Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b8df2c2c-dc4e-4de0-921f-473e414af165.roa
File:                     b8df2c2c-dc4e-4de0-921f-473e414af165.roa (raw, json)
Hash identifier:          8Jh4+SwDwffR9Mw62BB+B2+qFD29cajE2T6EzWktdCQ=
Subject key identifier:   01:8A:C2:5B:B8:8F:FE:B6:18:80:4F:31:01:CB:05:F4:EB:CE:B9:D3
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       067CAE2F1081444BE3C89B5AB80654A0ACD28550
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b8df2c2c-dc4e-4de0-921f-473e414af165.roa
Signing time:             Tue 25 Mar 2025 18:01:27 +0000
ROA not before:           Tue 25 Mar 2025 18:01:27 +0000
ROA not after:            Tue 29 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f00:40c0::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 06 Apr 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:7c:ae:2f:10:81:44:4b:e3:c8:9b:5a:b8:06:54:a0:ac:d2:85:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 25 18:01:27 2025 GMT
            Not After : Apr 29 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:f3:47:96:ef:a2:0d:1a:6c:17:7c:f9:f7:23:
                    6a:23:22:f4:e7:4d:b7:b1:a6:88:1c:ce:78:4e:29:
                    cf:8e:15:23:ca:f9:43:c5:d8:ff:6f:4f:9b:57:29:
                    1f:4e:68:f6:44:a0:3d:bd:a9:65:de:99:63:c5:a4:
                    4e:07:be:04:07:33:f6:a8:8f:13:3e:58:5e:f8:2f:
                    3f:9f:54:13:dc:03:62:f6:48:fe:71:fb:95:f6:7f:
                    24:67:64:1b:6b:b5:fa:8a:a2:0f:e4:7a:c5:e7:41:
                    08:3a:42:c7:69:6b:cc:67:d6:9a:c0:e5:62:5b:3d:
                    2b:31:8d:e0:8c:1e:ae:1d:a7:f5:f5:62:4e:6e:61:
                    a4:97:07:29:79:88:d9:5c:70:16:1e:99:49:70:52:
                    24:0b:61:ce:09:a4:a4:81:21:d4:8e:e4:cd:b8:ea:
                    ba:44:94:04:7f:ed:66:d7:cc:fd:90:5c:17:07:e7:
                    95:cf:fe:17:1b:a0:05:66:2b:48:51:2f:83:fc:81:
                    01:23:ab:f0:43:9a:2c:a6:f9:77:90:94:28:07:a1:
                    6c:06:cc:4c:0f:31:d9:e5:6b:1d:c1:6a:4e:99:6e:
                    72:84:1d:fc:62:d3:17:e0:8a:5b:5b:5f:90:02:9d:
                    4e:a4:19:75:25:51:35:54:32:d8:4d:ca:c0:1f:bc:
                    ce:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:8A:C2:5B:B8:8F:FE:B6:18:80:4F:31:01:CB:05:F4:EB:CE:B9:D3
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b8df2c2c-dc4e-4de0-921f-473e414af165.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f00:40c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         b5:33:fd:11:d3:70:23:ac:78:93:dd:11:31:ce:58:72:97:7e:
         92:e7:0d:16:45:96:a7:4e:8b:48:32:9c:2e:96:73:3a:d7:0a:
         ac:e3:62:2d:2c:0f:a4:57:93:25:13:75:eb:a2:5b:70:9b:0c:
         fc:b9:8a:a9:78:b2:7c:c1:0d:eb:cb:81:7e:87:da:5b:2e:2a:
         9a:45:5d:b1:e3:b1:ff:81:fc:c1:33:49:70:01:c0:6c:4d:a0:
         ec:46:3b:52:34:b1:3a:2b:51:45:5e:5a:e4:b0:c3:84:ef:2c:
         8f:2d:72:05:5b:36:8f:0f:6d:e8:57:ec:9d:a7:d3:02:64:1f:
         30:c9:62:b8:d2:4e:c6:57:ee:f6:38:dd:96:50:0e:fe:84:cd:
         26:c1:18:73:34:0c:af:bd:66:a8:b0:2a:1f:67:22:1b:0d:9d:
         9f:17:c9:db:e0:56:76:86:2f:08:87:e8:f8:80:44:48:8c:c9:
         58:05:86:d2:b5:2a:02:23:32:17:e6:37:21:aa:3e:40:d3:d3:
         ae:8b:01:5b:8e:36:c0:fb:37:d0:16:1b:e8:c1:05:48:04:e8:
         4a:96:c7:24:b3:66:70:3e:86:b6:ac:e7:70:0f:bf:e5:81:a4:
         75:9b:72:f4:89:35:a8:74:5a:fd:35:5b:f7:4b:79:51:24:fa:
         97:b8:88:49
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUBnyuLxCBREvjyJtauAZUoKzShVAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzI1MTgwMTI3WhcNMjUwNDI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BhOWQ2NGQzZGZlN2Y1MmE5NDczZGE4ZTZjNmRiNWRjZGY2
ZTlhM2JhMDEyYzU5OWJjYjkyN2VkMDk5MWNhZGZkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDI80eW76INGmwXfPn3I2ojIvTnTbexpogcznhOKc+OFSPK
+UPF2P9vT5tXKR9OaPZEoD29qWXemWPFpE4HvgQHM/aojxM+WF74Lz+fVBPcA2L2
SP5x+5X2fyRnZBtrtfqKog/kesXnQQg6Qsdpa8xn1prA5WJbPSsxjeCMHq4dp/X1
Yk5uYaSXByl5iNlccBYemUlwUiQLYc4JpKSBIdSO5M246rpElAR/7WbXzP2QXBcH
55XP/hcboAVmK0hRL4P8gQEjq/BDmiym+XeQlCgHoWwGzEwPMdnlax3Bak6ZbnKE
Hfxi0xfgiltbX5ACnU6kGXUlUTVUMthNysAfvM6lAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUAYrCW7iP/rYYgE8xAcsF9OvOudMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I4ZGYyYzJjLWRjNGUtNGRlMC05MjFmLTQ3M2U0MTRhZjE2NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB8AQMAwDQYJKoZIhvcNAQELBQADggEBALUz/RHTcCOseJPdETHOWHKX
fpLnDRZFlqdOi0gynC6WczrXCqzjYi0sD6RXkyUTdeuiW3CbDPy5iql4snzBDevL
gX6H2lsuKppFXbHjsf+B/MEzSXABwGxNoOxGO1I0sTorUUVeWuSww4TvLI8tcgVb
No8PbehX7J2n0wJkHzDJYrjSTsZX7vY43ZZQDv6EzSbBGHM0DK+9ZqiwKh9nIhsN
nZ8XydvgVnaGLwiH6PiAREiMyVgFhtK1KgIjMhfmNyGqPkDT066LAVuONsD7N9AW
G+jBBUgE6EqWxySzZnA+hras53APv+WBpHWbcvSJNah0Wv01W/dLeVEk+pe4iEk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:14:12 2025 by rpki-client