Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/8dc8b90b-7591-404d-b954-05b005230216.roa
File: 8dc8b90b-7591-404d-b954-05b005230216.roa (raw, json)
Hash identifier: kdBzsL2++ETii0Yc2ItX/knMWGJMfuEUb/89kG+2m9o=
Subject key identifier: 2E:C9:60:BE:58:2B:4C:8E:31:A3:43:71:76:C0:E0:21:7D:2E:05:4B
Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial: 6ACB7A4B18D61F763EEEC6BDBE647E10C095C5CC
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/8dc8b90b-7591-404d-b954-05b005230216.roa
Signing time: Mon 31 Mar 2025 19:00:15 +0000
ROA not before: Mon 31 Mar 2025 19:00:15 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:f000::/39 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires: Sat 12 Apr 2025 13:00:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:cb:7a:4b:18:d6:1f:76:3e:ee:c6:bd:be:64:7e:10:c0:95:c5:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Validity
Not Before: Mar 31 19:00:15 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:15:eb:e1:20:ce:2e:43:a1:45:b1:0a:5d:9a:
8d:13:e6:31:b0:b4:f6:2a:a5:26:5e:fc:61:d0:e2:
0e:99:0a:70:97:89:3d:ed:5f:8e:93:bb:c7:1e:61:
8b:e5:52:2a:fa:42:e3:ef:65:d2:68:be:8d:ad:e3:
66:5e:88:f6:01:00:08:64:e2:c4:7e:92:e9:2d:29:
02:53:d2:97:6b:80:c6:f3:44:47:76:44:17:b5:fa:
02:35:18:be:30:d0:b9:2b:b2:b7:0c:5e:20:b9:c3:
6f:cf:f3:b4:2a:fe:28:ef:46:5a:5a:71:29:4e:09:
9a:06:c7:6b:82:fe:22:8c:e6:39:76:81:d0:85:dc:
ab:04:a7:90:a3:bc:ab:50:63:af:ff:64:ea:89:6c:
7a:98:2b:2f:b7:88:df:ce:5c:9c:df:a1:ef:e2:3e:
2b:8c:c4:46:97:c2:80:13:6b:56:17:de:1a:93:fb:
03:f9:43:f9:73:8d:dd:a9:26:8b:2f:a9:0a:d0:bd:
9c:2d:43:5d:2a:cb:90:96:c4:d9:00:cf:8a:b0:de:
2d:15:c2:93:ea:ab:84:6b:3d:61:91:65:09:27:ee:
57:1f:82:ff:be:22:02:64:d5:96:30:69:1e:56:82:
8e:5d:48:e9:bc:80:4c:c3:81:a9:8d:d9:2a:e1:8a:
fc:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:C9:60:BE:58:2B:4C:8E:31:A3:43:71:76:C0:E0:21:7D:2E:05:4B
X509v3 Authority Key Identifier:
keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/8dc8b90b-7591-404d-b954-05b005230216.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:f000::/39
Signature Algorithm: sha256WithRSAEncryption
40:37:61:84:b6:d6:62:36:74:65:51:d4:c2:ff:d1:0f:f8:d6:
8f:7d:1c:8a:39:80:0f:6d:5a:81:d9:85:c8:59:14:27:5b:47:
6c:38:34:a0:ce:80:41:2d:60:4d:23:da:2e:44:b2:44:5e:86:
16:41:31:12:5a:dd:bc:a4:19:28:08:0f:2f:e8:8a:76:03:c9:
29:e1:89:b9:0d:ed:2e:69:dd:d6:4f:ba:aa:71:23:20:8c:71:
4b:2b:2d:0c:03:e3:1b:c3:df:85:ce:4b:d6:b4:37:65:6c:89:
5c:11:4e:60:29:c2:fb:6b:2d:c8:31:4b:06:5f:66:b2:1c:9a:
4a:f6:f6:0e:c3:71:23:67:8a:03:20:89:3c:29:68:53:88:e9:
61:0e:83:5f:a7:ea:c1:03:7b:e6:6a:e7:5a:ac:b8:48:f8:69:
41:39:f0:91:0c:81:d2:a9:ff:08:b6:f6:7f:3c:42:d2:33:5c:
eb:3b:f9:23:69:45:9a:18:e2:0c:3f:a7:a1:6b:8f:24:c6:59:
ba:9b:3d:1e:13:f8:48:27:59:b2:a5:1a:f7:30:94:91:7d:ff:
d2:f3:56:83:15:34:df:ec:cb:32:d8:7e:5c:37:b9:fb:8f:79:
00:b8:9a:d8:f0:b4:72:76:1f:0c:bb:a9:04:1a:eb:bd:5d:7e:
14:bc:df:6b
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUast6SxjWH3Y+7sa9vmR+EMCVxcwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMzMxMTkwMDE1WhcNMjUwNTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0AzMzNjNjk1Y2M2YTQ4NWJiNTBjNmQwM2ZjOTQ5NjliYjAw
MjdmMjdkMDU1MjBlMzczYmRkNmRlODIxY2VkMzcwMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDpFevhIM4uQ6FFsQpdmo0T5jGwtPYqpSZe/GHQ4g6ZCnCX
iT3tX46Tu8ceYYvlUir6QuPvZdJovo2t42ZeiPYBAAhk4sR+kuktKQJT0pdrgMbz
REd2RBe1+gI1GL4w0LkrsrcMXiC5w2/P87Qq/ijvRlpacSlOCZoGx2uC/iKM5jl2
gdCF3KsEp5CjvKtQY6//ZOqJbHqYKy+3iN/OXJzfoe/iPiuMxEaXwoATa1YX3hqT
+wP5Q/lzjd2pJosvqQrQvZwtQ10qy5CWxNkAz4qw3i0VwpPqq4RrPWGRZQkn7lcf
gv++IgJk1ZYwaR5Wgo5dSOm8gEzDgamN2SrhivxFAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQULslgvlgrTI4xo0NxdsDgIX0uBUswHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzhkYzhiOTBiLTc1OTEtNDA0ZC1iOTU0LTA1YjAwNTIzMDIxNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmAPAAADANBgkqhkiG9w0BAQsFAAOCAQEAQDdhhLbWYjZ0ZVHUwv/RD/jW
j30cijmAD21agdmFyFkUJ1tHbDg0oM6AQS1gTSPaLkSyRF6GFkExElrdvKQZKAgP
L+iKdgPJKeGJuQ3tLmnd1k+6qnEjIIxxSystDAPjG8Pfhc5L1rQ3ZWyJXBFOYCnC
+2styDFLBl9mshyaSvb2DsNxI2eKAyCJPCloU4jpYQ6DX6fqwQN75mrnWqy4SPhp
QTnwkQyB0qn/CLb2fzxC0jNc6zv5I2lFmhjiDD+noWuPJMZZups9HhP4SCdZsqUa
9zCUkX3/0vNWgxU03+zLMth+XDe5+495ALia2PC0cnYfDLupBBrrvV1+FLzfaw==
-----END CERTIFICATE-----
Generated at Fri Apr 11 07:02:13 2025 by rpki-client