Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/d5bcdba4-b39f-49d7-81da-145442d6f180.roa
File:                     d5bcdba4-b39f-49d7-81da-145442d6f180.roa (raw, json)
Hash identifier:          q6bnjp0koBd0Ba5DvTYKosJYTpZwMZQQfy1fve8L6X8=
Subject key identifier:   E5:E5:CC:AA:55:3F:83:1C:FE:66:56:7C:24:23:CE:91:38:63:39:0F
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       50E64D89E18C21274D502CA932CC519E1434C2A0
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/d5bcdba4-b39f-49d7-81da-145442d6f180.roa
Signing time:             Wed 29 Oct 2025 00:20:22 +0000
ROA not before:           Wed 29 Oct 2025 00:20:22 +0000
ROA not after:            Wed 03 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        76.223.177.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 06 Nov 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:e6:4d:89:e1:8c:21:27:4d:50:2c:a9:32:cc:51:9e:14:34:c2:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Oct 29 00:20:22 2025 GMT
            Not After : Dec  3 23:59:59 2025 GMT
        Subject: serialNumber=6cd80fd2ec0155a1a54e437fd9918701beb93e53406b4053d7dc64e4bf8fa0a0, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:61:cc:f3:08:f5:fb:77:7e:cc:41:23:a9:22:
                    73:e9:79:22:7e:11:e8:7c:c9:29:0e:1d:7c:d4:cd:
                    5b:11:a8:5d:ca:e7:a0:4b:40:ea:71:2e:a6:8a:f1:
                    d3:d5:2f:a3:e1:c2:01:d3:47:3b:d1:8e:e1:d1:c2:
                    ec:8f:3f:ab:0d:4b:e3:b8:4e:d6:c1:24:07:39:01:
                    66:1a:b8:6a:f0:39:b5:bf:ca:d0:21:87:15:64:46:
                    1b:99:22:99:20:aa:b3:fa:d9:6d:73:5b:46:87:48:
                    e8:6b:d9:58:a8:0d:f9:e2:2f:81:07:16:ca:5d:ee:
                    5f:75:6a:c5:cf:aa:2e:b7:4e:4e:ba:96:81:77:ae:
                    7d:25:20:cd:9a:3b:16:78:a2:56:de:f6:d9:d6:07:
                    e3:09:63:f4:00:83:f3:13:f9:71:6b:0f:85:20:0f:
                    15:3e:18:75:5d:f8:06:b6:25:e2:ed:ec:8d:7d:9b:
                    6c:17:9b:b4:b9:ae:25:32:46:64:51:a1:e3:2e:c9:
                    fc:a6:1a:fd:86:1d:b3:a7:c2:98:ca:dd:21:c1:0f:
                    fe:93:46:14:3b:9c:e9:cf:eb:df:82:88:5c:8c:f1:
                    b0:da:54:ab:fe:99:51:39:da:4e:83:79:95:ae:2f:
                    61:75:6e:9a:5b:9c:51:19:f2:0b:c8:e6:ba:67:65:
                    0e:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:E5:CC:AA:55:3F:83:1C:FE:66:56:7C:24:23:CE:91:38:63:39:0F
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/d5bcdba4-b39f-49d7-81da-145442d6f180.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  76.223.177.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:a7:82:17:84:da:c3:a2:ad:3c:30:bc:36:44:00:cd:fd:ce:
         f7:e2:3a:a6:21:2f:25:4e:ec:3d:cb:9d:f7:ac:c1:71:2b:4c:
         27:0c:18:65:5b:96:1a:0b:d1:53:14:23:9e:95:07:36:88:5b:
         68:3f:15:f0:59:6b:cc:59:2d:39:f6:7f:7a:21:1c:4b:58:00:
         27:ee:d9:f7:ed:3f:a7:06:86:08:39:02:2d:12:2f:fe:1f:3d:
         93:8c:dd:d8:cf:8f:19:a1:11:67:15:12:47:05:fe:9b:2c:3c:
         cf:15:35:f6:30:51:09:95:05:4d:d5:41:03:53:05:26:56:9d:
         4e:94:7a:39:b6:85:a0:e3:5d:c4:b9:9d:96:5b:d1:0d:8c:5d:
         4e:c2:36:36:e1:44:83:96:0a:eb:56:d7:7b:fc:d4:b2:44:6e:
         e1:7a:e8:03:c0:34:11:c8:c9:24:dd:2b:c8:60:d8:6d:fb:93:
         49:58:4e:94:eb:61:1f:17:65:40:26:1b:37:45:5c:ab:60:6c:
         21:30:22:33:da:71:53:4e:f6:20:08:9f:64:e7:bf:45:f4:d9:
         3a:26:09:19:4c:0d:95:d5:ad:f8:2c:a6:40:e3:ec:6d:4e:5d:
         8e:8b:c8:a3:2b:20:73:84:dc:7e:99:31:ec:b1:fe:cf:05:b1:
         d9:f8:51:c1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUOZNieGMISdNUCypMsxRnhQ0wqAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUxMDI5MDAyMDIyWhcNMjUxMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0A2Y2Q4MGZkMmVjMDE1NWExYTU0ZTQzN2ZkOTkxODcwMWJl
YjkzZTUzNDA2YjQwNTNkN2RjNjRlNGJmOGZhMGEwMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDEYczzCPX7d37MQSOpInPpeSJ+Eeh8ySkOHXzUzVsRqF3K
56BLQOpxLqaK8dPVL6PhwgHTRzvRjuHRwuyPP6sNS+O4TtbBJAc5AWYauGrwObW/
ytAhhxVkRhuZIpkgqrP62W1zW0aHSOhr2VioDfniL4EHFspd7l91asXPqi63Tk66
loF3rn0lIM2aOxZ4olbe9tnWB+MJY/QAg/MT+XFrD4UgDxU+GHVd+Aa2JeLt7I19
m2wXm7S5riUyRmRRoeMuyfymGv2GHbOnwpjK3SHBD/6TRhQ7nOnP69+CiFyM8bDa
VKv+mVE52k6DeZWuL2F1bppbnFEZ8gvI5rpnZQ6/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU5eXMqlU/gxz+ZlZ8JCPOkThjOQ8wHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkL2Q1YmNkYmE0LWIzOWYtNDlkNy04MWRhLTE0NTQ0MmQ2ZjE4MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABM37EwDQYJKoZIhvcNAQELBQADggEBAHengheE2sOirTwwvDZEAM39zvfi
OqYhLyVO7D3LnfeswXErTCcMGGVblhoL0VMUI56VBzaIW2g/FfBZa8xZLTn2f3oh
HEtYACfu2fftP6cGhgg5Ai0SL/4fPZOM3djPjxmhEWcVEkcF/pssPM8VNfYwUQmV
BU3VQQNTBSZWnU6Uejm2haDjXcS5nZZb0Q2MXU7CNjbhRIOWCutW13v81LJEbuF6
6APANBHIySTdK8hg2G37k0lYTpTrYR8XZUAmGzdFXKtgbCEwIjPacVNO9iAIn2Tn
v0X02TomCRlMDZXVrfgspkDj7G1OXY6LyKMrIHOE3H6ZMeyx/s8Fsdn4UcE=
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:42:16 2025 by rpki-client