Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6ad63be3-0aab-48af-9a30-591c1d342077.roa
File: 6ad63be3-0aab-48af-9a30-591c1d342077.roa (raw, json)
Hash identifier: nl8IbmCNW/HkK/lOEIKANAYrXT31ZLSOMrCwj3YCd0A=
Subject key identifier: 3B:7F:BD:45:06:6E:A2:7E:27:98:FC:2C:08:5D:1A:BE:44:F4:A3:13
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 2ACBF79E1550C14BBF60790C5F7379D14353D98A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6ad63be3-0aab-48af-9a30-591c1d342077.roa
Signing time: Fri 28 Mar 2025 16:21:04 +0000
ROA not before: Fri 28 Mar 2025 16:21:04 +0000
ROA not after: Fri 02 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1f32:3400::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires: Sat 12 Apr 2025 14:00:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:cb:f7:9e:15:50:c1:4b:bf:60:79:0c:5f:73:79:d1:43:53:d9:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Mar 28 16:21:04 2025 GMT
Not After : May 2 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:01:0c:c6:94:ad:5f:94:b4:f4:50:b2:94:62:
74:52:d5:7a:49:d2:8e:e7:96:a4:26:92:f3:8d:43:
72:8a:3c:41:c6:ae:03:52:91:56:db:7a:13:37:b6:
46:da:90:85:ff:9c:e2:80:67:38:fd:2a:b8:3c:40:
ae:00:86:5a:fa:78:9a:70:2d:56:b7:92:85:12:05:
aa:7a:fa:d5:4c:9d:16:4f:c9:05:eb:fc:53:ba:a2:
42:69:e8:f2:57:16:1b:9c:54:7f:1b:95:04:ee:df:
32:5d:26:09:8a:d6:f1:b7:24:00:b9:ea:f7:1a:b7:
d9:15:86:fd:2a:ec:cb:4f:7f:32:28:2a:d8:8c:f9:
aa:9b:1f:70:c4:0a:c0:3c:ba:5c:0f:5a:6e:4f:75:
e2:38:7a:e7:66:09:e8:4f:74:2b:40:a3:3a:b8:1e:
49:d4:7b:97:df:8c:46:e4:2e:3e:85:69:40:51:ad:
23:32:b3:ff:fc:9d:d3:4a:56:ba:c2:fb:6b:81:23:
ad:ff:e1:54:11:5d:db:42:05:d0:88:a3:44:79:79:
71:fb:d1:73:cb:9d:9c:2e:4d:12:78:c4:64:17:82:
89:1e:bb:3d:30:95:84:ae:3a:3f:27:b5:37:ac:13:
78:4f:63:c8:65:17:15:5f:ad:e5:18:92:45:5a:b9:
b1:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:7F:BD:45:06:6E:A2:7E:27:98:FC:2C:08:5D:1A:BE:44:F4:A3:13
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6ad63be3-0aab-48af-9a30-591c1d342077.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1f32:3400::/40
Signature Algorithm: sha256WithRSAEncryption
a2:34:78:83:e2:ff:4c:42:b6:db:10:7b:10:af:e2:db:ef:74:
3e:b9:8c:64:d2:10:b5:f4:cb:d7:26:b5:e4:ae:42:06:19:b8:
fd:8e:36:6b:2d:dc:4f:5d:e6:4e:a9:90:8b:c8:f7:b2:5b:5f:
7d:58:7b:dd:7c:20:4c:9a:35:06:7a:b5:cd:f9:2c:64:83:b4:
be:49:04:da:c9:6c:1a:bc:a6:46:5a:eb:6d:bf:c9:1a:9c:ce:
25:b6:3d:d4:e9:ac:bf:95:ef:8a:be:49:8c:26:0d:2c:93:b4:
1f:d0:0d:eb:68:46:ff:0a:b8:f5:83:36:bb:99:3f:07:7c:fd:
82:ef:2d:00:91:d1:28:9b:36:9a:6b:95:89:08:63:ee:a2:87:
dd:0e:66:dc:19:2b:e3:2a:5e:8c:c2:a1:bc:a2:2b:b8:86:0b:
46:de:d7:bf:88:d6:18:2b:ac:55:3d:dc:0f:0c:44:34:bf:0a:
e7:2d:3e:0c:fb:9b:47:de:4a:4a:db:dc:82:68:a9:e9:19:e4:
4a:e3:e9:dd:70:6d:00:27:17:16:d6:e0:c9:b2:c4:90:91:0d:
ef:72:8c:6a:5e:3c:3a:53:ab:e0:86:c7:ef:f9:80:29:70:a9:
21:06:75:a8:65:8c:72:6a:46:4d:89:3f:ed:02:61:e2:09:ea:
34:42:38:67
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUKsv3nhVQwUu/YHkMX3N50UNT2YowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzI4MTYyMTA0WhcNMjUwNTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BhNzc3ZDNmY2ViZjY0NTEzNWI2MDliYmJlNTJhN2FmYWEw
MjlkOWVkMDdmZWViNzBkYmU2ODQ3NDUwNDBhZjE1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCfAQzGlK1flLT0ULKUYnRS1XpJ0o7nlqQmkvONQ3KKPEHG
rgNSkVbbehM3tkbakIX/nOKAZzj9Krg8QK4Ahlr6eJpwLVa3koUSBap6+tVMnRZP
yQXr/FO6okJp6PJXFhucVH8blQTu3zJdJgmK1vG3JAC56vcat9kVhv0q7MtPfzIo
KtiM+aqbH3DECsA8ulwPWm5PdeI4eudmCehPdCtAozq4HknUe5ffjEbkLj6FaUBR
rSMys//8ndNKVrrC+2uBI63/4VQRXdtCBdCIo0R5eXH70XPLnZwuTRJ4xGQXgoke
uz0wlYSuOj8ntTesE3hPY8hlFxVfreUYkkVaubEzAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUO3+9RQZuon4nmPwsCF0avkT0oxMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZhZDYzYmUzLTBhYWItNDhhZi05YTMwLTU5MWMxZDM0MjA3Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB8yNDANBgkqhkiG9w0BAQsFAAOCAQEAojR4g+L/TEK22xB7EK/i2+90
PrmMZNIQtfTL1ya15K5CBhm4/Y42ay3cT13mTqmQi8j3sltffVh73XwgTJo1Bnq1
zfksZIO0vkkE2slsGrymRlrrbb/JGpzOJbY91Omsv5Xvir5JjCYNLJO0H9AN62hG
/wq49YM2u5k/B3z9gu8tAJHRKJs2mmuViQhj7qKH3Q5m3Bkr4ypejMKhvKIruIYL
Rt7Xv4jWGCusVT3cDwxENL8K5y0+DPubR95KStvcgmip6RnkSuPp3XBtACcXFtbg
ybLEkJEN73KMal48OlOr4IbH7/mAKXCpIQZ1qGWMcmpGTYk/7QJh4gnqNEI4Zw==
-----END CERTIFICATE-----
Generated at Fri Apr 11 04:29:39 2025 by rpki-client