:26
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUWkmISaVlcpzN0rHZ6Hg6G3MsY4swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUwNzE5MDAwMDA4WhcNMjUwODIzMjM1OTU5
WjB6MUkwRwYDVQQFE0AxNzdjMjczNWYxYjZjYjhiMjNiZTQ4ZTgyMWVmNzUwMmRk
ZTA1NTNkNjZjMDlkNmI4NmQ3YjMwMGNjYTgyZGI1MS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1nGmA+FtGVSV/QMHJVVbgyOdJaQdR9kivLB9ZYBEEzirI
TWT6oBO37JGo+voMrFxFE522/AUvAO2T3Bmtw49Rba61zoesNv1BgLguU1Y9t5oX
3LZrzZbEY6qXqYm6S2JvytcIwKG4s6/thaTEpO1BHbzAjm7PISbFLekETDcZdYZ1
0FPJo5Z6UxA2/db64Jo6KzcvnmkoP0l6MznOfz7oi60dTcKstSH6IFf/uE29xInL
hQLe91zVb9oDqRoVjWrvjBAoia306wAy8g56lrbx3Ai+qiBu69Fyg3EMfpIbVLhg
3zD4zOi4mKkHkJ6naPROCpy54kPc+Cu8HQvG6Nt/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUwPWMgqafeAvNy/J03nFWDSx0ecwwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkLzYwNzg5YTI5LWY1MTYtNDdlYy05MTU0LWIyYjYxMGY3MjgyZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAPY3agwDQYJKoZIhvcNAQELBQADggEBAFtSHBhw9cbZIIppIJnS6Qr/TAwA
yIE5HntdOnFcaluwM80k1UddX0ym9cHESS0USjereeYV6lTF628fpLbuONAi7QsY
enmkq5rSxxNWgmVMAWZWzTV21Lwn9Jr3oROGAtsNhfi01dQMA/3+74WYAINNamrx
p7To2eZl8QJZ/SwxfKQMVnILKW65rcijicwAbcwPHl/7Xa8qJ9z5dqW/wJhWqOPO
m9ijerHNaZUh3r4a3kT4naHxo7I0wZTJIBjMA7PWZyfjmJkq8zwWb9V7qJ+DagFb
aIr9WXNXvuqA2v6VLCOYGrzmotIsP6SbGQbJBmbhoxlQj7/Wck6JjRefECY=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:12:37 2025 by rpki-client