Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/639621c0-050e-4e66-b3a2-1dd129de2c24.roa
File:                     639621c0-050e-4e66-b3a2-1dd129de2c24.roa (raw, json)
Hash identifier:          rCgb8rFjfoVoPNQtk8MLJBrRpPPRNOgyjOkntlJ7vEk=
Subject key identifier:   91:C6:C3:2B:0D:3C:56:B4:C5:24:58:27:9C:67:39:F0:51:77:07:81
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       7E3F35C16F8E87770E21FB0D699B1A8FF9C1BE16
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/639621c0-050e-4e66-b3a2-1dd129de2c24.roa
Signing time:             Tue 06 May 2025 00:10:12 +0000
ROA not before:           Tue 06 May 2025 00:10:12 +0000
ROA not after:            Tue 10 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        76.223.182.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 10 May 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:3f:35:c1:6f:8e:87:77:0e:21:fb:0d:69:9b:1a:8f:f9:c1:be:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: May  6 00:10:12 2025 GMT
            Not After : Jun 10 23:59:59 2025 GMT
        Subject: serialNumber=a0b1405ad79abf0de70ff6dab97e7aab6138a9e7facc190d92adc5a2d04b6d85, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:6c:d6:b3:d7:fd:8b:a9:ee:8f:d3:8d:e2:d4:
                    4b:7c:71:67:56:4e:62:a9:ca:c1:ab:fb:35:b7:60:
                    bf:90:43:7a:65:d5:d3:b0:b8:f1:be:32:57:e9:23:
                    67:f0:5d:db:44:28:14:c0:e7:60:fb:b5:f4:eb:7d:
                    04:e9:e1:a9:f6:69:e4:71:c7:97:80:e5:fe:86:bc:
                    24:ab:51:42:d6:0d:b8:a8:e3:17:32:b0:b6:cf:bb:
                    e5:f8:25:b2:69:e5:bc:62:6f:55:38:a4:29:25:5e:
                    3e:98:68:5b:d3:5c:49:99:67:95:86:7d:f3:60:7e:
                    a4:06:7a:47:b9:09:98:4e:de:9d:11:41:6c:df:78:
                    0a:cb:ec:03:e1:05:7e:01:f3:70:b2:62:d5:e5:1e:
                    19:e4:88:4f:71:49:66:f1:e0:26:24:69:6b:8c:3a:
                    b8:0b:d9:ac:86:3a:fd:ea:f0:a2:0f:58:ba:36:87:
                    5a:26:fb:19:ad:98:18:1b:0b:d4:24:37:ef:9d:b7:
                    8e:d8:2d:21:12:85:72:8f:68:46:0f:61:98:0c:54:
                    50:cb:a1:ff:e2:17:ae:c5:56:e4:99:56:6d:af:47:
                    7f:17:e1:ad:4f:d7:c8:79:76:a8:c5:8f:61:ce:b2:
                    69:d9:6c:45:c7:12:95:5b:02:8e:e4:fd:e5:c2:55:
                    56:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:C6:C3:2B:0D:3C:56:B4:C5:24:58:27:9C:67:39:F0:51:77:07:81
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/639621c0-050e-4e66-b3a2-1dd129de2c24.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  76.223.182.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:a7:4c:38:40:f9:52:26:9b:06:2c:e5:d1:7e:b7:6e:5d:c5:
         b1:06:bf:d9:53:2e:7a:41:e7:04:c2:0e:37:8c:ac:c4:74:cd:
         0e:67:2b:ad:86:65:1c:58:14:25:2f:85:26:53:29:cf:cc:fe:
         3b:6c:1c:f8:b7:97:a8:0f:6d:9a:71:27:cf:59:de:ef:75:cf:
         30:2a:4c:e6:94:82:6b:fd:21:7a:f3:2e:bc:8b:bf:91:08:a1:
         54:f7:8a:64:7c:96:84:ac:c5:2b:1e:08:44:ad:fc:5d:a3:db:
         b0:12:92:4f:74:61:13:cc:52:a5:e3:b7:d7:ab:ae:d6:7d:a4:
         78:e0:6f:fd:03:b6:a1:21:76:68:90:16:99:5a:fb:ea:a2:87:
         0f:6d:ef:1c:da:72:d2:ac:ed:eb:c0:44:ee:26:bd:01:ea:47:
         10:3a:57:04:b0:ac:ca:54:e3:62:40:b1:98:6f:c9:42:80:b4:
         9b:81:56:b9:13:d3:5c:cb:07:3b:81:ad:9e:63:f4:41:65:38:
         b2:78:46:8c:88:e7:c5:90:6b:f7:3a:16:7c:25:44:dd:93:0f:
         23:f4:fc:22:b1:df:31:f0:04:46:68:bf:7e:3a:e1:29:0f:90:
         5c:1c:67:43:53:25:05:46:48:9b:13:1b:02:28:10:61:e9:1c:
         46:bd:dd:bc
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfj81wW+Oh3cOIfsNaZsaj/nBvhYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUwNTA2MDAxMDEyWhcNMjUwNjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BhMGIxNDA1YWQ3OWFiZjBkZTcwZmY2ZGFiOTdlN2FhYjYx
MzhhOWU3ZmFjYzE5MGQ5MmFkYzVhMmQwNGI2ZDg1MS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCwbNaz1/2Lqe6P043i1Et8cWdWTmKpysGr+zW3YL+QQ3pl
1dOwuPG+MlfpI2fwXdtEKBTA52D7tfTrfQTp4an2aeRxx5eA5f6GvCSrUULWDbio
4xcysLbPu+X4JbJp5bxib1U4pCklXj6YaFvTXEmZZ5WGffNgfqQGeke5CZhO3p0R
QWzfeArL7APhBX4B83CyYtXlHhnkiE9xSWbx4CYkaWuMOrgL2ayGOv3q8KIPWLo2
h1om+xmtmBgbC9QkN++dt47YLSEShXKPaEYPYZgMVFDLof/iF67FVuSZVm2vR38X
4a1P18h5dqjFj2HOsmnZbEXHEpVbAo7k/eXCVVb9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUkcbDKw08VrTFJFgnnGc58FF3B4EwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkLzYzOTYyMWMwLTA1MGUtNGU2Ni1iM2EyLTFkZDEyOWRlMmMyNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABM37YwDQYJKoZIhvcNAQELBQADggEBAH6nTDhA+VImmwYs5dF+t25dxbEG
v9lTLnpB5wTCDjeMrMR0zQ5nK62GZRxYFCUvhSZTKc/M/jtsHPi3l6gPbZpxJ89Z
3u91zzAqTOaUgmv9IXrzLryLv5EIoVT3imR8loSsxSseCESt/F2j27ASkk90YRPM
UqXjt9errtZ9pHjgb/0DtqEhdmiQFpla++qihw9t7xzactKs7evARO4mvQHqRxA6
VwSwrMpU42JAsZhvyUKAtJuBVrkT01zLBzuBrZ5j9EFlOLJ4RoyI58WQa/c6Fnwl
RN2TDyP0/CKx3zHwBEZov3464SkPkFwcZ0NTJQVGSJsTGwIoEGHpHEa93bw=
-----END CERTIFICATE-----
Generated at Fri May 9 09:02:18 2025 by rpki-client