Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8ae4f4ea-aac8-4c81-8e1c-ed7b02b24e6f.roa
File:                     8ae4f4ea-aac8-4c81-8e1c-ed7b02b24e6f.roa (raw, json)
Hash identifier:          3tNZbAJozbvZwlgFkg+DopweJx2tEyb0w5DAiQadi9k=
Subject key identifier:   1D:5D:A9:3A:B9:7A:23:31:EE:00:59:CD:CF:DF:24:2E:53:B7:3E:51
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       787E525E648BE8E1852E6EC2EAF22DCA2E596EBD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8ae4f4ea-aac8-4c81-8e1c-ed7b02b24e6f.roa
Signing time:             Mon 17 Mar 2025 15:11:12 +0000
ROA not before:           Mon 17 Mar 2025 15:11:12 +0000
ROA not after:            Mon 21 Apr 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2600:1f30::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 06 Apr 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:7e:52:5e:64:8b:e8:e1:85:2e:6e:c2:ea:f2:2d:ca:2e:59:6e:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 17 15:11:12 2025 GMT
            Not After : Apr 21 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:e5:2c:b1:74:fd:13:9c:bd:7a:9a:b8:7f:00:
                    e9:de:b3:46:b5:24:bd:0c:de:d9:a3:c1:a8:47:5e:
                    ae:54:85:72:01:c9:e5:7a:02:69:0d:bc:30:51:82:
                    40:e7:24:de:53:20:9d:91:04:94:9e:5a:bf:2d:c3:
                    a9:fc:0a:2c:a9:41:ed:4a:17:42:f2:df:f4:93:28:
                    5e:1e:0a:69:d5:58:88:2b:b3:6d:04:4d:0d:01:f5:
                    6a:b7:5b:19:43:ca:0b:c7:5b:69:b5:21:1d:1b:cb:
                    cb:d9:0e:d9:a5:bd:fb:71:e6:e4:9d:e5:73:50:43:
                    dc:64:75:21:39:48:b2:2e:9d:6c:ef:bf:97:63:dc:
                    3d:7a:31:25:68:ad:4f:ed:f7:db:c1:68:cb:53:e6:
                    02:e2:3e:c3:ce:35:49:ec:9d:bf:92:43:34:1e:01:
                    72:51:22:01:85:8c:ce:2e:a3:6f:26:11:f5:fe:e8:
                    fc:b2:24:b6:e6:c5:9e:59:a9:65:b4:41:35:a7:a8:
                    38:47:c4:f1:a0:9b:30:23:80:bf:e1:09:fd:c9:b8:
                    e8:09:c8:9d:02:b6:91:f0:16:42:8e:50:e3:d1:d7:
                    32:5a:4b:90:76:50:52:a5:a2:9c:3d:ff:e4:5c:4a:
                    96:e7:3d:14:85:b3:dc:e7:1e:33:15:6d:58:48:4c:
                    aa:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:5D:A9:3A:B9:7A:23:31:EE:00:59:CD:CF:DF:24:2E:53:B7:3E:51
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8ae4f4ea-aac8-4c81-8e1c-ed7b02b24e6f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f30::/32

    Signature Algorithm: sha256WithRSAEncryption
         26:5e:12:35:e1:51:44:12:79:e9:52:be:c0:ea:83:26:ef:c1:
         03:7d:98:1f:53:12:72:33:92:2d:8b:5e:82:0d:64:67:3a:30:
         09:8a:f8:1a:9f:4f:30:53:20:d1:fa:87:a4:58:2a:83:90:ee:
         95:1d:2d:cf:22:04:4f:8e:5f:bb:83:9d:ca:a4:d9:fb:1c:fe:
         23:10:50:7e:06:ad:e4:88:36:9d:63:67:0d:07:f7:1b:69:27:
         cd:03:44:97:4e:c0:35:48:f8:ec:7f:c4:44:25:0e:fc:83:b8:
         8f:55:68:b2:09:ab:03:15:27:64:0c:8b:ee:30:a9:4e:e1:c1:
         d4:47:56:da:c4:19:b7:fa:08:fa:57:62:a6:8a:e5:43:9f:60:
         f6:63:93:82:a4:f3:20:9d:d5:2d:6c:22:46:ba:42:da:bd:d7:
         b0:c3:aa:f3:9b:09:08:67:c0:47:74:b5:ae:40:04:52:8c:f4:
         b9:56:e8:4d:0c:30:71:fc:83:46:3a:02:87:a5:d4:89:72:bc:
         55:fd:dd:3d:fe:bf:f0:6c:69:d2:ac:a4:46:d3:fd:62:6d:f4:
         b5:8f:92:4f:2a:6b:62:1a:e9:c5:5a:39:ab:41:74:ac:59:0c:
         99:5d:b8:52:9b:5a:d5:21:59:58:60:b0:37:a1:99:5d:4e:48:
         5e:3b:41:e9
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIUeH5SXmSL6OGFLm7C6vItyi5Zbr0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzE3MTUxMTEyWhcNMjUwNDIxMjM1OTU5
WjB6MUkwRwYDVQQFE0AyYzAxM2QyYWJhN2FjNTdjNmExYTQ0YzI2YmUzNjNiOTdk
YTk0NTIzZWMxZGI4NDU3YzVhNTQ2MjU4NjYzODE4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC85SyxdP0TnL16mrh/AOnes0a1JL0M3tmjwahHXq5UhXIB
yeV6AmkNvDBRgkDnJN5TIJ2RBJSeWr8tw6n8CiypQe1KF0Ly3/STKF4eCmnVWIgr
s20ETQ0B9Wq3WxlDygvHW2m1IR0by8vZDtmlvftx5uSd5XNQQ9xkdSE5SLIunWzv
v5dj3D16MSVorU/t99vBaMtT5gLiPsPONUnsnb+SQzQeAXJRIgGFjM4uo28mEfX+
6PyyJLbmxZ5ZqWW0QTWnqDhHxPGgmzAjgL/hCf3JuOgJyJ0CtpHwFkKOUOPR1zJa
S5B2UFKlopw9/+RcSpbnPRSFs9znHjMVbVhITKoNAgMBAAGjggKyMIICrjAdBgNV
HQ4EFgQUHV2pOrl6IzHuAFnNz98kLlO3PlEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhhZTRmNGVhLWFhYzgtNGM4MS04ZTFjLWVkN2IwMmIyNGU2Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC
MAcDBQAmAB8wMA0GCSqGSIb3DQEBCwUAA4IBAQAmXhI14VFEEnnpUr7A6oMm78ED
fZgfUxJyM5Iti16CDWRnOjAJivgan08wUyDR+oekWCqDkO6VHS3PIgRPjl+7g53K
pNn7HP4jEFB+Bq3kiDadY2cNB/cbaSfNA0SXTsA1SPjsf8REJQ78g7iPVWiyCasD
FSdkDIvuMKlO4cHUR1baxBm3+gj6V2KmiuVDn2D2Y5OCpPMgndUtbCJGukLavdew
w6rzmwkIZ8BHdLWuQARSjPS5VuhNDDBx/INGOgKHpdSJcrxV/d09/r/wbGnSrKRG
0/1ibfS1j5JPKmtiGunFWjmrQXSsWQyZXbhSm1rVIVlYYLA3oZldTkheO0Hp
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:29:11 2025 by rpki-client