Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/998b9d87-46d7-45d1-85e8-62d6d8298271.roa
File:                     998b9d87-46d7-45d1-85e8-62d6d8298271.roa (raw, json)
Hash identifier:          afyFewCFslR2CIMM3ae0snWDhKASer5NwgrS1+z4mhQ=
Subject key identifier:   27:F8:36:3C:33:B7:09:40:0F:7C:ED:62:CE:BD:76:23:B1:FB:BC:8D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0B47ECD9DE88E7FF616D9A00D1FF0E84B760D8FB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/998b9d87-46d7-45d1-85e8-62d6d8298271.roa
Signing time:             Sat 15 Mar 2025 00:11:45 +0000
ROA not before:           Sat 15 Mar 2025 00:11:45 +0000
ROA not after:            Sat 19 Apr 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2600:1f32:2000::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 06 Apr 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:47:ec:d9:de:88:e7:ff:61:6d:9a:00:d1:ff:0e:84:b7:60:d8:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 15 00:11:45 2025 GMT
            Not After : Apr 19 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:47:e5:ae:24:b3:22:94:be:ec:29:1b:d9:c3:
                    cd:6e:c6:7c:8c:d7:c0:e1:64:05:a4:55:5a:82:b1:
                    09:c0:67:77:a8:3e:47:70:2c:1f:bf:67:21:ed:14:
                    05:0d:ee:57:c3:6b:54:7f:8e:59:8c:a4:a2:bf:39:
                    2f:4b:37:a9:5d:51:89:a0:e9:b2:4f:2a:86:bd:e0:
                    03:9d:10:44:e9:df:f9:f3:76:2f:11:65:db:06:fa:
                    86:42:5b:0e:d7:dd:24:e7:7c:64:f0:fe:35:88:a8:
                    17:25:e7:89:01:27:be:36:5e:92:5b:e1:b9:d4:a4:
                    69:1e:5a:1e:87:42:49:e4:6e:65:d8:0c:43:f0:0a:
                    fb:2f:f5:38:37:89:ad:3b:ef:fc:f4:18:7d:37:8a:
                    0f:3c:76:b9:7e:87:6e:82:17:40:7c:8a:b7:6b:d5:
                    e8:55:d7:22:f8:b0:0d:60:2f:76:9e:9c:61:ef:ac:
                    0e:3e:68:fc:1d:cb:a6:81:bf:7e:3e:5b:00:76:0b:
                    17:46:b6:07:87:cd:7e:78:8a:f6:01:50:4e:b4:c7:
                    b3:b7:09:4d:ec:4f:2e:c2:c6:68:dd:8e:9f:3b:53:
                    5b:8d:bc:71:16:43:5e:6e:75:99:a8:03:66:0d:40:
                    3c:e2:56:a9:68:07:11:77:ac:cb:68:2c:9c:b3:32:
                    9a:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:F8:36:3C:33:B7:09:40:0F:7C:ED:62:CE:BD:76:23:B1:FB:BC:8D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/998b9d87-46d7-45d1-85e8-62d6d8298271.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f32:2000::/40

    Signature Algorithm: sha256WithRSAEncryption
         04:9b:82:e2:4b:7e:9a:fc:ce:17:b1:69:67:02:8e:81:86:db:
         51:88:58:a3:90:99:9f:83:47:63:78:b9:d5:0f:11:e7:d2:06:
         ef:f3:1b:13:27:6e:b2:74:21:e1:20:22:31:fb:13:b9:d3:63:
         1f:09:12:6d:67:a7:aa:1c:a8:26:20:01:53:e5:53:f6:37:1d:
         54:db:57:bf:f6:6d:95:5b:35:79:50:e1:5a:fb:07:ce:33:d8:
         92:cc:f3:b0:83:d7:2c:6f:12:af:f3:7b:ef:6b:33:93:a8:bd:
         b1:8d:c8:fb:91:e6:ad:d6:69:4e:f2:88:60:e1:01:46:4e:6b:
         4a:72:b0:69:bd:4c:87:fe:ee:9e:13:90:e3:b8:eb:a7:5c:81:
         76:4b:5c:0f:14:95:0d:ae:09:f3:e6:bb:ff:53:50:02:cc:f5:
         7d:7d:41:99:2e:f0:92:73:ad:9f:1a:3d:94:89:6e:dc:71:47:
         99:20:49:7f:ca:ac:8b:83:8a:a4:ed:ad:6f:6e:1e:1d:ed:f5:
         f3:11:fa:c8:37:69:6d:bf:d7:01:22:39:1d:5b:42:eb:b9:31:
         bf:94:9b:94:af:95:93:e3:21:a1:34:61:d1:17:1d:89:3b:d7:
         e4:62:85:34:bd:a9:36:8e:b7:d2:ee:b0:c1:1b:76:14:7b:f4:
         92:1c:79:82
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUC0fs2d6I5/9hbZoA0f8OhLdg2PswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzE1MDAxMTQ1WhcNMjUwNDE5MjM1OTU5
WjB6MUkwRwYDVQQFE0AwMWE3ZGI2NDI5YjExM2M3YTY2ZTliZTk2M2MzNmQ3M2Jj
YzM4ZmU0NmFjY2U4ODgwMjU5MTBlMmI1ZjY1ZWJkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDPR+WuJLMilL7sKRvZw81uxnyM18DhZAWkVVqCsQnAZ3eo
PkdwLB+/ZyHtFAUN7lfDa1R/jlmMpKK/OS9LN6ldUYmg6bJPKoa94AOdEETp3/nz
di8RZdsG+oZCWw7X3STnfGTw/jWIqBcl54kBJ742XpJb4bnUpGkeWh6HQknkbmXY
DEPwCvsv9Tg3ia077/z0GH03ig88drl+h26CF0B8irdr1ehV1yL4sA1gL3aenGHv
rA4+aPwdy6aBv34+WwB2CxdGtgeHzX54ivYBUE60x7O3CU3sTy7Cxmjdjp87U1uN
vHEWQ15udZmoA2YNQDziVqloBxF3rMtoLJyzMpqHAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUJ/g2PDO3CUAPfO1izr12I7H7vI0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk5OGI5ZDg3LTQ2ZDctNDVkMS04NWU4LTYyZDZkODI5ODI3MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB8yIDANBgkqhkiG9w0BAQsFAAOCAQEABJuC4kt+mvzOF7FpZwKOgYbb
UYhYo5CZn4NHY3i51Q8R59IG7/MbEydusnQh4SAiMfsTudNjHwkSbWenqhyoJiAB
U+VT9jcdVNtXv/ZtlVs1eVDhWvsHzjPYkszzsIPXLG8Sr/N772szk6i9sY3I+5Hm
rdZpTvKIYOEBRk5rSnKwab1Mh/7unhOQ47jrp1yBdktcDxSVDa4J8+a7/1NQAsz1
fX1BmS7wknOtnxo9lIlu3HFHmSBJf8qsi4OKpO2tb24eHe318xH6yDdpbb/XASI5
HVtC67kxv5SblK+Vk+MhoTRh0RcdiTvX5GKFNL2pNo630u6wwRt2FHv0khx5gg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:06:42 2025 by rpki-client