Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/df197ecf-bb9a-42ae-a19a-a4168fe6a3a2.roa
File:                     df197ecf-bb9a-42ae-a19a-a4168fe6a3a2.roa (raw, json)
Hash identifier:          a63G9NXn+/Pes9gT1LOrFJrySuAR81AB6mU7HLmTjxA=
Subject key identifier:   E5:BF:66:FB:76:F6:4C:1F:47:A1:8D:30:01:B1:87:13:77:88:9D:31
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       071F2EC32812B325425C1687612007FED34C78AF
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/df197ecf-bb9a-42ae-a19a-a4168fe6a3a2.roa
Signing time:             Tue 06 May 2025 00:00:48 +0000
ROA not before:           Tue 06 May 2025 00:00:48 +0000
ROA not after:            Tue 10 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        23.251.232.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 10 May 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:1f:2e:c3:28:12:b3:25:42:5c:16:87:61:20:07:fe:d3:4c:78:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: May  6 00:00:48 2025 GMT
            Not After : Jun 10 23:59:59 2025 GMT
        Subject: serialNumber=8cc7ed9aca17985c8f9e19151ec8be64deda83d6a2c85519e51ba79054433d7a, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:d9:82:62:e0:b0:93:20:5d:6a:57:5e:dd:a4:
                    6c:c7:61:25:1a:ed:b7:b5:7f:91:01:2d:a3:83:e3:
                    49:82:08:63:86:1c:24:1c:c8:57:70:26:f6:bc:93:
                    ef:26:52:b4:7e:2d:8e:76:00:f4:01:c5:5b:37:10:
                    1c:9f:0d:28:b6:66:ca:fa:0d:6d:77:3f:b8:54:7a:
                    3b:1a:60:1c:f2:bc:61:7e:23:9a:58:70:b1:bb:f3:
                    c0:0a:bf:76:31:88:25:d1:e1:84:0d:9b:84:03:3c:
                    74:9a:9f:a8:23:bf:ed:ec:82:d7:17:e0:eb:ba:ad:
                    06:4a:a4:23:05:97:53:fc:77:a1:25:11:a1:91:61:
                    68:35:97:93:7e:d7:14:c1:6b:25:89:44:e6:e3:02:
                    79:24:c7:a9:4f:95:b0:c0:fe:99:23:32:bf:38:e8:
                    6d:29:53:6e:64:2f:44:aa:dc:84:14:43:20:c0:50:
                    ad:8c:0d:b3:d9:5d:4c:11:f6:8d:36:49:96:f7:08:
                    ab:46:e4:33:79:65:94:ae:2d:4a:62:04:2d:b1:13:
                    34:83:a7:50:7b:3d:a1:c1:1b:62:3e:e3:ae:22:d4:
                    c6:35:e8:32:d6:4c:e0:ef:75:77:f4:87:94:72:08:
                    bf:c6:83:2d:1c:ee:49:c9:d2:2e:6e:ca:17:b7:24:
                    6d:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:BF:66:FB:76:F6:4C:1F:47:A1:8D:30:01:B1:87:13:77:88:9D:31
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/df197ecf-bb9a-42ae-a19a-a4168fe6a3a2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.251.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:49:d1:b7:55:5e:ec:fe:5f:12:bf:23:9a:a6:02:e5:42:dc:
         40:8e:a2:d1:38:9c:26:0b:04:a1:41:5a:44:6a:4d:84:57:b0:
         e1:77:13:20:64:6e:3b:f9:eb:35:c1:18:07:51:6c:a2:6f:de:
         84:d6:dc:6b:96:83:80:b5:fd:66:c3:1f:67:de:ae:8a:fa:0e:
         b7:9c:d9:c2:f9:9f:60:93:c9:4f:14:96:f4:57:ba:20:a6:9e:
         a8:b5:d9:bd:9c:29:f7:21:95:98:bc:4d:64:0b:ad:5f:88:3f:
         ea:c8:05:df:e6:8c:2b:6e:63:c2:c9:be:46:9b:c3:d9:9d:ec:
         df:1d:86:10:b4:43:da:1c:b8:fb:db:02:d4:f2:1d:70:86:32:
         d3:6f:6e:28:94:56:79:9b:38:ec:74:e7:3e:f3:35:c5:b3:ad:
         fb:03:47:ef:11:7b:87:70:21:5b:40:e3:83:fc:0f:70:08:5f:
         72:2a:f3:62:97:f1:17:e3:6b:92:2f:10:04:68:7a:af:63:c3:
         8d:ce:5f:29:cc:31:83:bb:e3:ee:fc:75:73:d6:7e:79:5f:ff:
         fb:a5:7d:04:c3:02:c2:9a:b8:d3:2a:f9:84:aa:94:8a:1e:f8:
         fa:22:d2:af:ce:ee:10:c0:df:eb:1d:39:7a:18:89:8b:34:a6:
         da:b3:89:c9
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBx8uwygSsyVCXBaHYSAH/tNMeK8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUwNTA2MDAwMDQ4WhcNMjUwNjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A4Y2M3ZWQ5YWNhMTc5ODVjOGY5ZTE5MTUxZWM4YmU2NGRl
ZGE4M2Q2YTJjODU1MTllNTFiYTc5MDU0NDMzZDdhMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCU2YJi4LCTIF1qV17dpGzHYSUa7be1f5EBLaOD40mCCGOG
HCQcyFdwJva8k+8mUrR+LY52APQBxVs3EByfDSi2Zsr6DW13P7hUejsaYBzyvGF+
I5pYcLG788AKv3YxiCXR4YQNm4QDPHSan6gjv+3sgtcX4Ou6rQZKpCMFl1P8d6El
EaGRYWg1l5N+1xTBayWJRObjAnkkx6lPlbDA/pkjMr846G0pU25kL0Sq3IQUQyDA
UK2MDbPZXUwR9o02SZb3CKtG5DN5ZZSuLUpiBC2xEzSDp1B7PaHBG2I+464i1MY1
6DLWTODvdXf0h5RyCL/Ggy0c7knJ0i5uyhe3JG23AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU5b9m+3b2TB9HoY0wAbGHE3eInTEwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkL2RmMTk3ZWNmLWJiOWEtNDJhZS1hMTlhLWE0MTY4ZmU2YTNhMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAX++gwDQYJKoZIhvcNAQELBQADggEBACtJ0bdVXuz+XxK/I5qmAuVC3ECO
otE4nCYLBKFBWkRqTYRXsOF3EyBkbjv56zXBGAdRbKJv3oTW3GuWg4C1/WbDH2fe
ror6Drec2cL5n2CTyU8UlvRXuiCmnqi12b2cKfchlZi8TWQLrV+IP+rIBd/mjCtu
Y8LJvkabw9md7N8dhhC0Q9ocuPvbAtTyHXCGMtNvbiiUVnmbOOx05z7zNcWzrfsD
R+8Re4dwIVtA44P8D3AIX3Iq82KX8Rfja5IvEARoeq9jw43OXynMMYO74+78dXPW
fnlf//ulfQTDAsKauNMq+YSqlIoe+Poi0q/O7hDA3+sdOXoYiYs0ptqzick=
-----END CERTIFICATE-----
Generated at Fri May 9 08:03:32 2025 by rpki-client