Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/a11f9364-e88a-440b-a95f-a94c5ecdc863.roa
File:                     a11f9364-e88a-440b-a95f-a94c5ecdc863.roa (raw, json)
Hash identifier:          GoASTP3/4QosQjYhxR19C5wXiUf8xielprpopXPx9jQ=
Subject key identifier:   AD:92:DB:14:7B:CC:67:59:EA:39:0F:1B:FB:18:E1:FA:8E:F1:AF:80
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       4A6D6E30166FF5B573062AD4831E71D9CB5A2C7C
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/a11f9364-e88a-440b-a95f-a94c5ecdc863.roa
Signing time:             Wed 25 Jun 2025 00:00:53 +0000
ROA not before:           Wed 25 Jun 2025 00:00:53 +0000
ROA not after:            Wed 30 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        69.169.237.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 02 Jul 2025 15:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:6d:6e:30:16:6f:f5:b5:73:06:2a:d4:83:1e:71:d9:cb:5a:2c:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Jun 25 00:00:53 2025 GMT
            Not After : Jul 30 23:59:59 2025 GMT
        Subject: serialNumber=7208f79e23861fd51e7ea14a0208fa9c1e55c5c9005a83cd642642ec72ea091a, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:8f:6c:15:02:b5:0a:cf:32:da:31:09:79:e3:
                    f6:f2:b6:42:e4:11:78:bc:b7:aa:58:29:19:d3:94:
                    e5:4a:53:a9:79:f0:57:39:6c:3d:c2:11:32:4d:bf:
                    ba:e4:68:4c:1d:ac:b2:1d:30:0d:2b:8c:a8:93:8c:
                    da:c0:b7:5a:9a:fb:ac:d3:98:2f:05:e2:28:47:ce:
                    a5:98:00:8b:87:10:ff:fd:0e:4a:7a:16:f0:b7:01:
                    7b:ae:ad:71:22:08:53:19:61:d7:73:e8:87:46:e2:
                    92:4e:29:c2:dc:ca:55:bd:c4:43:eb:73:b5:53:e7:
                    1c:2d:7b:f3:9d:99:ce:aa:51:b7:bd:4d:a7:a3:14:
                    f3:22:cb:56:d8:84:3b:b4:53:fc:d2:02:4c:c4:82:
                    d2:e2:af:9a:aa:6f:a8:0a:1e:96:2c:f1:0e:a8:c0:
                    ca:cb:33:2e:a6:1f:f4:b9:8b:00:c6:5c:d8:c7:b8:
                    c9:61:8c:af:57:09:5c:ca:59:44:9c:b2:c3:d2:02:
                    26:f9:ae:57:7c:0f:9b:0f:58:5e:0f:b4:1c:3d:8a:
                    54:62:cc:03:3b:ef:f2:a9:a8:f8:c9:29:0b:66:7c:
                    ae:2a:4d:c0:9f:83:4e:f6:09:08:28:6b:35:f9:a2:
                    cf:d2:27:02:87:e7:cf:5d:77:77:18:29:83:61:b0:
                    5a:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:92:DB:14:7B:CC:67:59:EA:39:0F:1B:FB:18:E1:FA:8E:F1:AF:80
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/a11f9364-e88a-440b-a95f-a94c5ecdc863.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  69.169.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:39:db:7c:2d:21:b6:2b:93:a3:e9:b6:9b:d0:06:97:3c:b0:
         27:f4:4b:eb:75:f9:93:f8:96:84:d9:c4:30:df:d8:2e:fd:69:
         18:8a:bc:68:a5:2c:5e:85:2e:46:35:01:e6:78:6e:0c:ce:d0:
         be:31:45:b7:e4:6a:82:4c:71:36:a5:83:a4:19:68:ed:62:55:
         f0:88:aa:f9:02:3d:57:37:fe:dd:a9:41:48:b0:74:96:54:fd:
         a7:3a:58:54:e4:76:18:9a:7f:9c:c3:0d:5f:88:5f:ae:4d:b8:
         7f:4b:1a:9c:0f:ba:ed:2a:1c:20:46:2f:dd:45:f8:bf:05:03:
         37:b0:7a:06:9c:38:dc:e5:c7:d3:8a:c0:d5:da:ee:b5:17:a3:
         6d:3c:ca:78:a8:67:f3:3f:22:ea:cc:f6:54:47:1c:c7:7e:39:
         38:9e:88:8c:03:1e:b2:2d:d7:37:0e:71:fd:49:40:e4:47:5d:
         78:3d:3a:24:a0:b5:aa:30:6b:42:ea:40:82:66:eb:cc:3c:29:
         10:3a:30:53:09:99:d1:fe:a2:19:52:4f:12:1b:bf:07:1b:b3:
         86:36:fb:57:66:66:42:a0:e3:bc:40:78:6a:45:40:bd:50:56:
         b2:f0:63:98:12:37:63:99:7c:41:99:37:b6:14:d7:6b:4d:47:
         b7:e0:eb:22
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSm1uMBZv9bVzBirUgx5x2ctaLHwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUwNjI1MDAwMDUzWhcNMjUwNzMwMjM1OTU5
WjB6MUkwRwYDVQQFE0A3MjA4Zjc5ZTIzODYxZmQ1MWU3ZWExNGEwMjA4ZmE5YzFl
NTVjNWM5MDA1YTgzY2Q2NDI2NDJlYzcyZWEwOTFhMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCcj2wVArUKzzLaMQl54/bytkLkEXi8t6pYKRnTlOVKU6l5
8Fc5bD3CETJNv7rkaEwdrLIdMA0rjKiTjNrAt1qa+6zTmC8F4ihHzqWYAIuHEP/9
Dkp6FvC3AXuurXEiCFMZYddz6IdG4pJOKcLcylW9xEPrc7VT5xwte/Odmc6qUbe9
TaejFPMiy1bYhDu0U/zSAkzEgtLir5qqb6gKHpYs8Q6owMrLMy6mH/S5iwDGXNjH
uMlhjK9XCVzKWUScssPSAib5rld8D5sPWF4PtBw9ilRizAM77/KpqPjJKQtmfK4q
TcCfg072CQgoazX5os/SJwKH589dd3cYKYNhsFo9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUrZLbFHvMZ1nqOQ8b+xjh+o7xr4AwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkL2ExMWY5MzY0LWU4OGEtNDQwYi1hOTVmLWE5NGM1ZWNkYzg2My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABFqe0wDQYJKoZIhvcNAQELBQADggEBAHo523wtIbYrk6PptpvQBpc8sCf0
S+t1+ZP4loTZxDDf2C79aRiKvGilLF6FLkY1AeZ4bgzO0L4xRbfkaoJMcTalg6QZ
aO1iVfCIqvkCPVc3/t2pQUiwdJZU/ac6WFTkdhiaf5zDDV+IX65NuH9LGpwPuu0q
HCBGL91F+L8FAzewegacONzlx9OKwNXa7rUXo208ynioZ/M/IurM9lRHHMd+OTie
iIwDHrIt1zcOcf1JQORHXXg9OiSgtaowa0LqQIJm68w8KRA6MFMJmdH+ohlSTxIb
vwcbs4Y2+1dmZkKg47xAeGpFQL1QVrLwY5gSN2OZfEGZN7YU12tNR7fg6yI=
-----END CERTIFICATE-----
Generated at Mon Jun 30 22:55:44 2025 by rpki-client