Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/93d7471b-56b1-4f53-982e-a84765e52ef3.roa
File:                     93d7471b-56b1-4f53-982e-a84765e52ef3.roa (raw, json)
Hash identifier:          DQgd9EqTNSZwZWofA9Jk7LW4GNotNgJ1wSKDgBr/uJE=
Subject key identifier:   11:E3:36:F6:1E:97:9A:2B:AA:05:4B:C3:D4:04:0C:B3:21:CD:51:7F
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       3BFB6ECFC1E61B4BE132CC2B828460F9A8F69F17
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/93d7471b-56b1-4f53-982e-a84765e52ef3.roa
Signing time:             Tue 06 May 2025 00:10:03 +0000
ROA not before:           Tue 06 May 2025 00:10:03 +0000
ROA not after:            Tue 10 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        76.223.188.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 10 May 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:fb:6e:cf:c1:e6:1b:4b:e1:32:cc:2b:82:84:60:f9:a8:f6:9f:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: May  6 00:10:03 2025 GMT
            Not After : Jun 10 23:59:59 2025 GMT
        Subject: serialNumber=6a19074168e56ae19ca118a00f328a9f7188e18c71a1ba3b89ddf5030f2ea96e, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:6b:49:26:bc:9b:e2:5f:16:39:1e:eb:49:7f:
                    26:5d:03:32:16:ac:41:a8:41:6c:4d:63:31:6d:39:
                    90:8f:57:f6:b9:15:6a:64:be:bd:91:ce:9a:31:c3:
                    43:9a:04:41:e6:36:a4:56:da:80:1a:7a:38:60:65:
                    49:6f:53:6f:58:af:5d:57:b9:69:47:cc:c4:e3:61:
                    ae:e2:f6:cb:34:f7:d1:7c:8d:82:a2:7a:63:41:9f:
                    19:d3:86:31:b1:3a:1d:6e:20:47:63:db:b4:1d:d0:
                    98:14:7e:a2:9d:d4:56:92:5d:be:8a:39:35:00:16:
                    11:4a:6a:20:89:a6:86:80:f2:85:c5:17:4f:34:12:
                    b4:74:ae:3e:8c:c2:2d:92:02:29:eb:47:9c:94:5c:
                    30:87:be:2f:a9:a3:e0:03:b6:4b:12:14:97:cf:72:
                    ee:d2:fc:70:08:67:4f:5f:6e:24:3f:0b:1c:16:c5:
                    f2:1c:43:ad:29:04:9f:49:13:ac:16:a0:cd:69:a1:
                    1e:c1:4b:34:70:9d:97:4a:9d:ec:c1:43:83:38:45:
                    71:3e:2c:2e:e8:4c:c5:17:f6:79:bc:36:29:de:e3:
                    9a:dc:0c:94:31:c7:9a:3b:2a:15:74:14:c6:51:25:
                    c1:05:1e:09:a0:46:d7:c6:0e:a4:60:9e:a7:36:5e:
                    1b:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:E3:36:F6:1E:97:9A:2B:AA:05:4B:C3:D4:04:0C:B3:21:CD:51:7F
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/93d7471b-56b1-4f53-982e-a84765e52ef3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  76.223.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:7e:db:4f:5e:75:66:ec:a9:6c:ff:3d:e7:ce:52:48:eb:db:
         ee:64:e5:c5:92:38:5e:53:d6:cc:78:d2:82:d0:e9:27:c3:29:
         92:f3:fa:6f:a4:fc:17:20:c5:78:e9:2e:1f:09:40:cd:76:dd:
         83:4a:24:d0:7c:49:c7:0d:f1:50:88:9c:67:b4:d5:79:24:60:
         1f:95:2d:91:9d:c1:01:ad:0e:76:aa:1e:40:bd:a8:7d:28:12:
         82:07:9a:da:f2:ee:0f:77:2b:0c:59:cd:4d:e2:7d:44:93:82:
         80:cf:ee:03:f5:9f:28:e5:db:e7:c7:e4:49:3e:5a:76:62:28:
         a7:12:2c:cc:74:43:f6:3a:02:c6:4c:a6:8c:ac:73:4d:ad:54:
         d1:fc:4d:b3:bc:20:2a:e3:16:42:77:dc:01:f6:d7:59:bf:62:
         8b:1c:45:54:14:78:16:e4:bb:f6:1d:00:5b:20:59:4e:41:6d:
         67:f4:5b:0a:31:e7:85:1e:c3:7e:66:c2:c0:08:15:25:55:24:
         6f:bb:9a:f6:05:c6:3f:7e:6d:44:d1:bd:c4:c0:44:55:31:34:
         c4:07:8b:71:b8:e9:4a:d4:4e:7e:dc:c7:d9:76:84:27:46:6c:
         6d:a5:75:6e:76:a7:c5:06:a3:45:fe:1d:78:e0:fe:82:49:d5:
         64:09:7a:a7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUO/tuz8HmG0vhMswrgoRg+aj2nxcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUwNTA2MDAxMDAzWhcNMjUwNjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A2YTE5MDc0MTY4ZTU2YWUxOWNhMTE4YTAwZjMyOGE5Zjcx
ODhlMThjNzFhMWJhM2I4OWRkZjUwMzBmMmVhOTZlMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCza0kmvJviXxY5HutJfyZdAzIWrEGoQWxNYzFtOZCPV/a5
FWpkvr2Rzpoxw0OaBEHmNqRW2oAaejhgZUlvU29Yr11XuWlHzMTjYa7i9ss099F8
jYKiemNBnxnThjGxOh1uIEdj27Qd0JgUfqKd1FaSXb6KOTUAFhFKaiCJpoaA8oXF
F080ErR0rj6Mwi2SAinrR5yUXDCHvi+po+ADtksSFJfPcu7S/HAIZ09fbiQ/CxwW
xfIcQ60pBJ9JE6wWoM1poR7BSzRwnZdKnezBQ4M4RXE+LC7oTMUX9nm8Nine45rc
DJQxx5o7KhV0FMZRJcEFHgmgRtfGDqRgnqc2XhvdAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUEeM29h6XmiuqBUvD1AQMsyHNUX8wHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkLzkzZDc0NzFiLTU2YjEtNGY1My05ODJlLWE4NDc2NWU1MmVmMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABM37wwDQYJKoZIhvcNAQELBQADggEBACR+209edWbsqWz/PefOUkjr2+5k
5cWSOF5T1sx40oLQ6SfDKZLz+m+k/BcgxXjpLh8JQM123YNKJNB8SccN8VCInGe0
1XkkYB+VLZGdwQGtDnaqHkC9qH0oEoIHmtry7g93KwxZzU3ifUSTgoDP7gP1nyjl
2+fH5Ek+WnZiKKcSLMx0Q/Y6AsZMpoysc02tVNH8TbO8ICrjFkJ33AH211m/Yosc
RVQUeBbku/YdAFsgWU5BbWf0Wwox54Uew35mwsAIFSVVJG+7mvYFxj9+bUTRvcTA
RFUxNMQHi3G46UrUTn7cx9l2hCdGbG2ldW52p8UGo0X+HXjg/oJJ1WQJeqc=
-----END CERTIFICATE-----
Generated at Fri May 9 08:22:28 2025 by rpki-client