Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/cff2aad7-f173-47b6-ad48-6f279ff321d1.roa
File:                     cff2aad7-f173-47b6-ad48-6f279ff321d1.roa (raw, json)
Hash identifier:          RgUFdZDHQdNzzKvk6xi6LgtJdLmRhDJzPXuzfoPkWl8=
Subject key identifier:   44:B7:16:24:B6:0A:3B:F3:9B:B2:3D:4B:0A:40:5C:DD:22:67:96:05
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       01656D836A5E96BD399C185901267A776E7C91BB
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/cff2aad7-f173-47b6-ad48-6f279ff321d1.roa
Signing time:             Sat 25 Jan 2025 00:00:00 +0000
ROA not before:           Sat 25 Jan 2025 00:00:00 +0000
ROA not after:            Sat 01 Mar 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        23.249.212.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:65:6d:83:6a:5e:96:bd:39:9c:18:59:01:26:7a:77:6e:7c:91:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Jan 25 00:00:00 2025 GMT
            Not After : Mar  1 23:59:59 2025 GMT
        Subject: CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:72:d1:ff:be:76:ac:31:82:a1:98:48:f0:ce:
                    fc:94:14:d8:39:c0:92:67:70:64:37:3a:63:1d:b0:
                    eb:ec:d8:9e:78:d9:34:81:88:67:f2:67:e2:9b:f6:
                    b5:10:9e:b1:bf:47:37:ea:f2:83:ae:2a:26:cf:db:
                    e9:4b:61:bc:53:ab:ee:8f:af:8a:0e:8b:d3:3d:ae:
                    f0:e2:18:14:3b:bc:bd:f9:14:73:e2:9e:c9:1a:02:
                    3a:00:e9:50:f0:73:c5:2d:5b:39:43:f1:29:2e:e3:
                    96:3d:5e:7e:1b:a3:08:fd:eb:1a:43:02:39:49:e3:
                    37:20:b6:b5:48:e4:a8:ae:27:52:0c:c9:1a:a7:eb:
                    2c:d3:12:6c:f3:cd:c1:84:99:83:bd:64:b3:5a:42:
                    77:fa:3c:66:60:10:cf:9a:d8:6b:6b:8e:4f:56:dd:
                    1b:a0:e3:25:21:e4:da:b2:c4:75:2d:08:1a:ce:b0:
                    04:4d:d7:a4:86:2a:40:d2:32:1e:e5:53:a2:c4:aa:
                    c7:3a:08:d9:11:74:c6:e1:ea:05:48:f6:38:65:73:
                    9e:15:c1:fd:00:ae:64:34:2d:24:36:7d:7d:5e:b3:
                    80:6a:da:d0:3c:97:12:6c:a6:7e:ef:6b:90:e3:c6:
                    a9:79:8e:d7:3d:be:eb:9b:7b:9e:df:e9:ba:8e:7d:
                    74:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:B7:16:24:B6:0A:3B:F3:9B:B2:3D:4B:0A:40:5C:DD:22:67:96:05
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/cff2aad7-f173-47b6-ad48-6f279ff321d1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.249.212.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:17:48:d4:38:35:e7:a9:ff:ce:27:62:fb:5f:49:79:13:d7:
         bf:60:75:8e:dc:85:9d:64:d1:41:56:39:03:d7:2e:5c:57:f2:
         b8:48:ed:05:c7:df:c2:9c:a9:4d:6f:cb:7f:2a:22:28:0c:98:
         c0:18:e2:77:17:a9:8b:d7:62:34:13:55:a9:40:6c:9a:b7:bd:
         9f:d5:90:06:41:29:e3:20:32:76:3a:45:4c:52:91:b1:e0:71:
         55:37:ff:a4:b7:47:dc:0d:bd:f8:ea:c9:46:88:73:6b:35:ae:
         f7:31:b6:16:e9:ad:c1:70:01:86:12:61:5a:a3:ed:16:3f:5e:
         d9:8e:7f:55:94:c5:fd:84:f7:4a:ed:f4:d2:dc:9e:82:ac:84:
         2e:12:2d:2f:47:b0:d3:68:d8:d0:14:b2:cd:bf:64:01:12:94:
         76:61:b3:fd:44:5e:4a:86:a9:92:aa:03:cf:d8:4e:6d:f5:81:
         12:94:02:24:32:46:c4:12:e7:bc:e3:e7:e0:da:49:cb:40:db:
         84:d4:5b:10:bb:ce:f5:89:67:e3:20:d9:db:e1:90:17:b1:7e:
         5d:89:fa:bc:2d:7f:6a:8f:45:aa:30:77:a8:e0:fe:14:f9:56:
         08:a4:c5:d3:8d:50:2d:3a:c5:73:f6:9c:2c:78:1d:c5:75:97:
         8a:f7:77:0e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAWVtg2pelr05nBhZASZ6d258kbswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUwMTI1MDAwMDAwWhcNMjUwMzAxMjM1OTU5
WjB6MUkwRwYDVQQFE0AxODQyYTk3OGJlYTJkZjNiYmExMmJlNDllNGM1MjcwMTY1
N2I5OGNjYTk0Y2I0OTVkNzdiYjA0MDAzODU0Y2M0MS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDRctH/vnasMYKhmEjwzvyUFNg5wJJncGQ3OmMdsOvs2J54
2TSBiGfyZ+Kb9rUQnrG/Rzfq8oOuKibP2+lLYbxTq+6Pr4oOi9M9rvDiGBQ7vL35
FHPinskaAjoA6VDwc8UtWzlD8Sku45Y9Xn4bowj96xpDAjlJ4zcgtrVI5KiuJ1IM
yRqn6yzTEmzzzcGEmYO9ZLNaQnf6PGZgEM+a2Gtrjk9W3Rug4yUh5NqyxHUtCBrO
sARN16SGKkDSMh7lU6LEqsc6CNkRdMbh6gVI9jhlc54Vwf0ArmQ0LSQ2fX1es4Bq
2tA8lxJspn7va5Djxql5jtc9vuube57f6bqOfXQtAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQURLcWJLYKO/Obsj1LCkBc3SJnlgUwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkL2NmZjJhYWQ3LWYxNzMtNDdiNi1hZDQ4LTZmMjc5ZmYzMjFkMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAX+dQwDQYJKoZIhvcNAQELBQADggEBAFkXSNQ4Neep/84nYvtfSXkT179g
dY7chZ1k0UFWOQPXLlxX8rhI7QXH38KcqU1vy38qIigMmMAY4ncXqYvXYjQTValA
bJq3vZ/VkAZBKeMgMnY6RUxSkbHgcVU3/6S3R9wNvfjqyUaIc2s1rvcxthbprcFw
AYYSYVqj7RY/XtmOf1WUxf2E90rt9NLcnoKshC4SLS9HsNNo2NAUss2/ZAESlHZh
s/1EXkqGqZKqA8/YTm31gRKUAiQyRsQS57zj5+DaSctA24TUWxC7zvWJZ+Mg2dvh
kBexfl2J+rwtf2qPRaowd6jg/hT5VgikxdONUC06xXP2nCx4HcV1l4r3dw4=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:15:09 2025 by rpki-client