Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/26d77bd4-20cb-42ee-8bae-c418156ab7e4.roa
File:                     26d77bd4-20cb-42ee-8bae-c418156ab7e4.roa (raw, json)
Hash identifier:          3nKG3cIn0pEOB0DHkePB/elKd79SDZ1IPgEHFHVBNQo=
Subject key identifier:   98:68:4D:CF:40:4B:11:B4:01:C7:DC:FB:23:0D:9A:58:9F:3F:A6:B3
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       1BEA95A285812A20F2412DF2CB0C17EF95326E07
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/26d77bd4-20cb-42ee-8bae-c418156ab7e4.roa
Signing time:             Tue 06 May 2025 00:00:58 +0000
ROA not before:           Tue 06 May 2025 00:00:58 +0000
ROA not after:            Tue 10 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        69.169.236.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 10 May 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:ea:95:a2:85:81:2a:20:f2:41:2d:f2:cb:0c:17:ef:95:32:6e:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: May  6 00:00:58 2025 GMT
            Not After : Jun 10 23:59:59 2025 GMT
        Subject: serialNumber=2d261bc494e5a7312c1b94564deb973bd925769c5e65c9a329ff3b3f87f70dc6, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:70:d7:fd:2e:e3:9a:86:6c:89:cb:18:e6:ce:
                    e0:ca:6b:d8:ca:d7:d1:9a:15:74:b5:ee:0e:a7:36:
                    9a:66:4b:d0:d0:c3:b9:c1:83:7b:98:ab:8e:e8:ce:
                    44:7b:1d:f4:da:1e:d7:76:9e:00:2f:a3:5b:d0:96:
                    0f:34:e8:63:d8:21:5a:73:e4:4b:93:c3:08:4b:ce:
                    df:05:4c:68:4d:a0:82:70:56:fc:32:80:f7:eb:17:
                    c7:e3:8f:d0:9c:a2:23:19:66:29:fb:b6:a6:a7:99:
                    ef:b4:40:f7:0b:64:16:47:dd:03:51:8f:c8:3d:79:
                    47:62:c9:da:8a:50:2a:78:25:77:2d:75:ff:91:56:
                    2f:41:ae:40:88:1b:7c:42:d9:d6:03:a0:1d:38:43:
                    40:8c:be:f2:cc:23:70:14:db:77:74:55:79:b7:14:
                    2d:17:87:04:78:ba:16:d7:09:07:e8:6f:0a:96:85:
                    ef:df:33:4e:58:97:13:d8:7d:c5:0a:81:a4:e5:95:
                    8d:6d:57:a8:f5:22:cf:cd:a6:4c:18:ea:c8:12:71:
                    89:e4:20:2c:bb:d4:54:a0:07:87:0b:d9:a3:81:48:
                    0a:4c:a0:bc:86:ef:b4:3f:39:38:1d:e7:2f:3b:5f:
                    ab:bd:95:40:1e:07:d6:fe:10:f0:2c:a2:37:6d:95:
                    cc:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:68:4D:CF:40:4B:11:B4:01:C7:DC:FB:23:0D:9A:58:9F:3F:A6:B3
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/26d77bd4-20cb-42ee-8bae-c418156ab7e4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  69.169.236.0/24

    Signature Algorithm: sha256WithRSAEncryption
         82:a1:13:5e:62:b8:32:64:30:9e:f9:88:9f:36:ae:d5:6b:4e:
         07:ae:82:d7:d3:4c:3a:42:65:40:6c:7d:46:c7:1b:d8:28:b9:
         78:03:e3:90:ee:94:7d:1c:70:6b:d7:50:f9:e0:53:82:a9:af:
         15:ac:76:ec:d8:4a:1c:b8:f4:ad:16:8b:81:44:5e:f7:d9:c5:
         71:c7:fe:0b:72:81:c9:f9:b4:d6:e4:ef:30:d0:f4:bb:17:97:
         8c:9d:a8:ee:19:33:20:ab:54:c7:e3:69:15:57:0e:39:31:06:
         91:59:a1:90:0a:f1:e4:24:d5:2f:dd:3d:38:5f:4b:a4:de:17:
         8d:b1:ba:40:f5:ec:e5:9f:fb:28:6b:25:aa:a5:c9:0b:09:6e:
         3a:07:fe:e2:20:a0:f8:a0:03:20:59:b3:a5:68:50:df:c1:a8:
         22:2b:fc:c1:59:e7:12:25:27:cc:0c:a9:b3:a9:e6:bd:75:65:
         56:52:35:15:17:0d:2f:f3:bd:a7:f6:59:be:b6:5e:ec:25:28:
         2c:db:86:70:23:dd:96:2f:33:e4:f8:32:dd:35:9c:e2:66:8d:
         65:3d:03:87:74:c3:17:2c:ba:fb:84:6d:12:02:58:d1:61:00:
         96:5f:a4:e2:9f:78:e1:0b:26:02:6b:c0:e9:d1:2e:87:35:78:
         0a:e2:cb:32
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUG+qVooWBKiDyQS3yywwX75UybgcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUwNTA2MDAwMDU4WhcNMjUwNjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AyZDI2MWJjNDk0ZTVhNzMxMmMxYjk0NTY0ZGViOTczYmQ5
MjU3NjljNWU2NWM5YTMyOWZmM2IzZjg3ZjcwZGM2MS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCYcNf9LuOahmyJyxjmzuDKa9jK19GaFXS17g6nNppmS9DQ
w7nBg3uYq47ozkR7HfTaHtd2ngAvo1vQlg806GPYIVpz5EuTwwhLzt8FTGhNoIJw
VvwygPfrF8fjj9CcoiMZZin7tqanme+0QPcLZBZH3QNRj8g9eUdiydqKUCp4JXct
df+RVi9BrkCIG3xC2dYDoB04Q0CMvvLMI3AU23d0VXm3FC0XhwR4uhbXCQfobwqW
he/fM05YlxPYfcUKgaTllY1tV6j1Is/NpkwY6sgScYnkICy71FSgB4cL2aOBSApM
oLyG77Q/OTgd5y87X6u9lUAeB9b+EPAsojdtlcxlAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUmGhNz0BLEbQBx9z7Iw2aWJ8/prMwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkLzI2ZDc3YmQ0LTIwY2ItNDJlZS04YmFlLWM0MTgxNTZhYjdlNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABFqewwDQYJKoZIhvcNAQELBQADggEBAIKhE15iuDJkMJ75iJ82rtVrTgeu
gtfTTDpCZUBsfUbHG9gouXgD45DulH0ccGvXUPngU4KprxWsduzYShy49K0Wi4FE
XvfZxXHH/gtygcn5tNbk7zDQ9LsXl4ydqO4ZMyCrVMfjaRVXDjkxBpFZoZAK8eQk
1S/dPThfS6TeF42xukD17OWf+yhrJaqlyQsJbjoH/uIgoPigAyBZs6VoUN/BqCIr
/MFZ5xIlJ8wMqbOp5r11ZVZSNRUXDS/zvaf2Wb62XuwlKCzbhnAj3ZYvM+T4Mt01
nOJmjWU9A4d0wxcsuvuEbRICWNFhAJZfpOKfeOELJgJrwOnRLoc1eAriyzI=
-----END CERTIFICATE-----
Generated at Fri May 9 12:49:18 2025 by rpki-client