Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/b59643bf-eb80-414a-aca0-653646d46e07.roa
File:                     b59643bf-eb80-414a-aca0-653646d46e07.roa (raw, json)
Hash identifier:          viXKKH+ZSg0OF1yobllZSZOdjVbsRQrYSxeic7Z12TE=
Subject key identifier:   7B:B2:42:42:0B:24:04:D8:94:D8:DD:40:39:9A:05:14:8B:CC:D5:39
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       7CC6C2B1053160D9475A132C4A1AB3425A2C6E4D
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/b59643bf-eb80-414a-aca0-653646d46e07.roa
Signing time:             Fri 29 Aug 2025 00:10:03 +0000
ROA not before:           Fri 29 Aug 2025 00:10:03 +0000
ROA not after:            Fri 03 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        199.127.232.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 09 Sep 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:c6:c2:b1:05:31:60:d9:47:5a:13:2c:4a:1a:b3:42:5a:2c:6e:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Aug 29 00:10:03 2025 GMT
            Not After : Oct  3 23:59:59 2025 GMT
        Subject: serialNumber=909216a81571cec8063f86f9cf282a86a041ba3aa02226dfe37a3d8ca4681d27, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:65:00:cd:f0:db:af:c2:d9:81:83:98:38:8e:
                    4f:c0:0d:e9:b1:fb:0a:45:3c:64:1b:0d:66:f0:d8:
                    82:65:9a:43:38:90:cd:c7:b4:04:b5:23:a8:49:61:
                    65:ff:9b:68:ca:af:25:ee:9b:f4:a2:68:12:f1:8f:
                    ea:2a:bb:c0:a2:b5:fe:ab:83:ab:18:c3:49:1c:73:
                    15:22:ac:9a:41:6d:d6:bb:2d:27:bd:dd:57:d5:30:
                    df:5f:58:35:c3:64:8a:c4:c7:76:17:f2:17:66:5f:
                    96:80:a2:c0:fa:ba:5a:43:8c:50:8e:06:ef:50:50:
                    8d:19:00:32:4d:25:81:41:b1:54:6d:da:91:01:b2:
                    33:f1:29:f3:a2:b7:27:6b:e2:f1:7f:09:fe:94:42:
                    c3:28:43:48:bb:75:c0:1e:47:9a:51:8f:94:e1:46:
                    01:f3:31:63:a4:15:96:f1:d1:0f:15:87:a9:b4:67:
                    22:9d:a2:5c:fd:e2:60:ea:6a:fe:de:f6:9b:eb:54:
                    74:3d:44:90:34:93:ff:83:14:6f:c1:b8:5b:47:6b:
                    f3:89:bc:1c:d0:47:8a:60:ea:7e:29:0c:a0:6d:ef:
                    bc:29:4b:2b:1a:3f:e5:9e:31:ab:0b:67:ad:ea:59:
                    be:09:90:eb:ff:6d:1c:89:09:d2:ca:b9:7a:52:88:
                    6f:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:B2:42:42:0B:24:04:D8:94:D8:DD:40:39:9A:05:14:8B:CC:D5:39
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/b59643bf-eb80-414a-aca0-653646d46e07.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.127.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         13:c4:e6:40:14:3a:38:46:ef:69:2b:e4:0e:23:11:23:56:4e:
         80:20:f6:dc:ea:d9:07:f8:af:4a:cb:d5:bd:38:02:2d:99:12:
         f2:4a:a1:7c:3d:40:81:53:2a:5d:22:9a:61:cf:25:17:30:4a:
         b5:75:b7:f4:72:ac:61:4e:74:a1:e2:f2:4d:a3:89:9c:99:e3:
         c5:58:dd:4d:b2:39:2b:c4:4c:35:3f:f2:b5:5f:da:7c:4a:fe:
         18:14:ef:a8:d5:5f:64:fb:95:76:fc:d4:b9:84:1b:78:2b:f4:
         b6:35:48:2b:cd:a0:a8:b0:94:e6:bb:74:d8:bb:40:d8:ce:35:
         9a:e2:26:f0:bc:ef:9a:c8:58:13:e0:13:eb:7a:39:14:49:50:
         e9:4d:95:dc:fa:2e:bc:75:7f:04:bd:51:35:8d:87:78:25:d9:
         ba:38:8a:9c:57:8f:a5:36:a6:55:61:a4:6c:e1:b9:82:51:ee:
         da:bb:ae:88:74:3a:e2:0e:80:35:cb:ad:13:b9:3d:4a:6d:19:
         da:bc:5c:a6:8e:a5:7f:24:a2:5f:34:6d:ad:df:ca:4c:38:ef:
         e9:9a:54:e4:24:fa:04:e1:92:29:86:75:44:e1:a7:5a:f7:a9:
         f1:82:b5:66:1d:56:fa:4e:3d:45:2b:49:7b:1e:5b:ca:d6:2f:
         17:c4:1c:96
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfMbCsQUxYNlHWhMsShqzQlosbk0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUwODI5MDAxMDAzWhcNMjUxMDAzMjM1OTU5
WjB6MUkwRwYDVQQFE0A5MDkyMTZhODE1NzFjZWM4MDYzZjg2ZjljZjI4MmE4NmEw
NDFiYTNhYTAyMjI2ZGZlMzdhM2Q4Y2E0NjgxZDI3MS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzZQDN8NuvwtmBg5g4jk/ADemx+wpFPGQbDWbw2IJlmkM4
kM3HtAS1I6hJYWX/m2jKryXum/SiaBLxj+oqu8Citf6rg6sYw0kccxUirJpBbda7
LSe93VfVMN9fWDXDZIrEx3YX8hdmX5aAosD6ulpDjFCOBu9QUI0ZADJNJYFBsVRt
2pEBsjPxKfOitydr4vF/Cf6UQsMoQ0i7dcAeR5pRj5ThRgHzMWOkFZbx0Q8Vh6m0
ZyKdolz94mDqav7e9pvrVHQ9RJA0k/+DFG/BuFtHa/OJvBzQR4pg6n4pDKBt77wp
SysaP+WeMasLZ63qWb4JkOv/bRyJCdLKuXpSiG8LAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUe7JCQgskBNiU2N1AOZoFFIvM1TkwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkL2I1OTY0M2JmLWViODAtNDE0YS1hY2EwLTY1MzY0NmQ0NmUwNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBALHf+gwDQYJKoZIhvcNAQELBQADggEBABPE5kAUOjhG72kr5A4jESNWToAg
9tzq2Qf4r0rL1b04Ai2ZEvJKoXw9QIFTKl0immHPJRcwSrV1t/RyrGFOdKHi8k2j
iZyZ48VY3U2yOSvETDU/8rVf2nxK/hgU76jVX2T7lXb81LmEG3gr9LY1SCvNoKiw
lOa7dNi7QNjONZriJvC875rIWBPgE+t6ORRJUOlNldz6Lrx1fwS9UTWNh3gl2bo4
ipxXj6U2plVhpGzhuYJR7tq7roh0OuIOgDXLrRO5PUptGdq8XKaOpX8kol80ba3f
ykw47+maVOQk+gThkimGdUThp1r3qfGCtWYdVvpOPUUrSXseW8rWLxfEHJY=
-----END CERTIFICATE-----
Generated at Sun Sep 7 16:22:20 2025 by rpki-client