Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/c9752aac-8490-485f-92b7-6a6ba02b76d5.roa
File:                     c9752aac-8490-485f-92b7-6a6ba02b76d5.roa (raw, json)
Hash identifier:          5o0az4LnZgS3BGj1rQmmC8ijZHMyOJiS8gr0Fg2gHyo=
Subject key identifier:   6A:5B:C1:C9:7D:55:2C:8F:A2:11:8E:30:8C:E9:C2:48:80:90:0C:39
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       0824A9529EC8CA976D29B3CA537519430C7396A1
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/c9752aac-8490-485f-92b7-6a6ba02b76d5.roa
Signing time:             Sat 16 May 2026 00:00:31 +0000
ROA not before:           Sat 16 May 2026 00:00:31 +0000
ROA not after:            Fri 14 Aug 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        199.127.232.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:24:a9:52:9e:c8:ca:97:6d:29:b3:ca:53:75:19:43:0c:73:96:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: May 16 00:00:31 2026 GMT
            Not After : Aug 14 23:59:59 2026 GMT
        Subject: serialNumber=1d7330430dcae648dc98396664ac5d78b5dea6d9063cfd308488434865ec5eba, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:5c:d0:c4:87:c3:fb:3c:1e:1e:bf:a7:32:52:
                    ed:b8:41:f0:9b:8f:d2:91:ef:65:2f:78:d4:16:59:
                    91:dc:a3:af:00:06:9e:be:37:fe:3f:42:82:c3:4a:
                    48:3c:d0:35:ea:6e:1e:32:8f:89:02:f1:d4:a4:27:
                    8b:3b:fe:50:e5:3b:15:8e:f3:ac:a2:9e:e2:73:4f:
                    c0:cd:7c:e4:5d:50:1a:2d:4f:35:95:a3:1a:f5:6c:
                    61:6e:fb:d2:78:0e:e9:6a:5f:e5:43:5a:07:82:9e:
                    3b:d9:f6:5a:92:ac:33:ee:94:d2:8f:c6:65:76:95:
                    28:e9:6e:50:4a:15:b2:78:f9:bf:3d:65:44:5a:e9:
                    d1:12:27:b1:8c:17:44:2b:11:97:43:79:1c:7e:df:
                    90:43:f2:cc:8d:30:03:fd:56:7a:6b:3a:18:0d:43:
                    ed:c1:56:2d:ad:86:d1:78:b5:3e:00:44:fd:1a:b1:
                    56:d4:42:82:73:d3:2f:2a:71:c8:c3:b1:2c:b7:c4:
                    d8:9a:17:0d:20:b6:38:21:aa:c3:70:ab:6d:a3:d6:
                    9c:35:73:7a:42:b1:12:32:9e:ea:85:ab:4d:bf:70:
                    27:9d:e6:9b:1b:42:18:46:8a:be:de:c9:6f:51:6a:
                    fd:17:5f:4c:29:2c:04:67:06:19:09:ff:f8:54:4e:
                    66:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:5B:C1:C9:7D:55:2C:8F:A2:11:8E:30:8C:E9:C2:48:80:90:0C:39
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/c9752aac-8490-485f-92b7-6a6ba02b76d5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.127.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         91:f5:30:69:c7:ed:de:b7:20:73:90:45:0a:b6:ee:ef:57:0e:
         92:5c:3d:41:53:4c:2b:90:26:a9:18:1e:0a:5d:4b:c7:ac:94:
         fe:ca:92:3e:56:ea:29:9e:c2:4d:40:f7:e3:3f:c6:9b:4b:50:
         79:9d:13:3f:98:14:41:aa:4b:05:4b:fb:95:70:c2:c0:16:b1:
         47:3b:2e:9e:27:57:bb:4c:76:c6:1a:d5:1a:48:b0:30:57:ab:
         7d:34:48:ea:24:f6:e9:f3:f4:fa:3e:9d:1b:4f:70:41:af:a0:
         6d:99:e2:f2:ba:da:81:44:67:9f:1a:e6:27:85:98:38:b3:7e:
         3d:a6:f7:30:e5:17:86:6f:93:92:ef:ae:61:21:5e:b2:1c:73:
         3e:b0:62:79:29:a3:40:e6:67:a4:d2:59:04:92:4f:6b:76:0f:
         18:45:2a:9e:88:19:b7:cf:2c:0b:09:c3:2a:73:ef:e1:38:67:
         73:24:1a:41:5d:02:42:88:2d:4d:57:a7:95:4b:69:a9:6a:df:
         32:28:38:27:62:70:9e:01:83:77:86:a3:5a:5a:54:a9:1a:9f:
         50:ac:be:2f:94:50:3c:0f:7f:4b:a5:70:f0:97:77:08:1d:0c:
         7f:67:05:5e:81:a7:2d:8c:38:c1:75:e1:47:8e:e6:2d:f3:4e:
         24:4f:ef:90
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCCSpUp7IypdtKbPKU3UZQwxzlqEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjYwNTE2MDAwMDMxWhcNMjYwODE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AxZDczMzA0MzBkY2FlNjQ4ZGM5ODM5NjY2NGFjNWQ3OGI1
ZGVhNmQ5MDYzY2ZkMzA4NDg4NDM0ODY1ZWM1ZWJhMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDMXNDEh8P7PB4ev6cyUu24QfCbj9KR72UveNQWWZHco68A
Bp6+N/4/QoLDSkg80DXqbh4yj4kC8dSkJ4s7/lDlOxWO86yinuJzT8DNfORdUBot
TzWVoxr1bGFu+9J4DulqX+VDWgeCnjvZ9lqSrDPulNKPxmV2lSjpblBKFbJ4+b89
ZURa6dESJ7GMF0QrEZdDeRx+35BD8syNMAP9VnprOhgNQ+3BVi2thtF4tT4ARP0a
sVbUQoJz0y8qccjDsSy3xNiaFw0gtjghqsNwq22j1pw1c3pCsRIynuqFq02/cCed
5psbQhhGir7eyW9Rav0XX0wpLARnBhkJ//hUTmY7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUalvByX1VLI+iEY4wjOnCSICQDDkwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkL2M5NzUyYWFjLTg0OTAtNDg1Zi05MmI3LTZhNmJhMDJiNzZkNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBALHf+gwDQYJKoZIhvcNAQELBQADggEBAJH1MGnH7d63IHOQRQq27u9XDpJc
PUFTTCuQJqkYHgpdS8eslP7Kkj5W6imewk1A9+M/xptLUHmdEz+YFEGqSwVL+5Vw
wsAWsUc7Lp4nV7tMdsYa1RpIsDBXq300SOok9unz9Po+nRtPcEGvoG2Z4vK62oFE
Z58a5ieFmDizfj2m9zDlF4Zvk5LvrmEhXrIccz6wYnkpo0DmZ6TSWQSST2t2DxhF
Kp6IGbfPLAsJwypz7+E4Z3MkGkFdAkKILU1Xp5VLaalq3zIoOCdicJ4Bg3eGo1pa
VKkan1Csvi+UUDwPf0ulcPCXdwgdDH9nBV6Bpy2MOMF14UeO5i3zTiRP75A=
-----END CERTIFICATE-----