Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8a764f24-7058-4161-b89e-768a905c8ad3.roa
File: 8a764f24-7058-4161-b89e-768a905c8ad3.roa (raw, json)
Hash identifier: +KNhAcnTnEEvRhiThK5F42hl9O4RH43me9/z4LFo8SA=
Subject key identifier: 24:A8:2D:46:F3:D2:62:81:4D:96:EE:DF:C7:38:BB:D9:3B:6A:EC:9B
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 1EA268BABF824EB1238AAC61D936E987D7F8BAFA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8a764f24-7058-4161-b89e-768a905c8ad3.roa
Signing time: Fri 28 Mar 2025 16:51:07 +0000
ROA not before: Fri 28 Mar 2025 16:51:07 +0000
ROA not after: Fri 02 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1f1f:4000::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires: Fri 18 Apr 2025 14:00:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:a2:68:ba:bf:82:4e:b1:23:8a:ac:61:d9:36:e9:87:d7:f8:ba:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Mar 28 16:51:07 2025 GMT
Not After : May 2 23:59:59 2025 GMT
Subject: serialNumber=68713c96dd8a4da5a8c57617f9fb8139a4936989efb20d21dec9c8ac615ac828, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:c7:30:1a:46:60:ed:e8:01:fb:83:7c:5a:fd:
ea:ab:cd:65:17:cd:ff:78:9a:24:51:90:96:b4:f3:
a6:28:5d:6d:84:26:9b:e7:73:ee:56:7c:9e:85:81:
f5:54:39:c4:6c:21:da:28:eb:b0:31:0e:1c:28:12:
8d:68:c9:3e:c2:9f:bb:d2:e8:08:96:8e:47:98:a1:
6e:33:36:7f:90:bb:56:d1:f7:03:c9:fa:ef:6f:d2:
4e:64:a6:29:11:f4:c2:2e:70:5b:86:2f:f3:f6:bb:
a3:86:52:96:9f:a5:11:e9:3f:96:df:e9:1d:74:28:
ee:77:01:f4:32:de:47:f0:f0:a9:78:ad:1d:d7:19:
3f:80:ac:e3:6d:ed:6d:c2:6c:54:7f:7a:14:62:f2:
de:70:26:e6:69:79:ba:39:92:9a:e5:ea:9d:69:34:
f8:1b:6e:62:df:b9:ef:92:cd:77:04:d0:5f:44:37:
78:d4:bc:67:34:45:d5:62:11:56:d4:42:37:8e:c9:
03:db:59:73:6c:69:bf:39:c0:a6:41:05:f5:06:a0:
01:a6:d3:8e:c1:65:1a:31:8b:30:84:ce:ca:1d:6f:
88:5b:e7:be:f7:48:2f:18:21:c2:f9:08:52:0f:d7:
f8:29:58:d3:a9:f6:94:f7:5c:b1:88:13:f8:c5:22:
f5:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:A8:2D:46:F3:D2:62:81:4D:96:EE:DF:C7:38:BB:D9:3B:6A:EC:9B
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8a764f24-7058-4161-b89e-768a905c8ad3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1f1f:4000::/37
Signature Algorithm: sha256WithRSAEncryption
ca:65:31:46:88:ae:fe:1b:6d:ed:cd:8a:a0:44:93:ec:05:39:
ac:8c:69:1e:c7:41:f4:b8:6d:48:67:67:fd:18:82:83:c6:c5:
43:20:94:e2:78:2a:87:b4:cb:3f:e6:02:00:07:05:b1:3b:ca:
89:ba:0e:87:ca:dd:84:fa:57:ac:1e:70:b3:42:6e:bf:77:d6:
ee:c2:1b:64:b6:9b:8a:90:a8:9e:1e:ba:a1:cb:b4:1d:6a:8d:
75:15:cf:08:91:ca:a8:99:ff:37:4a:7e:15:a9:aa:bf:53:96:
2b:55:cd:61:79:8c:48:19:ac:8f:47:c3:10:1b:37:5b:7a:b7:
c4:67:f0:04:81:34:23:ba:80:22:a5:90:ea:e8:eb:08:61:c9:
6e:e7:56:32:2a:8b:ca:5f:d2:7d:d7:66:12:0c:ff:e3:48:81:
4d:c4:bc:ac:d3:df:9b:fc:b4:21:dd:02:15:4b:29:ea:c0:41:
bd:f0:33:4a:65:56:b2:fe:fb:f2:87:d0:11:9d:75:9c:8d:04:
16:50:b9:61:1b:ad:d3:08:0f:5d:a9:8d:3f:09:24:d8:4d:20:
94:05:ca:a8:c7:30:92:30:bd:88:be:85:0c:60:5d:15:31:c8:
55:76:50:b0:d2:77:51:6a:a2:69:97:bf:a8:f0:00:06:60:83:
85:d2:30:01
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUHqJour+CTrEjiqxh2Tbph9f4uvowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzI4MTY1MTA3WhcNMjUwNTAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A2ODcxM2M5NmRkOGE0ZGE1YThjNTc2MTdmOWZiODEzOWE0
OTM2OTg5ZWZiMjBkMjFkZWM5YzhhYzYxNWFjODI4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDYxzAaRmDt6AH7g3xa/eqrzWUXzf94miRRkJa086YoXW2E
Jpvnc+5WfJ6FgfVUOcRsIdoo67AxDhwoEo1oyT7Cn7vS6AiWjkeYoW4zNn+Qu1bR
9wPJ+u9v0k5kpikR9MIucFuGL/P2u6OGUpafpRHpP5bf6R10KO53AfQy3kfw8Kl4
rR3XGT+ArONt7W3CbFR/ehRi8t5wJuZpebo5kprl6p1pNPgbbmLfue+SzXcE0F9E
N3jUvGc0RdViEVbUQjeOyQPbWXNsab85wKZBBfUGoAGm047BZRoxizCEzsodb4hb
5773SC8YIcL5CFIP1/gpWNOp9pT3XLGIE/jFIvX9AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUJKgtRvPSYoFNlu7fxzi72Ttq7JswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhhNzY0ZjI0LTcwNTgtNDE2MS1iODllLTc2OGE5MDVjOGFkMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgMmAB8fQDANBgkqhkiG9w0BAQsFAAOCAQEAymUxRoiu/htt7c2KoEST7AU5
rIxpHsdB9LhtSGdn/RiCg8bFQyCU4ngqh7TLP+YCAAcFsTvKiboOh8rdhPpXrB5w
s0Juv3fW7sIbZLabipConh66ocu0HWqNdRXPCJHKqJn/N0p+Famqv1OWK1XNYXmM
SBmsj0fDEBs3W3q3xGfwBIE0I7qAIqWQ6ujrCGHJbudWMiqLyl/SfddmEgz/40iB
TcS8rNPfm/y0Id0CFUsp6sBBvfAzSmVWsv778ofQEZ11nI0EFlC5YRut0wgPXamN
Pwkk2E0glAXKqMcwkjC9iL6FDGBdFTHIVXZQsNJ3UWqiaZe/qPAABmCDhdIwAQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 11:11:11 2025 by rpki-client