Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/8f549665-8398-44a1-8d57-5658d76e1c61.roa
File:                     8f549665-8398-44a1-8d57-5658d76e1c61.roa (raw, json)
Hash identifier:          z359g4c8OvDhYC31F8LXB8SmTagpmvZ54p1J+S2JjO4=
Subject key identifier:   88:62:A9:1F:87:C7:19:22:4B:DE:18:21:76:FF:DF:59:A3:13:2D:B1
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       7BDF230858E7359867F3FD5F472FEC4DAC35B6FB
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/8f549665-8398-44a1-8d57-5658d76e1c61.roa
Signing time:             Fri 17 Oct 2025 00:10:05 +0000
ROA not before:           Fri 17 Oct 2025 00:10:05 +0000
ROA not after:            Fri 21 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        69.169.234.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 22 Oct 2025 15:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:df:23:08:58:e7:35:98:67:f3:fd:5f:47:2f:ec:4d:ac:35:b6:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Oct 17 00:10:05 2025 GMT
            Not After : Nov 21 23:59:59 2025 GMT
        Subject: serialNumber=c1031cd7156719f4a79a39d983361115551be7bc1d8eb048d1d7990329c5437a, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:ec:77:c3:08:44:e2:c4:88:61:44:9b:ed:76:
                    66:b4:8b:c4:c8:c7:75:9f:5e:67:a7:bc:96:12:32:
                    53:69:55:1f:cf:da:29:33:b6:d9:55:95:71:9c:6c:
                    e4:12:d9:db:84:1b:ac:7d:45:11:3f:21:4b:28:02:
                    dd:3d:47:c2:b9:7f:2b:2a:93:6e:cd:48:33:63:49:
                    04:58:86:5c:83:fc:ee:ea:6e:cf:d8:e7:39:22:98:
                    58:c4:11:fc:86:e4:85:70:25:02:c5:43:7f:02:57:
                    48:fe:f9:f1:3d:81:b9:f3:ed:03:89:48:46:57:30:
                    44:50:ef:6e:85:27:47:0a:7f:50:39:82:03:46:f9:
                    6d:44:8c:ec:1e:ee:5a:18:d9:e5:ae:08:7a:1d:aa:
                    de:d9:38:76:13:50:ba:c1:51:f5:bd:4b:5a:ec:83:
                    07:60:0e:e2:aa:b9:1b:9b:11:9e:7f:5d:8e:ac:b8:
                    36:59:9d:52:37:58:59:05:07:8a:b5:2f:0e:38:3e:
                    dc:37:47:ef:eb:3f:e7:90:85:88:8f:86:d8:83:09:
                    9f:2f:03:92:98:b3:79:5b:41:16:e4:63:11:e9:bd:
                    0a:90:01:8c:c9:2a:87:10:f2:7b:63:b9:4a:b5:fc:
                    a8:31:8e:c1:8d:98:d3:6c:f4:7d:9d:5b:21:e8:01:
                    58:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:62:A9:1F:87:C7:19:22:4B:DE:18:21:76:FF:DF:59:A3:13:2D:B1
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/8f549665-8398-44a1-8d57-5658d76e1c61.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  69.169.234.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:bb:dc:1c:65:21:de:32:d5:e8:e8:dc:69:f1:15:c5:ab:fc:
         48:ce:59:a6:a1:88:ba:eb:9f:0e:38:2a:9c:e1:d5:51:e4:0c:
         08:10:59:7d:41:6d:52:1a:b9:c0:16:00:e6:6f:21:15:a6:40:
         9f:d1:9a:7e:68:16:6b:ef:e3:c8:3f:fd:ce:9b:98:02:b3:17:
         09:86:f6:67:79:50:79:25:82:f5:41:b4:ee:5f:1e:7b:75:78:
         7c:d0:16:c7:3d:03:43:eb:b7:8e:7a:8b:5c:33:08:f7:73:aa:
         18:7f:21:3a:cf:96:15:68:e3:23:67:56:46:75:73:d1:ec:eb:
         ff:f3:cf:7b:41:e7:c7:8c:ec:a0:f6:30:d1:ef:65:2a:de:ed:
         a3:a0:c3:a8:2f:d9:c0:98:8c:20:55:5a:84:91:9e:29:2d:e5:
         2e:49:9e:ed:22:d0:5a:2d:c5:d8:35:d9:db:52:7d:cf:fc:aa:
         bb:26:3c:ff:05:a3:47:f1:4e:54:77:6b:37:ba:2e:eb:e4:dc:
         d0:ac:8b:b2:45:d4:10:92:9a:37:fb:09:c5:78:c6:26:0b:d2:
         ef:9f:7e:ee:40:6b:bf:d1:9e:fb:00:0d:63:f6:8e:d7:ff:0e:
         52:88:93:f8:a0:3f:77:48:c3:33:d4:e7:63:9e:97:99:9b:07:
         ad:dd:67:29
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUe98jCFjnNZhn8/1fRy/sTaw1tvswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUxMDE3MDAxMDA1WhcNMjUxMTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0BjMTAzMWNkNzE1NjcxOWY0YTc5YTM5ZDk4MzM2MTExNTU1
MWJlN2JjMWQ4ZWIwNDhkMWQ3OTkwMzI5YzU0MzdhMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDO7HfDCETixIhhRJvtdma0i8TIx3WfXmenvJYSMlNpVR/P
2ikzttlVlXGcbOQS2duEG6x9RRE/IUsoAt09R8K5fysqk27NSDNjSQRYhlyD/O7q
bs/Y5zkimFjEEfyG5IVwJQLFQ38CV0j++fE9gbnz7QOJSEZXMERQ726FJ0cKf1A5
ggNG+W1EjOwe7loY2eWuCHodqt7ZOHYTULrBUfW9S1rsgwdgDuKquRubEZ5/XY6s
uDZZnVI3WFkFB4q1Lw44Ptw3R+/rP+eQhYiPhtiDCZ8vA5KYs3lbQRbkYxHpvQqQ
AYzJKocQ8ntjuUq1/KgxjsGNmNNs9H2dWyHoAVhTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUiGKpH4fHGSJL3hghdv/fWaMTLbEwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkLzhmNTQ5NjY1LTgzOTgtNDRhMS04ZDU3LTU2NThkNzZlMWM2MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABFqeowDQYJKoZIhvcNAQELBQADggEBABy73BxlId4y1ejo3GnxFcWr/EjO
WaahiLrrnw44Kpzh1VHkDAgQWX1BbVIaucAWAOZvIRWmQJ/Rmn5oFmvv48g//c6b
mAKzFwmG9md5UHklgvVBtO5fHnt1eHzQFsc9A0Prt456i1wzCPdzqhh/ITrPlhVo
4yNnVkZ1c9Hs6//zz3tB58eM7KD2MNHvZSre7aOgw6gv2cCYjCBVWoSRnikt5S5J
nu0i0Fotxdg12dtSfc/8qrsmPP8Fo0fxTlR3aze6Luvk3NCsi7JF1BCSmjf7CcV4
xiYL0u+ffu5Aa7/RnvsADWP2jtf/DlKIk/igP3dIwzPU52Oel5mbB63dZyk=
-----END CERTIFICATE-----
Generated at Mon Oct 20 17:00:15 2025 by rpki-client