Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/b5e0d86e-0f74-41d8-a413-497ad79e414d.roa
File:                     b5e0d86e-0f74-41d8-a413-497ad79e414d.roa (raw, json)
Hash identifier:          c31UFwJNY7LpVURoEROrPjyi/8bYw0e8m1aMNKSIGDY=
Subject key identifier:   46:A5:9B:A6:D4:CA:92:65:BA:64:37:30:9D:F2:E2:EC:B4:38:19:29
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       732398E80370378449F1DC5B41C57119FCC5F546
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/b5e0d86e-0f74-41d8-a413-497ad79e414d.roa
Signing time:             Fri 03 Oct 2025 00:00:14 +0000
ROA not before:           Fri 03 Oct 2025 00:00:14 +0000
ROA not after:            Fri 07 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        216.221.160.0/19 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 22 Oct 2025 15:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:23:98:e8:03:70:37:84:49:f1:dc:5b:41:c5:71:19:fc:c5:f5:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Oct  3 00:00:14 2025 GMT
            Not After : Nov  7 23:59:59 2025 GMT
        Subject: serialNumber=1becf9535539521557588bbe21c1db6479a4433d630e35317522150c67777ed1, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:45:3f:27:84:e6:4e:4d:32:a8:3f:69:ba:ef:
                    a8:ec:e3:7c:33:8d:47:64:40:fd:61:44:cb:06:1c:
                    31:12:5b:4a:f1:b5:b8:4c:b8:d6:c0:77:be:31:ca:
                    2f:d1:98:7a:69:46:29:ea:a1:12:e6:8a:83:ee:a3:
                    6f:a3:02:fb:f7:92:b4:11:d2:6b:38:71:29:9e:6e:
                    ae:60:e9:a1:b3:69:e3:16:3d:18:f6:86:29:a7:51:
                    51:2f:85:f2:d4:bd:65:98:d3:cc:7c:84:94:bb:eb:
                    ed:5a:9c:f9:81:41:c2:45:07:3d:47:2c:3f:07:c1:
                    28:d3:5c:dd:64:7f:04:29:ae:25:6c:a5:23:da:ef:
                    8a:19:c6:dc:fa:a0:dc:92:64:75:66:dd:30:c4:26:
                    43:4a:f4:77:75:28:b8:a6:e1:26:00:1a:c5:d2:6e:
                    47:ab:e4:33:8f:b6:d3:04:89:cf:01:99:dc:b2:e3:
                    17:25:4b:8e:f6:2b:36:3e:9a:69:f4:a7:b8:11:fb:
                    d2:7c:c5:85:db:8a:6a:f0:46:92:6c:92:2f:ea:44:
                    7b:d5:16:09:89:d4:ca:71:06:db:b0:db:b8:e7:c9:
                    d3:e7:75:77:5f:92:cb:dd:d7:42:73:07:b9:53:3c:
                    fb:7d:f8:64:7f:d0:c8:90:eb:1e:1e:0f:f0:53:27:
                    d7:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:A5:9B:A6:D4:CA:92:65:BA:64:37:30:9D:F2:E2:EC:B4:38:19:29
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/b5e0d86e-0f74-41d8-a413-497ad79e414d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.221.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         87:b4:ef:64:56:3d:44:96:f2:f6:f2:87:47:fd:9a:8b:69:9f:
         e5:43:cc:d4:68:e2:4d:b7:38:50:6d:f6:4f:8e:04:a0:a6:84:
         b0:9b:eb:dd:c8:35:ec:77:02:e5:18:b8:83:8d:11:ce:0f:0e:
         ef:ec:2a:e1:ce:d8:55:b9:c8:1d:97:0e:ec:55:2b:88:75:62:
         63:52:6b:7a:cd:cc:27:6e:e7:d3:53:78:43:bf:e7:92:50:e0:
         ff:54:46:f7:cd:47:dc:97:e1:b2:97:a2:e5:90:c1:d1:ab:f2:
         02:97:f4:ea:2d:71:e0:c2:54:96:19:90:60:d8:ab:d1:87:5a:
         01:da:bc:79:11:e3:c2:aa:15:e5:2e:c4:f9:7c:8c:36:ae:fe:
         d1:32:11:c3:d5:41:4d:0e:32:58:57:cb:de:8c:43:19:ee:49:
         a8:3a:72:08:fc:5d:d8:44:af:bd:13:e2:75:45:bb:81:eb:60:
         55:54:30:51:b0:3c:0f:3c:ae:af:14:06:4f:61:73:de:35:72:
         7c:3b:85:29:56:4c:db:71:da:66:5c:f5:71:09:4e:23:6a:8c:
         d4:be:57:b3:7d:e5:eb:08:b6:83:8c:92:74:c2:de:58:7f:de:
         df:d4:67:6a:f8:48:7c:ad:db:0d:bf:f5:02:60:64:9d:8e:26:
         5c:b7:a9:8a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcyOY6ANwN4RJ8dxbQcVxGfzF9UYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUxMDAzMDAwMDE0WhcNMjUxMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0AxYmVjZjk1MzU1Mzk1MjE1NTc1ODhiYmUyMWMxZGI2NDc5
YTQ0MzNkNjMwZTM1MzE3NTIyMTUwYzY3Nzc3ZWQxMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC5RT8nhOZOTTKoP2m676js43wzjUdkQP1hRMsGHDESW0rx
tbhMuNbAd74xyi/RmHppRinqoRLmioPuo2+jAvv3krQR0ms4cSmebq5g6aGzaeMW
PRj2himnUVEvhfLUvWWY08x8hJS76+1anPmBQcJFBz1HLD8HwSjTXN1kfwQpriVs
pSPa74oZxtz6oNySZHVm3TDEJkNK9Hd1KLim4SYAGsXSbker5DOPttMEic8Bmdyy
4xclS472KzY+mmn0p7gR+9J8xYXbimrwRpJski/qRHvVFgmJ1MpxBtuw27jnydPn
dXdfksvd10JzB7lTPPt9+GR/0MiQ6x4eD/BTJ9dLAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQURqWbptTKkmW6ZDcwnfLi7LQ4GSkwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkL2I1ZTBkODZlLTBmNzQtNDFkOC1hNDEzLTQ5N2FkNzllNDE0ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAXY3aAwDQYJKoZIhvcNAQELBQADggEBAIe072RWPUSW8vbyh0f9motpn+VD
zNRo4k23OFBt9k+OBKCmhLCb693INex3AuUYuIONEc4PDu/sKuHO2FW5yB2XDuxV
K4h1YmNSa3rNzCdu59NTeEO/55JQ4P9URvfNR9yX4bKXouWQwdGr8gKX9OotceDC
VJYZkGDYq9GHWgHavHkR48KqFeUuxPl8jDau/tEyEcPVQU0OMlhXy96MQxnuSag6
cgj8XdhEr70T4nVFu4HrYFVUMFGwPA88rq8UBk9hc941cnw7hSlWTNtx2mZc9XEJ
TiNqjNS+V7N95esItoOMknTC3lh/3t/UZ2r4SHyt2w2/9QJgZJ2OJly3qYo=
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:55:14 2025 by rpki-client