Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/cb088b4a-420f-4b13-84d1-b160e021b919.roa
File:                     cb088b4a-420f-4b13-84d1-b160e021b919.roa (raw, json)
Hash identifier:          5O1cqS1M5brRfyImsoiG+WcjJ9S4AKcKVeYXXf3jpws=
Subject key identifier:   AE:7E:91:D5:1D:10:8D:AF:61:7A:0C:99:46:EB:8D:6C:44:C8:91:24
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       7490AFFEE35FA72CFAEAEBFA9711A9905843D2D0
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/cb088b4a-420f-4b13-84d1-b160e021b919.roa
Signing time:             Tue 06 May 2025 00:01:01 +0000
ROA not before:           Tue 06 May 2025 00:01:01 +0000
ROA not after:            Tue 10 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        69.169.227.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 10 May 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:90:af:fe:e3:5f:a7:2c:fa:ea:eb:fa:97:11:a9:90:58:43:d2:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: May  6 00:01:01 2025 GMT
            Not After : Jun 10 23:59:59 2025 GMT
        Subject: serialNumber=55f07fdecf51d7b5b407750d7eea474b729a7c12fd367fc242de25ebae8a5878, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:17:c1:18:8d:79:a8:f2:fa:03:e4:46:80:fd:
                    77:68:c7:e7:89:55:d2:65:5c:09:a7:73:c1:20:e3:
                    bc:d9:ee:f7:21:a7:3d:f6:62:d6:43:52:09:5b:4d:
                    3b:9f:23:52:b3:00:4e:d5:67:72:8d:7e:11:55:28:
                    1b:a3:5d:57:79:c8:c1:4c:80:98:6a:00:c2:9d:5e:
                    ce:31:84:44:d2:3b:38:f0:f9:8f:e6:b2:71:b0:e6:
                    70:b6:2f:b6:dd:74:ef:79:4e:bb:59:2e:4d:0a:85:
                    d9:74:67:48:8e:5a:d8:84:36:36:fe:48:e7:fd:fb:
                    05:e6:07:8a:d0:34:98:e9:81:b0:8b:07:ea:d2:ec:
                    81:ac:7c:12:62:f9:fb:1c:66:65:92:53:d1:df:bd:
                    ab:2f:cf:90:24:0a:49:95:4d:f9:95:cb:46:d6:1a:
                    55:11:d2:83:d9:54:19:87:2e:ad:e3:bb:00:eb:c6:
                    0d:41:0a:4c:76:c4:79:2f:85:70:d8:1e:82:d2:d4:
                    02:ce:9f:8c:bf:fd:a0:01:56:97:5c:64:eb:25:b1:
                    52:b8:45:9b:09:e8:dd:28:d1:ff:cc:cd:ee:75:bf:
                    0a:c3:2e:c4:12:3d:97:3e:7a:79:39:46:96:e0:74:
                    5b:fc:b7:73:d1:e9:fc:ca:1f:d8:83:da:e0:a7:0b:
                    4f:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:7E:91:D5:1D:10:8D:AF:61:7A:0C:99:46:EB:8D:6C:44:C8:91:24
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/cb088b4a-420f-4b13-84d1-b160e021b919.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  69.169.227.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:e2:8a:03:0d:ff:6d:b0:3c:df:8e:54:39:20:88:fd:84:72:
         8a:e1:a9:d3:48:83:78:ac:77:b5:ce:5d:47:43:16:79:8f:e7:
         a0:5e:7d:0e:d6:2e:95:96:1b:10:f5:2f:f2:3b:89:06:24:8e:
         fe:c6:b8:2d:a4:5a:dd:bd:94:82:f9:93:f9:54:d3:7f:e7:22:
         a6:24:a9:9c:af:32:4a:39:f0:03:ad:e4:d9:6d:4e:15:61:34:
         83:74:b0:ac:e3:34:49:fc:59:35:f8:e5:f1:e1:bc:33:99:1f:
         98:b1:36:93:a4:5f:5a:2d:e7:b4:1e:2a:05:da:c3:ca:c6:0e:
         d8:ed:2f:19:bc:ec:3f:d6:04:89:28:c7:a1:1e:fb:22:c5:84:
         84:00:d1:2b:af:e0:b7:20:1c:29:db:e7:3a:fa:c1:69:f4:e3:
         68:2d:6e:79:d9:cf:26:ad:6e:d3:58:4c:8e:d0:c6:35:d0:38:
         1a:bb:8b:71:df:41:47:83:d1:7d:67:95:d8:0a:d2:d8:8e:99:
         b7:c3:b8:ab:0f:2a:5e:45:5a:d3:49:f1:15:b8:5f:72:c3:42:
         b5:78:2e:ab:c4:0a:1b:e1:80:36:8e:25:de:21:8f:6f:aa:f4:
         dd:65:18:5e:72:04:16:f9:e1:0f:f7:51:30:5a:b5:58:fd:8a:
         0a:ed:e9:c6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdJCv/uNfpyz66uv6lxGpkFhD0tAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUwNTA2MDAwMTAxWhcNMjUwNjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A1NWYwN2ZkZWNmNTFkN2I1YjQwNzc1MGQ3ZWVhNDc0Yjcy
OWE3YzEyZmQzNjdmYzI0MmRlMjVlYmFlOGE1ODc4MS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD3F8EYjXmo8voD5EaA/Xdox+eJVdJlXAmnc8Eg47zZ7vch
pz32YtZDUglbTTufI1KzAE7VZ3KNfhFVKBujXVd5yMFMgJhqAMKdXs4xhETSOzjw
+Y/msnGw5nC2L7bddO95TrtZLk0Khdl0Z0iOWtiENjb+SOf9+wXmB4rQNJjpgbCL
B+rS7IGsfBJi+fscZmWSU9Hfvasvz5AkCkmVTfmVy0bWGlUR0oPZVBmHLq3juwDr
xg1BCkx2xHkvhXDYHoLS1ALOn4y//aABVpdcZOslsVK4RZsJ6N0o0f/Mze51vwrD
LsQSPZc+enk5RpbgdFv8t3PR6fzKH9iD2uCnC09NAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUrn6R1R0Qja9hegyZRuuNbETIkSQwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkL2NiMDg4YjRhLTQyMGYtNGIxMy04NGQxLWIxNjBlMDIxYjkxOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABFqeMwDQYJKoZIhvcNAQELBQADggEBAG7iigMN/22wPN+OVDkgiP2Ecorh
qdNIg3isd7XOXUdDFnmP56BefQ7WLpWWGxD1L/I7iQYkjv7GuC2kWt29lIL5k/lU
03/nIqYkqZyvMko58AOt5NltThVhNIN0sKzjNEn8WTX45fHhvDOZH5ixNpOkX1ot
57QeKgXaw8rGDtjtLxm87D/WBIkox6Ee+yLFhIQA0Suv4LcgHCnb5zr6wWn042gt
bnnZzyatbtNYTI7QxjXQOBq7i3HfQUeD0X1nldgK0tiOmbfDuKsPKl5FWtNJ8RW4
X3LDQrV4LqvEChvhgDaOJd4hj2+q9N1lGF5yBBb54Q/3UTBatVj9igrt6cY=
-----END CERTIFICATE-----
Generated at Fri May 9 08:36:14 2025 by rpki-client