Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b4ff7be7-36ae-48c9-b55e-9c6224aa1a42.roa
File: b4ff7be7-36ae-48c9-b55e-9c6224aa1a42.roa (raw, json)
Hash identifier: AJYFChf+A99YMIXg/g1qG2tCdrC64tuYFxMChUYR9Gg=
Subject key identifier: D9:A0:53:66:DF:F2:59:73:2A:34:19:22:21:0D:3A:BB:B1:63:A7:81
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 236AF2D75543F7B1F52CA7A0ECA830B566D9C957
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b4ff7be7-36ae-48c9-b55e-9c6224aa1a42.roa
Signing time: Fri 21 Mar 2025 00:21:26 +0000
ROA not before: Fri 21 Mar 2025 00:21:26 +0000
ROA not after: Fri 25 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 66.36.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires: Fri 11 Apr 2025 17:00:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:6a:f2:d7:55:43:f7:b1:f5:2c:a7:a0:ec:a8:30:b5:66:d9:c9:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Mar 21 00:21:26 2025 GMT
Not After : Apr 25 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:44:5c:a6:b6:0a:00:76:7d:37:b7:62:56:b9:
c0:e5:ab:7b:ff:c4:de:a5:55:a8:bd:58:fa:7b:48:
0b:1d:d6:d7:b0:a4:99:fe:63:c3:7f:c3:d9:63:54:
d0:6d:54:0a:4f:a5:3a:47:5c:b4:c5:13:cb:10:ee:
9d:96:ce:bf:7f:b5:c0:e5:8a:43:1d:e1:62:3b:4b:
4e:4c:0e:9b:ea:4f:17:35:b7:29:15:a8:c0:c1:81:
0b:e8:4a:68:01:45:b4:36:0f:71:3e:25:c3:09:d0:
43:0a:d7:b5:0d:3b:6f:72:81:7f:78:b8:43:22:91:
11:4c:17:71:7b:7d:2d:bf:6e:55:fa:8d:24:ea:35:
13:36:a6:d0:7e:f3:6f:fe:37:49:3f:30:9a:1e:08:
60:51:9b:f6:70:d2:79:71:0f:2c:bf:05:b5:17:a0:
62:b3:0f:6d:9f:66:98:aa:32:78:09:77:cc:ef:24:
92:da:80:fa:fe:cc:8a:c4:2c:db:03:f5:03:a4:95:
93:44:ae:60:cc:44:96:11:81:40:6a:5a:89:ff:34:
4f:a2:68:f9:97:d8:4e:18:9c:0b:3d:34:06:0b:8d:
21:97:f2:c0:ad:87:79:02:67:14:be:54:0a:2d:04:
57:3f:08:04:79:c9:fd:a5:04:b9:c8:7c:c2:bd:ed:
61:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:A0:53:66:DF:F2:59:73:2A:34:19:22:21:0D:3A:BB:B1:63:A7:81
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b4ff7be7-36ae-48c9-b55e-9c6224aa1a42.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.36.32.0/19
Signature Algorithm: sha256WithRSAEncryption
15:41:47:b1:94:7e:4f:29:fa:ab:78:dd:56:90:c3:e4:31:5a:
15:a9:4b:19:9f:12:96:f3:32:07:60:88:f8:84:95:49:80:60:
39:8d:4a:d7:68:d5:37:73:d7:93:1c:14:ab:11:17:2d:10:59:
5d:06:2b:d1:1c:fd:97:c9:0f:8b:72:94:ed:fc:f5:76:db:7a:
ce:e5:d0:41:37:81:2d:01:56:d6:1b:fa:96:de:5b:e5:35:79:
12:89:cf:a7:c1:35:de:f7:25:dc:81:8a:79:56:8f:d3:e9:e5:
b0:8c:45:63:97:01:45:45:b9:08:f0:d7:a7:c6:57:04:83:6d:
1c:ba:b3:72:1a:b4:59:a0:6a:93:90:03:b1:30:6a:11:2c:6c:
a9:21:0c:98:4a:36:79:fe:c4:b7:5d:31:5b:d7:d5:6b:b2:3e:
25:2a:4e:fe:1f:be:c4:3d:4f:a5:5c:bf:09:05:b2:22:d8:db:
19:76:f0:00:9a:55:7f:92:68:64:f6:a9:d2:5f:e1:44:9a:ac:
92:7e:db:5d:75:5c:a8:79:4f:17:21:5f:39:0a:10:6f:0e:f7:
f0:d8:db:6d:ee:4a:4b:e0:6b:9a:dc:c8:99:fd:b0:cb:e8:2b:
11:3f:55:a7:a3:71:76:4b:4e:dd:4b:66:11:bc:2e:21:31:a0:
6f:15:f9:f4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUI2ry11VD97H1LKeg7KgwtWbZyVcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzIxMDAyMTI2WhcNMjUwNDI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A1YWQ3Yzg1NTY4MWZmNThjYTY3MGM4OGZkNGE5YzIyNDJj
NDAxZWM4NjVhOWQzMjkzNDMwN2VkZjNmODJhMmJmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzRFymtgoAdn03t2JWucDlq3v/xN6lVai9WPp7SAsd1tew
pJn+Y8N/w9ljVNBtVApPpTpHXLTFE8sQ7p2Wzr9/tcDlikMd4WI7S05MDpvqTxc1
tykVqMDBgQvoSmgBRbQ2D3E+JcMJ0EMK17UNO29ygX94uEMikRFMF3F7fS2/blX6
jSTqNRM2ptB+82/+N0k/MJoeCGBRm/Zw0nlxDyy/BbUXoGKzD22fZpiqMngJd8zv
JJLagPr+zIrELNsD9QOklZNErmDMRJYRgUBqWon/NE+iaPmX2E4YnAs9NAYLjSGX
8sCth3kCZxS+VAotBFc/CAR5yf2lBLnIfMK97WGbAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU2aBTZt/yWXMqNBkiIQ06u7Fjp4EwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I0ZmY3YmU3LTM2YWUtNDhjOS1iNTVlLTljNjIyNGFhMWE0Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAVCJCAwDQYJKoZIhvcNAQELBQADggEBABVBR7GUfk8p+qt43VaQw+QxWhWp
SxmfEpbzMgdgiPiElUmAYDmNStdo1Tdz15McFKsRFy0QWV0GK9Ec/ZfJD4tylO38
9Xbbes7l0EE3gS0BVtYb+pbeW+U1eRKJz6fBNd73JdyBinlWj9Pp5bCMRWOXAUVF
uQjw16fGVwSDbRy6s3IatFmgapOQA7EwahEsbKkhDJhKNnn+xLddMVvX1WuyPiUq
Tv4fvsQ9T6VcvwkFsiLY2xl28ACaVX+SaGT2qdJf4USarJJ+2111XKh5TxchXzkK
EG8O9/DY223uSkvga5rcyJn9sMvoKxE/VaejcXZLTt1LZhG8LiExoG8V+fQ=
-----END CERTIFICATE-----
Generated at Wed Apr 9 18:06:57 2025 by rpki-client