Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/5d34f797-6d16-498a-b66d-8c7d0fcac77f.roa
File:                     5d34f797-6d16-498a-b66d-8c7d0fcac77f.roa (raw, json)
Hash identifier:          wUDmhSP/Ret5HmUagydmhHn7lBmEkck2v9ko/yDLr94=
Subject key identifier:   E7:93:D8:1A:D0:5B:1E:08:24:D5:3C:24:56:F0:46:21:21:AE:10:89
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       327657B67E8C917AADFD974479C8DC806AC51E23
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/5d34f797-6d16-498a-b66d-8c7d0fcac77f.roa
Signing time:             Mon 21 Jul 2025 15:21:09 +0000
ROA not before:           Mon 21 Jul 2025 15:21:09 +0000
ROA not after:            Mon 25 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        23.251.233.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 15:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:76:57:b6:7e:8c:91:7a:ad:fd:97:44:79:c8:dc:80:6a:c5:1e:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Jul 21 15:21:09 2025 GMT
            Not After : Aug 25 23:59:59 2025 GMT
        Subject: serialNumber=5d96ed3b20fcfdb1900fedfb8de42a95b36690a9e96eb157b4e7ab89768f88b5, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:f7:de:3f:02:33:5e:9c:43:80:41:9d:92:06:
                    f7:bc:1e:d1:d4:fb:45:d3:bc:78:22:02:6f:0c:b7:
                    40:71:93:25:f5:d8:1a:c1:13:b4:e8:42:18:e7:f8:
                    9e:a5:ad:dd:2c:3f:d5:e9:9a:97:6e:6c:3a:82:b3:
                    a9:f5:16:42:d3:3e:24:e4:59:29:87:8c:e5:b5:98:
                    5d:81:2b:bb:20:3f:74:5c:3f:0a:f4:7d:b5:81:57:
                    10:17:3d:fe:d8:54:c6:a6:06:73:a1:ed:df:dd:e8:
                    ef:fb:1c:96:75:d1:32:3e:db:0c:e4:2f:84:77:25:
                    30:b1:78:b9:8d:ce:29:1c:f2:6b:05:61:f1:35:c2:
                    c0:76:04:05:a1:fe:9b:03:d9:1d:41:99:23:ba:89:
                    de:83:fd:07:9f:31:31:12:18:22:5d:73:28:95:ab:
                    69:19:f7:97:ac:ee:79:91:62:65:39:09:8f:ae:23:
                    be:80:a9:d8:01:d7:62:36:9e:a6:66:27:f0:d5:f8:
                    05:9e:57:88:ed:a9:e8:a1:30:f1:c3:95:ac:b0:5d:
                    d0:63:e0:45:8a:2b:16:b7:73:65:d3:b8:34:35:07:
                    07:9b:da:60:0c:f3:b9:b3:bc:93:21:15:4b:92:65:
                    ba:d9:d2:74:84:bf:20:5f:4b:83:3f:ae:64:b4:a9:
                    7e:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:93:D8:1A:D0:5B:1E:08:24:D5:3C:24:56:F0:46:21:21:AE:10:89
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/5d34f797-6d16-498a-b66d-8c7d0fcac77f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.251.233.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:4e:8e:f4:a8:32:bb:de:19:67:5a:12:a2:3a:34:f6:45:d3:
         67:93:1a:32:e0:ee:6c:ca:55:2e:b8:82:c2:f3:66:3c:be:75:
         c5:69:e5:ae:57:4e:d0:bc:0d:17:23:97:5b:60:7a:cf:96:83:
         d8:fd:db:7a:03:93:ca:43:c0:fa:ea:8f:5a:b8:3a:ee:15:63:
         bf:47:c6:60:9d:03:4a:a2:16:2e:5d:28:e6:14:45:70:8c:10:
         07:86:9f:bf:91:c0:e2:5c:af:12:f6:c0:1b:0f:11:65:18:03:
         29:74:3d:64:7b:15:3a:ff:e9:38:08:5f:3a:9c:5e:4d:3a:8e:
         04:6c:b9:2f:aa:0c:d8:70:de:15:81:cb:f9:04:b3:1a:e9:dc:
         88:b2:a7:b1:c6:dd:ed:fe:3b:f1:3d:27:d4:d4:84:9e:cc:56:
         36:6a:d2:25:b9:a0:85:c7:87:3a:72:41:6f:20:bc:3e:f1:0c:
         03:2e:4f:14:41:18:6a:7c:2b:f0:24:12:3d:62:12:ad:9d:52:
         72:66:fd:36:7d:bc:0b:ee:b5:f5:f2:d9:e9:3b:bc:0d:6f:c6:
         2e:6b:94:09:05:57:fe:59:81:83:a2:15:88:78:03:90:0a:fc:
         52:d9:7b:1a:b4:51:d4:eb:82:69:47:ad:9c:60:fb:72:6b:ed:
         06:2d:d9:0b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMnZXtn6MkXqt/ZdEecjcgGrFHiMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUwNzIxMTUyMTA5WhcNMjUwODI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A1ZDk2ZWQzYjIwZmNmZGIxOTAwZmVkZmI4ZGU0MmE5NWIz
NjY5MGE5ZTk2ZWIxNTdiNGU3YWI4OTc2OGY4OGI1MS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCu994/AjNenEOAQZ2SBve8HtHU+0XTvHgiAm8Mt0BxkyX1
2BrBE7ToQhjn+J6lrd0sP9XpmpdubDqCs6n1FkLTPiTkWSmHjOW1mF2BK7sgP3Rc
Pwr0fbWBVxAXPf7YVMamBnOh7d/d6O/7HJZ10TI+2wzkL4R3JTCxeLmNzikc8msF
YfE1wsB2BAWh/psD2R1BmSO6id6D/QefMTESGCJdcyiVq2kZ95es7nmRYmU5CY+u
I76AqdgB12I2nqZmJ/DV+AWeV4jtqeihMPHDlaywXdBj4EWKKxa3c2XTuDQ1Bweb
2mAM87mzvJMhFUuSZbrZ0nSEvyBfS4M/rmS0qX5VAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU55PYGtBbHggk1TwkVvBGISGuEIkwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkLzVkMzRmNzk3LTZkMTYtNDk4YS1iNjZkLThjN2QwZmNhYzc3Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAX++kwDQYJKoZIhvcNAQELBQADggEBAB9OjvSoMrveGWdaEqI6NPZF02eT
GjLg7mzKVS64gsLzZjy+dcVp5a5XTtC8DRcjl1tges+Wg9j923oDk8pDwPrqj1q4
Ou4VY79HxmCdA0qiFi5dKOYURXCMEAeGn7+RwOJcrxL2wBsPEWUYAyl0PWR7FTr/
6TgIXzqcXk06jgRsuS+qDNhw3hWBy/kEsxrp3Iiyp7HG3e3+O/E9J9TUhJ7MVjZq
0iW5oIXHhzpyQW8gvD7xDAMuTxRBGGp8K/AkEj1iEq2dUnJm/TZ9vAvutfXy2ek7
vA1vxi5rlAkFV/5ZgYOiFYh4A5AK/FLZexq0UdTrgmlHrZxg+3Jr7QYt2Qs=
-----END CERTIFICATE-----
Generated at Wed Aug 6 05:18:29 2025 by rpki-client