Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/5b719c48-5ad8-440e-87e5-abf7ba604b9c.roa
File:                     5b719c48-5ad8-440e-87e5-abf7ba604b9c.roa (raw, json)
Hash identifier:          MRqPdi67GXN1o51MA73bzEbsZx44kS2c7FYmCXTGVXY=
Subject key identifier:   B2:20:3A:09:CD:6A:63:AE:7A:BA:1C:44:A0:54:06:82:22:F1:7C:D0
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       400AFF5EE1B59B1A6468C9CBCC29BAC0216409E7
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/5b719c48-5ad8-440e-87e5-abf7ba604b9c.roa
Signing time:             Mon 04 Aug 2025 15:10:04 +0000
ROA not before:           Mon 04 Aug 2025 15:10:04 +0000
ROA not after:            Mon 08 Sep 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        199.255.192.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:0a:ff:5e:e1:b5:9b:1a:64:68:c9:cb:cc:29:ba:c0:21:64:09:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Aug  4 15:10:04 2025 GMT
            Not After : Sep  8 23:59:59 2025 GMT
        Subject: serialNumber=63aa509d73988280f8eb96807f7b040339ce9d6fd794ae92960f82c82a6e02c4, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:f8:62:5c:fa:c5:74:6e:cd:0d:8d:09:80:1a:
                    f3:9d:3c:dc:92:fd:28:f4:c9:11:3d:36:8d:13:54:
                    c9:2a:d2:c6:e3:8b:7e:a4:1f:0e:06:7e:18:b8:b2:
                    f8:1a:bd:4c:cf:dd:73:72:fc:bc:1d:8c:67:29:32:
                    11:72:ef:61:77:d8:36:06:3f:c4:16:00:51:4e:03:
                    39:6f:7a:89:6f:fc:86:5b:b7:02:8b:3c:b0:39:87:
                    15:06:79:78:d8:31:39:7d:f6:22:99:d9:77:e3:75:
                    71:3f:09:05:94:fe:7f:c3:4a:d2:71:85:57:cf:a9:
                    f7:f2:58:66:08:7a:f0:17:68:19:96:d3:64:04:71:
                    29:3b:12:b7:0c:30:f1:fa:c4:15:56:83:d1:c9:76:
                    18:8d:59:9e:ac:9a:e4:41:f1:7d:f5:a4:24:e4:3d:
                    38:53:57:7b:a1:a4:8e:fd:fa:cb:eb:b7:43:22:fd:
                    58:70:18:a1:35:68:15:c1:48:a4:c9:b9:09:27:ca:
                    da:af:a9:1b:f8:88:60:4f:40:41:8f:2c:d9:3f:2b:
                    d9:89:fc:b4:7e:57:11:65:6e:84:10:23:e0:21:2f:
                    3b:33:68:84:b1:58:56:22:5c:36:99:45:3d:c6:10:
                    27:8d:bb:22:fa:f3:dc:e4:e6:4b:3e:ef:1f:5a:76:
                    5b:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:20:3A:09:CD:6A:63:AE:7A:BA:1C:44:A0:54:06:82:22:F1:7C:D0
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/5b719c48-5ad8-440e-87e5-abf7ba604b9c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.255.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1a:ca:06:4e:1e:a2:3d:60:13:02:68:80:85:06:74:aa:be:40:
         c6:1e:e0:fc:16:27:08:96:8a:a0:2d:43:d4:58:20:c0:28:cb:
         82:b7:51:15:3d:31:c4:c0:d5:10:7f:d4:2f:3d:f4:b1:36:da:
         a4:d7:f0:74:c8:9f:8e:10:34:37:31:ce:6a:bc:8f:53:8b:36:
         b3:16:3b:3b:e4:19:e3:86:53:6e:fc:2d:1e:21:99:81:91:54:
         0c:09:36:d3:b5:3d:e2:1e:3f:43:50:fe:d0:f6:39:b2:9a:65:
         c0:7f:39:0c:80:a7:eb:13:d1:24:8b:b2:05:fb:99:51:f4:5b:
         01:86:9d:28:8f:78:8f:00:ea:da:73:91:6e:68:54:e1:a1:00:
         35:fc:a7:7e:64:45:f8:24:36:12:a7:77:66:8a:7a:e1:6f:4f:
         22:f5:4e:d2:92:90:a5:f3:23:18:ac:4a:39:a4:79:be:ef:6a:
         bc:e7:b3:38:38:51:59:22:25:e6:9b:7d:40:25:2b:d8:7d:5a:
         40:4c:7a:93:b5:9a:79:85:26:69:24:35:d1:4e:8e:ec:85:82:
         fa:57:2c:3c:f7:5f:a7:3e:c4:c0:d4:43:d3:f5:cf:37:ce:c6:
         ad:d9:8c:bc:bd:52:89:0f:a2:dc:58:b0:f5:96:e8:6d:25:10:
         74:2f:81:42
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQAr/XuG1mxpkaMnLzCm6wCFkCecwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUwODA0MTUxMDA0WhcNMjUwOTA4MjM1OTU5
WjB6MUkwRwYDVQQFE0A2M2FhNTA5ZDczOTg4MjgwZjhlYjk2ODA3ZjdiMDQwMzM5
Y2U5ZDZmZDc5NGFlOTI5NjBmODJjODJhNmUwMmM0MS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/+GJc+sV0bs0NjQmAGvOdPNyS/Sj0yRE9No0TVMkq0sbj
i36kHw4Gfhi4svgavUzP3XNy/LwdjGcpMhFy72F32DYGP8QWAFFOAzlveolv/IZb
twKLPLA5hxUGeXjYMTl99iKZ2XfjdXE/CQWU/n/DStJxhVfPqffyWGYIevAXaBmW
02QEcSk7ErcMMPH6xBVWg9HJdhiNWZ6smuRB8X31pCTkPThTV3uhpI79+svrt0Mi
/VhwGKE1aBXBSKTJuQknytqvqRv4iGBPQEGPLNk/K9mJ/LR+VxFlboQQI+AhLzsz
aISxWFYiXDaZRT3GECeNuyL689zk5ks+7x9adltPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUsiA6Cc1qY656uhxEoFQGgiLxfNAwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkLzViNzE5YzQ4LTVhZDgtNDQwZS04N2U1LWFiZjdiYTYwNGI5Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBALH/8AwDQYJKoZIhvcNAQELBQADggEBABrKBk4eoj1gEwJogIUGdKq+QMYe
4PwWJwiWiqAtQ9RYIMAoy4K3URU9McTA1RB/1C899LE22qTX8HTIn44QNDcxzmq8
j1OLNrMWOzvkGeOGU278LR4hmYGRVAwJNtO1PeIeP0NQ/tD2ObKaZcB/OQyAp+sT
0SSLsgX7mVH0WwGGnSiPeI8A6tpzkW5oVOGhADX8p35kRfgkNhKnd2aKeuFvTyL1
TtKSkKXzIxisSjmkeb7varznszg4UVkiJeabfUAlK9h9WkBMepO1mnmFJmkkNdFO
juyFgvpXLDz3X6c+xMDUQ9P1zzfOxq3ZjLy9UokPotxYsPWW6G0lEHQvgUI=
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:09:52 2025 by rpki-client