Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/c65fb944-4736-4fcb-995f-7e41be7b9d90.roa
File:                     c65fb944-4736-4fcb-995f-7e41be7b9d90.roa (raw, json)
Hash identifier:          UY8wXcpMpcomn7x6yIh02JipQ21D45mQiYp6hvrwJVY=
Subject key identifier:   6C:9F:5B:06:B6:6F:87:88:91:50:E6:6F:6C:4C:9B:09:E3:32:9A:B2
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       6CD35CEEA6DC828C9206B16C7088295EF2ECB11F
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/c65fb944-4736-4fcb-995f-7e41be7b9d90.roa
Signing time:             Wed 12 Mar 2025 20:22:18 +0000
ROA not before:           Wed 12 Mar 2025 20:22:18 +0000
ROA not after:            Wed 16 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:c60::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 06 Apr 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:d3:5c:ee:a6:dc:82:8c:92:06:b1:6c:70:88:29:5e:f2:ec:b1:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Mar 12 20:22:18 2025 GMT
            Not After : Apr 16 23:59:59 2025 GMT
        Subject: CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:87:6a:28:a2:a5:64:7a:3e:41:a9:2a:d6:e2:
                    93:33:ac:1e:0f:ab:bd:67:1a:02:53:e1:36:44:2f:
                    37:69:b4:62:58:65:ec:03:56:9c:4d:68:f8:12:a3:
                    51:80:e1:0a:14:25:86:3a:34:90:51:e1:b8:83:b5:
                    2f:78:18:f3:4c:28:9a:c3:e7:ae:98:ff:11:6f:d8:
                    12:98:58:18:4b:29:b6:7f:0a:e9:fe:5e:13:e0:de:
                    bd:b7:7f:aa:a8:55:fd:3a:5a:d7:ef:b7:9b:f9:70:
                    34:48:5b:82:c8:40:78:7a:b7:f5:e8:c2:ea:80:6e:
                    97:46:4d:02:bb:03:54:43:24:b5:b2:1f:57:be:45:
                    27:e0:b9:c9:3e:d0:0d:e4:34:d3:b1:ac:c2:73:19:
                    54:50:13:32:66:f8:7c:82:15:91:43:2f:2f:60:87:
                    a9:67:08:af:39:b6:83:3d:d2:d7:8a:1a:76:e8:14:
                    59:10:0f:87:34:7b:80:3c:83:10:20:57:ce:15:68:
                    d0:0d:87:24:45:c4:10:31:d9:88:14:e9:79:1c:6b:
                    39:d3:3c:0a:ab:66:2b:26:0f:d9:ad:09:25:59:63:
                    a6:6d:62:e7:fc:1d:f5:2a:b2:ce:c7:b7:a4:25:3b:
                    fc:44:2d:ce:66:3d:be:e9:ec:36:ea:f6:81:e1:2e:
                    0f:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:9F:5B:06:B6:6F:87:88:91:50:E6:6F:6C:4C:9B:09:E3:32:9A:B2
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/c65fb944-4736-4fcb-995f-7e41be7b9d90.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:c60::/44

    Signature Algorithm: sha256WithRSAEncryption
         9e:81:c5:be:f5:03:23:67:50:ed:43:1b:c8:e3:7a:77:42:3c:
         43:6f:aa:b7:aa:62:36:0f:df:47:3e:e2:fb:5b:97:6c:87:95:
         f7:3f:99:54:95:09:cd:78:2b:69:15:03:39:a2:a8:04:9d:0e:
         3a:0d:4e:51:ad:c4:a0:84:b7:3d:1a:f0:7a:47:ac:24:07:5e:
         ba:4f:36:02:c1:f7:23:8b:9d:48:64:e6:b3:89:bf:84:69:32:
         b5:12:3d:57:db:05:fd:57:23:5d:b1:f4:d5:59:94:23:97:ad:
         4c:22:a6:e6:bd:fe:25:63:a8:09:56:44:bb:75:70:f2:39:a7:
         2a:28:2e:42:96:45:08:c9:28:d6:2e:cc:56:e0:55:a1:40:cc:
         7b:69:3e:66:8c:19:62:df:ab:50:b6:ed:96:26:46:26:11:0f:
         9d:ea:44:01:21:77:e1:c9:e8:65:10:43:3b:c6:fc:91:cf:6e:
         fc:ba:93:c5:72:05:c9:64:bc:5f:6e:b7:0d:07:a0:7f:4a:af:
         a5:00:b4:b3:1e:28:8c:70:d3:1d:16:77:46:43:a5:48:c6:a7:
         c6:7b:63:b2:de:98:48:3a:c7:00:19:bf:0f:9d:65:e9:de:e8:
         a0:f1:72:08:17:d8:8d:31:66:ba:2c:7d:d6:57:de:c5:13:6f:
         0c:99:39:8f
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUbNNc7qbcgoySBrFscIgpXvLssR8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwMzEyMjAyMjE4WhcNMjUwNDE2MjM1OTU5
WjB6MUkwRwYDVQQFE0AxNWNmNGVlY2I3M2VhNjIwOGQwYzhlNjNlOWZmMmQxMTBk
ZGNiYzBkNjQzZTVkY2VmNGQwNzdhMmI4YmVkOGY3MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDbh2oooqVkej5BqSrW4pMzrB4Pq71nGgJT4TZELzdptGJY
ZewDVpxNaPgSo1GA4QoUJYY6NJBR4biDtS94GPNMKJrD566Y/xFv2BKYWBhLKbZ/
Cun+XhPg3r23f6qoVf06Wtfvt5v5cDRIW4LIQHh6t/XowuqAbpdGTQK7A1RDJLWy
H1e+RSfguck+0A3kNNOxrMJzGVRQEzJm+HyCFZFDLy9gh6lnCK85toM90teKGnbo
FFkQD4c0e4A8gxAgV84VaNANhyRFxBAx2YgU6XkcaznTPAqrZismD9mtCSVZY6Zt
Yuf8HfUqss7Ht6QlO/xELc5mPb7p7Dbq9oHhLg/LAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUbJ9bBrZvh4iRUOZvbEybCeMymrIwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2M2NWZiOTQ0LTQ3MzYtNGZjYi05OTVmLTdlNDFiZTdiOWQ5MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwQmBZzADGAwDQYJKoZIhvcNAQELBQADggEBAJ6Bxb71AyNnUO1DG8jjendC
PENvqreqYjYP30c+4vtbl2yHlfc/mVSVCc14K2kVAzmiqASdDjoNTlGtxKCEtz0a
8HpHrCQHXrpPNgLB9yOLnUhk5rOJv4RpMrUSPVfbBf1XI12x9NVZlCOXrUwipua9
/iVjqAlWRLt1cPI5pyooLkKWRQjJKNYuzFbgVaFAzHtpPmaMGWLfq1C27ZYmRiYR
D53qRAEhd+HJ6GUQQzvG/JHPbvy6k8VyBclkvF9utw0HoH9Kr6UAtLMeKIxw0x0W
d0ZDpUjGp8Z7Y7LemEg6xwAZvw+dZene6KDxcggX2I0xZrosfdZX3sUTbwyZOY8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:21:15 2025 by rpki-client