Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/16b57026-c673-4ef1-bc38-7596daa2e043.roa
File:                     16b57026-c673-4ef1-bc38-7596daa2e043.roa (raw, json)
Hash identifier:          35dVGVJuYMEdKOPz0cIu0fbiATLIPywSN1fSJhHdfVk=
Subject key identifier:   CF:A2:71:96:49:BA:52:66:D1:C8:94:61:21:A6:3A:59:DE:FC:3F:CA
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       1891472D45FF029C3D9A0A786113FDCB791A972E
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/16b57026-c673-4ef1-bc38-7596daa2e043.roa
Signing time:             Wed 25 Jun 2025 00:00:54 +0000
ROA not before:           Wed 25 Jun 2025 00:00:54 +0000
ROA not after:            Wed 30 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        69.169.226.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 02 Jul 2025 15:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:91:47:2d:45:ff:02:9c:3d:9a:0a:78:61:13:fd:cb:79:1a:97:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Jun 25 00:00:54 2025 GMT
            Not After : Jul 30 23:59:59 2025 GMT
        Subject: serialNumber=f0adb35d62aa8ffa7c90409690c7e8731ba9e87b7722ffd93f811e92f2aa6026, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:79:19:52:58:3f:73:63:e5:b6:52:0a:e7:63:
                    e0:1d:09:88:ec:22:9d:4d:01:41:41:59:7e:f8:1d:
                    d3:93:86:74:84:7b:3a:3a:bd:be:a0:45:ba:bb:bd:
                    db:8f:42:1f:f0:6f:cf:13:87:90:dc:9e:4e:8c:11:
                    20:58:d6:f9:91:cf:cd:f3:a2:06:7e:96:56:79:f4:
                    5a:7f:a4:17:65:de:44:60:e6:d8:29:ba:e8:49:d9:
                    a7:53:46:81:91:82:f1:b4:e2:b4:3a:14:17:97:64:
                    61:0f:21:43:49:24:8a:25:48:cb:9f:d8:e0:a9:9a:
                    4b:4e:3b:ae:01:e1:aa:06:8f:6c:b3:41:94:19:35:
                    4e:6e:1a:63:be:08:06:fb:65:8e:54:4a:80:1c:7a:
                    00:ff:41:31:58:b1:d3:fd:f5:08:75:10:ab:c4:89:
                    29:68:8a:2a:b2:60:61:36:7e:ce:13:17:de:d0:c9:
                    3f:52:51:26:da:9d:d3:8f:e3:f9:9b:97:57:c9:0e:
                    cc:fb:a2:6f:2e:f2:b0:b0:4f:28:49:c8:1b:aa:91:
                    19:70:1c:db:60:7e:56:13:0d:bf:a6:3e:80:c4:28:
                    85:39:df:cc:89:bd:6c:a7:a3:c5:b9:b5:92:0e:14:
                    bf:02:60:96:e6:ad:13:f9:03:76:20:33:e8:ec:c9:
                    46:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:A2:71:96:49:BA:52:66:D1:C8:94:61:21:A6:3A:59:DE:FC:3F:CA
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/16b57026-c673-4ef1-bc38-7596daa2e043.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  69.169.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:d8:93:da:e8:72:88:8d:3c:22:db:05:6b:ea:1a:f6:1a:74:
         d4:6f:58:17:53:19:92:81:18:55:5d:5b:97:a0:36:e3:0c:68:
         f1:2b:5a:b2:a5:50:d1:5a:60:58:d6:d9:04:17:30:b2:fa:31:
         08:7a:b2:86:3f:4d:d1:03:7b:6b:63:bf:68:af:2c:87:2d:bd:
         38:13:9a:2f:14:5e:ef:be:3a:92:90:4d:25:64:ae:d6:09:fa:
         6f:aa:8d:97:f2:c3:ad:17:85:96:47:49:df:06:66:22:9c:e1:
         53:33:17:5c:88:b0:8f:7b:2d:5c:8e:2a:4c:b4:5e:fa:35:29:
         2c:f8:08:bc:24:c7:2b:d2:f6:dd:5d:dd:b2:52:86:b4:e2:18:
         76:27:8e:ab:e5:60:4d:ab:7d:85:5a:32:41:4f:64:7d:73:99:
         bf:69:ad:5a:65:07:53:eb:22:03:d8:ec:f4:00:10:95:e7:82:
         82:59:99:b8:2c:70:c0:81:f5:3b:bc:33:a4:61:4e:05:34:76:
         ef:96:ce:d8:19:3c:cd:68:b7:db:4f:d3:65:1b:3f:3d:64:e4:
         24:c1:6d:6a:19:fc:6d:97:70:de:df:fa:6e:0f:c9:cd:f8:7b:
         24:ae:09:05:ad:9f:2a:1e:a6:ca:f7:3c:c5:d9:31:4e:fe:fd:
         87:69:9b:05
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUGJFHLUX/Apw9mgp4YRP9y3kaly4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUwNjI1MDAwMDU0WhcNMjUwNzMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BmMGFkYjM1ZDYyYWE4ZmZhN2M5MDQwOTY5MGM3ZTg3MzFi
YTllODdiNzcyMmZmZDkzZjgxMWU5MmYyYWE2MDI2MS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCoeRlSWD9zY+W2UgrnY+AdCYjsIp1NAUFBWX74HdOThnSE
ezo6vb6gRbq7vduPQh/wb88Th5Dcnk6MESBY1vmRz83zogZ+llZ59Fp/pBdl3kRg
5tgpuuhJ2adTRoGRgvG04rQ6FBeXZGEPIUNJJIolSMuf2OCpmktOO64B4aoGj2yz
QZQZNU5uGmO+CAb7ZY5USoAcegD/QTFYsdP99Qh1EKvEiSloiiqyYGE2fs4TF97Q
yT9SUSbandOP4/mbl1fJDsz7om8u8rCwTyhJyBuqkRlwHNtgflYTDb+mPoDEKIU5
38yJvWyno8W5tZIOFL8CYJbmrRP5A3YgM+jsyUb7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUz6Jxlkm6UmbRyJRhIaY6Wd78P8owHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkLzE2YjU3MDI2LWM2NzMtNGVmMS1iYzM4LTc1OTZkYWEyZTA0My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABFqeIwDQYJKoZIhvcNAQELBQADggEBAIDYk9rocoiNPCLbBWvqGvYadNRv
WBdTGZKBGFVdW5egNuMMaPErWrKlUNFaYFjW2QQXMLL6MQh6soY/TdEDe2tjv2iv
LIctvTgTmi8UXu++OpKQTSVkrtYJ+m+qjZfyw60XhZZHSd8GZiKc4VMzF1yIsI97
LVyOKky0Xvo1KSz4CLwkxyvS9t1d3bJShrTiGHYnjqvlYE2rfYVaMkFPZH1zmb9p
rVplB1PrIgPY7PQAEJXngoJZmbgscMCB9Tu8M6RhTgU0du+WztgZPM1ot9tP02Ub
Pz1k5CTBbWoZ/G2XcN7f+m4Pyc34eySuCQWtnyoepsr3PMXZMU7+/YdpmwU=
-----END CERTIFICATE-----
Generated at Tue Jul 1 00:46:45 2025 by rpki-client