Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e9a2495a-b565-4518-8d91-a9fb127abca6.roa
File: e9a2495a-b565-4518-8d91-a9fb127abca6.roa (raw, json)
Hash identifier: ksuzrOFS767lM7Pjm47T0rkI9U80ZlUa0qxR9XRUs/8=
Subject key identifier: 3D:32:B1:78:13:8C:03:20:7E:34:DA:9E:2A:2E:C0:AA:CD:27:55:A1
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 773E6D4CCEA0211DACB85908D59B3F6BDB35DEF0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e9a2495a-b565-4518-8d91-a9fb127abca6.roa
Signing time: Tue 25 Mar 2025 17:50:09 +0000
ROA not before: Tue 25 Mar 2025 17:50:09 +0000
ROA not after: Tue 29 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1f61:1020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires: Fri 11 Apr 2025 17:00:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:3e:6d:4c:ce:a0:21:1d:ac:b8:59:08:d5:9b:3f:6b:db:35:de:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Mar 25 17:50:09 2025 GMT
Not After : Apr 29 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:7c:44:15:40:3e:33:3d:39:e3:cc:0c:b7:9a:
da:29:dd:95:73:34:53:d4:a3:e7:3d:d4:56:fb:bc:
c6:b0:24:87:a3:92:07:ad:00:91:59:0b:54:1a:9b:
ca:02:86:db:a9:f9:1b:82:93:88:84:26:69:4b:15:
d0:b7:5a:c9:70:64:9c:7c:c3:e0:f5:4c:6a:a1:93:
a0:83:99:fc:0a:9c:17:8e:1f:f6:46:23:78:36:a5:
6a:17:0f:e2:9a:26:9f:ed:23:7c:50:40:c3:ce:fd:
f9:7e:4b:7f:8e:26:d1:0f:b0:e6:a4:17:11:7d:d1:
30:61:4e:79:a7:34:14:1c:1f:23:6a:e1:71:38:a1:
5a:9f:0c:4d:1d:c8:ae:34:6b:85:93:ec:d4:ca:ed:
1a:96:96:68:73:04:dc:36:82:6d:fd:f8:65:bb:d7:
a0:36:ee:a2:ef:d3:8c:dd:9b:46:ba:2d:1e:3b:07:
9c:3e:78:3c:39:4e:37:39:23:f6:f9:97:45:27:fd:
af:92:f3:bd:a9:da:a9:59:5a:fb:5c:94:93:33:6c:
95:58:32:af:7e:77:88:bf:66:29:54:5d:ad:15:53:
07:83:5e:9c:2c:ee:e3:56:f1:88:bd:e4:40:06:18:
b5:8b:7f:cf:78:c7:32:e0:73:21:74:e7:5d:12:03:
39:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:32:B1:78:13:8C:03:20:7E:34:DA:9E:2A:2E:C0:AA:CD:27:55:A1
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e9a2495a-b565-4518-8d91-a9fb127abca6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1f61:1020::/48
Signature Algorithm: sha256WithRSAEncryption
a7:c2:f9:41:da:a5:38:81:95:fc:cd:7f:4b:80:b9:44:d6:36:
8f:51:9f:5e:84:34:2c:74:c2:73:a4:6f:2e:bc:11:22:a6:2b:
5e:f0:22:21:57:b6:99:45:9f:18:f1:ba:8c:4a:d9:56:fc:76:
89:e3:f1:83:43:c1:fa:8a:9d:8f:21:83:08:56:98:f1:f7:df:
0a:4b:18:57:5c:cb:7a:4f:a1:46:7b:32:43:48:53:e2:32:ae:
9e:9c:86:03:66:3a:8b:93:81:1e:7d:08:6f:99:bb:0e:d1:a8:
36:80:e4:a4:3d:de:0a:2a:b8:5d:c0:09:92:cd:32:71:84:cf:
ab:a1:3b:ba:04:5b:7e:41:19:fe:d8:b3:98:80:ef:e8:3a:cc:
6b:3c:7c:d0:fa:3e:c6:8e:d0:54:9e:c6:13:a1:c6:0e:30:7b:
75:35:df:ac:e5:21:b1:66:8e:ad:9e:05:37:38:e3:15:f6:72:
e0:75:e7:08:11:6f:77:9d:81:5d:f2:33:77:9c:3d:b7:96:c9:
6a:b5:07:ec:3d:f4:63:65:a6:c7:41:75:c2:f3:93:c3:9b:13:
ed:55:f9:ce:cc:8a:7c:3b:ee:02:68:42:d3:32:21:7f:cd:3b:
a2:3c:32:e8:f6:9e:19:85:eb:a2:26:ec:2f:9f:3f:2f:76:1d:
31:0f:98:3e
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUdz5tTM6gIR2suFkI1Zs/a9s13vAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzI1MTc1MDA5WhcNMjUwNDI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BlZDJjNTAwZjM4YWM2MDBmNTI0OTI2NWQ1MGM5MDgzY2Rm
MjExYzU1N2ZhNTBkZTNmZjczZjc3ZmM0ZmM2YjIxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDhfEQVQD4zPTnjzAy3mtop3ZVzNFPUo+c91Fb7vMawJIej
kgetAJFZC1Qam8oChtup+RuCk4iEJmlLFdC3WslwZJx8w+D1TGqhk6CDmfwKnBeO
H/ZGI3g2pWoXD+KaJp/tI3xQQMPO/fl+S3+OJtEPsOakFxF90TBhTnmnNBQcHyNq
4XE4oVqfDE0dyK40a4WT7NTK7RqWlmhzBNw2gm39+GW716A27qLv04zdm0a6LR47
B5w+eDw5Tjc5I/b5l0Un/a+S872p2qlZWvtclJMzbJVYMq9+d4i/ZilUXa0VUweD
Xpws7uNW8Yi95EAGGLWLf894xzLgcyF0510SAzlFAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUPTKxeBOMAyB+NNqeKi7Aqs0nVaEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U5YTI0OTVhLWI1NjUtNDUxOC04ZDkxLWE5ZmIxMjdhYmNhNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB9hECAwDQYJKoZIhvcNAQELBQADggEBAKfC+UHapTiBlfzNf0uAuUTW
No9Rn16ENCx0wnOkby68ESKmK17wIiFXtplFnxjxuoxK2Vb8donj8YNDwfqKnY8h
gwhWmPH33wpLGFdcy3pPoUZ7MkNIU+Iyrp6chgNmOouTgR59CG+Zuw7RqDaA5KQ9
3goquF3ACZLNMnGEz6uhO7oEW35BGf7Ys5iA7+g6zGs8fND6PsaO0FSexhOhxg4w
e3U136zlIbFmjq2eBTc44xX2cuB15wgRb3edgV3yM3ecPbeWyWq1B+w99GNlpsdB
dcLzk8ObE+1V+c7Minw77gJoQtMyIX/NO6I8Muj2nhmF66Im7C+fPy92HTEPmD4=
-----END CERTIFICATE-----
Generated at Thu Apr 10 04:08:13 2025 by rpki-client