Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/a11f9364-e88a-440b-a95f-a94c5ecdc863.roa
File:                     a11f9364-e88a-440b-a95f-a94c5ecdc863.roa (raw, json)
Hash identifier:          8Ub+uX3dYAONZ5O7ezSmhRLGmd1ohpK29XA8s+Ly9Bo=
Subject key identifier:   D8:2F:4F:C8:BC:F6:02:B5:B8:D1:72:F2:D8:6C:FF:A5:C4:50:ED:85
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       7775D091BCCF4270634D00820A5F477F0488EC4D
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/a11f9364-e88a-440b-a95f-a94c5ecdc863.roa
Signing time:             Tue 06 May 2025 00:01:04 +0000
ROA not before:           Tue 06 May 2025 00:01:04 +0000
ROA not after:            Tue 10 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        69.169.237.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 10 May 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:75:d0:91:bc:cf:42:70:63:4d:00:82:0a:5f:47:7f:04:88:ec:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: May  6 00:01:04 2025 GMT
            Not After : Jun 10 23:59:59 2025 GMT
        Subject: serialNumber=2631475d9798780d5356ebcc5870dbb66a8ceb7f5eddf436b08f20e9cf5b36a7, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:d4:55:12:0c:dc:74:98:d9:97:67:f4:72:70:
                    c1:69:e1:3d:17:0a:55:69:00:83:56:c4:f9:f9:cf:
                    97:f6:ad:fb:e4:5f:1e:be:0c:74:b6:13:58:7a:ab:
                    41:61:b1:da:30:da:3d:15:ca:db:28:12:2a:e2:1c:
                    37:bc:26:2a:df:eb:60:76:65:e6:83:ac:f2:dc:92:
                    22:2d:ce:6e:be:fa:3d:eb:92:02:88:5c:62:20:3c:
                    0c:ff:bf:2f:70:1f:c0:3a:2c:74:83:c2:7e:20:ce:
                    a1:bb:c5:23:30:ca:45:2c:b6:6c:66:1b:07:34:84:
                    10:26:29:1a:64:ce:73:a9:a4:e8:b3:88:26:80:ef:
                    2a:18:2b:97:82:aa:f9:54:b3:a0:19:bb:b8:9a:e8:
                    fd:dc:6b:b1:be:aa:70:93:95:2f:5c:33:ab:7a:f8:
                    42:6b:29:77:ff:ab:41:31:b8:fb:7b:0d:29:0f:4f:
                    b1:be:60:5b:bc:9b:db:a5:09:ff:32:1f:ff:60:10:
                    f7:d5:f7:d9:0a:a2:12:8a:cf:98:ae:0a:71:a7:31:
                    ec:1d:a7:d7:c8:cb:bb:78:47:39:96:ef:8f:4b:46:
                    8f:e9:75:56:81:08:fe:c0:4e:1f:85:0f:45:c9:c0:
                    6c:f8:e5:f4:7b:ab:fa:43:18:b6:a9:be:14:ff:88:
                    3a:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:2F:4F:C8:BC:F6:02:B5:B8:D1:72:F2:D8:6C:FF:A5:C4:50:ED:85
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/a11f9364-e88a-440b-a95f-a94c5ecdc863.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  69.169.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:51:9c:f0:42:66:7e:4a:7b:70:63:57:2a:d0:41:b1:4d:3f:
         5d:82:e5:e5:25:96:d9:00:07:7c:ef:5e:7f:fa:d4:e1:65:ea:
         df:cb:8d:bd:ac:c7:a9:f7:0e:53:9d:4e:1c:ef:de:36:aa:70:
         11:e1:17:37:35:4c:b4:7e:3a:c0:d4:b8:98:84:fd:69:fa:14:
         78:bb:80:75:12:28:46:b8:1b:0b:3c:79:f3:0b:5d:c2:53:d8:
         20:f5:ad:1d:e6:31:6b:3e:aa:62:cc:8e:72:2f:6e:53:b6:e4:
         d6:f6:b4:72:9b:d6:4e:03:8c:ca:f0:96:06:19:0b:3a:55:de:
         d6:69:00:96:bd:7d:71:0e:4b:32:f8:ec:5d:c3:c4:4a:fe:7b:
         b8:d6:35:47:f1:17:67:d8:51:91:fe:46:de:fa:eb:f3:a5:1e:
         0e:1d:1f:bb:df:ac:ac:eb:c0:d9:98:c3:81:a0:93:e1:8f:17:
         bb:75:0e:c3:a6:fa:b7:f1:60:32:ef:5d:d1:87:54:9b:d6:9b:
         0e:7f:b7:17:77:2b:56:3f:52:0b:71:66:96:05:d4:64:75:4d:
         61:ae:e4:f2:96:31:79:7a:65:f4:e3:bc:a2:eb:2e:67:d0:55:
         38:d4:fc:5e:b1:a3:4c:12:82:32:45:7d:31:1e:c5:1a:ab:a1:
         b1:3b:88:41
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUd3XQkbzPQnBjTQCCCl9HfwSI7E0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUwNTA2MDAwMTA0WhcNMjUwNjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AyNjMxNDc1ZDk3OTg3ODBkNTM1NmViY2M1ODcwZGJiNjZh
OGNlYjdmNWVkZGY0MzZiMDhmMjBlOWNmNWIzNmE3MS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCX1FUSDNx0mNmXZ/RycMFp4T0XClVpAINWxPn5z5f2rfvk
Xx6+DHS2E1h6q0Fhsdow2j0VytsoEiriHDe8Jirf62B2ZeaDrPLckiItzm6++j3r
kgKIXGIgPAz/vy9wH8A6LHSDwn4gzqG7xSMwykUstmxmGwc0hBAmKRpkznOppOiz
iCaA7yoYK5eCqvlUs6AZu7ia6P3ca7G+qnCTlS9cM6t6+EJrKXf/q0ExuPt7DSkP
T7G+YFu8m9ulCf8yH/9gEPfV99kKohKKz5iuCnGnMewdp9fIy7t4RzmW749LRo/p
dVaBCP7ATh+FD0XJwGz45fR7q/pDGLapvhT/iDr3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU2C9PyLz2ArW40XLy2Gz/pcRQ7YUwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkL2ExMWY5MzY0LWU4OGEtNDQwYi1hOTVmLWE5NGM1ZWNkYzg2My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABFqe0wDQYJKoZIhvcNAQELBQADggEBAIRRnPBCZn5Ke3BjVyrQQbFNP12C
5eUlltkAB3zvXn/61OFl6t/Ljb2sx6n3DlOdThzv3jaqcBHhFzc1TLR+OsDUuJiE
/Wn6FHi7gHUSKEa4Gws8efMLXcJT2CD1rR3mMWs+qmLMjnIvblO25Nb2tHKb1k4D
jMrwlgYZCzpV3tZpAJa9fXEOSzL47F3DxEr+e7jWNUfxF2fYUZH+Rt766/OlHg4d
H7vfrKzrwNmYw4Ggk+GPF7t1DsOm+rfxYDLvXdGHVJvWmw5/txd3K1Y/UgtxZpYF
1GR1TWGu5PKWMXl6ZfTjvKLrLmfQVTjU/F6xo0wSgjJFfTEexRqrobE7iEE=
-----END CERTIFICATE-----
Generated at Fri May 9 07:28:38 2025 by rpki-client