Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/ef9566d5-9096-4d00-ac93-f3df448013d9.roa
File:                     ef9566d5-9096-4d00-ac93-f3df448013d9.roa (raw, json)
Hash identifier:          23uIjsSBJo8sBnyPRLr0jmwSVkeLu2Lsaq02xRCeC6Q=
Subject key identifier:   C7:C8:2F:03:8F:F6:39:E5:E8:EE:76:08:C9:28:22:D6:2F:3C:D3:D8
Certificate issuer:       /CN=5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64
Certificate serial:       19235F198ABB817C831C0DA9F10125F6C4534FDD
Authority key identifier: FE:22:E0:F7:22:CC:4F:06:0C:58:5A:12:6F:E6:A2:65:00:36:5E:48
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732/5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/ef9566d5-9096-4d00-ac93-f3df448013d9.roa
Signing time:             Mon 31 Mar 2025 16:10:44 +0000
ROA not before:           Mon 31 Mar 2025 16:10:44 +0000
ROA not after:            Mon 05 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2620:107:3002::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/GCPJMZh-nJw38EAgqrq_m03_m2Q.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/GCPJMZh-nJw38EAgqrq_m03_m2Q.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732/5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732/42b2991f-22c7-42f7-8cf5-4f3138859732.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732/42b2991f-22c7-42f7-8cf5-4f3138859732.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 06 Apr 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:23:5f:19:8a:bb:81:7c:83:1c:0d:a9:f1:01:25:f6:c4:53:4f:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64
        Validity
            Not Before: Mar 31 16:10:44 2025 GMT
            Not After : May  5 23:59:59 2025 GMT
        Subject: CN=71c3876e-b944-4600-92c7-cec33d89523f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:b2:83:61:3e:00:1c:97:6d:a4:e6:c1:20:ee:
                    09:51:e6:13:58:a2:80:90:8d:2e:34:ed:97:42:6b:
                    80:11:f0:52:53:fd:93:53:5c:79:f0:b7:17:88:f7:
                    55:fc:70:18:1d:f8:2a:ca:b5:4d:45:f3:a8:ae:c8:
                    2a:03:57:32:52:f9:3d:35:2b:4d:81:cd:f6:1a:0a:
                    4c:c5:fa:c3:de:7b:1a:0c:f3:ab:62:21:19:ec:1c:
                    f4:79:a4:6c:44:e6:1a:bf:20:f1:3b:b2:7f:0c:af:
                    8b:cb:4d:fb:a9:39:9c:fa:61:51:21:a6:32:37:94:
                    2e:ae:f4:ca:24:ec:39:f6:ba:96:e4:42:bd:bb:7c:
                    ef:74:02:28:61:39:06:34:1c:95:55:5b:54:47:98:
                    01:1d:04:84:6e:aa:32:9e:d1:47:a5:d4:a0:20:5a:
                    92:dd:68:ed:7a:30:37:4f:41:df:c7:df:e9:9f:15:
                    bc:21:a6:2c:2f:67:86:b3:3e:1b:70:0c:f3:d6:9b:
                    c2:a9:ba:dc:41:f6:29:bf:a6:96:63:c0:53:d0:bb:
                    c3:19:10:a2:29:c6:26:fa:80:e6:50:5d:b0:24:a8:
                    03:aa:ce:2b:20:a0:cf:63:d7:f4:bf:d3:67:9e:4f:
                    a5:90:fb:27:ba:70:06:0b:a2:db:d2:00:bb:99:67:
                    dd:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:C8:2F:03:8F:F6:39:E5:E8:EE:76:08:C9:28:22:D6:2F:3C:D3:D8
            X509v3 Authority Key Identifier:
                keyid:FE:22:E0:F7:22:CC:4F:06:0C:58:5A:12:6F:E6:A2:65:00:36:5E:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732/5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/ef9566d5-9096-4d00-ac93-f3df448013d9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/GCPJMZh-nJw38EAgqrq_m03_m2Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2620:107:3002::/48

    Signature Algorithm: sha256WithRSAEncryption
         4b:e5:5b:c4:0f:22:de:26:af:e9:c5:eb:6e:70:3c:ae:2c:07:
         18:3d:72:23:b0:32:b0:cf:71:9c:6d:db:17:c6:24:b5:1b:d9:
         2d:35:d4:32:e0:d7:f1:e9:fd:68:7f:0d:da:7f:a0:77:89:e5:
         c3:9e:57:78:30:11:f0:d2:4b:77:45:13:b6:64:bd:58:a5:64:
         52:34:1f:6b:ff:b4:07:ea:39:cf:8f:17:50:4d:f2:62:91:25:
         6e:37:15:3a:3e:a3:55:24:3d:59:11:9d:5b:0a:70:73:78:dc:
         d1:8d:4b:69:2c:a0:a8:fd:5f:8f:39:91:73:3e:a4:c4:60:90:
         ee:66:2a:6d:ec:9a:d5:dc:03:a9:ee:79:b1:f1:92:b3:43:b8:
         d1:4b:e4:e6:f2:e4:24:53:f1:c6:2c:39:47:87:96:27:3e:da:
         7d:49:9b:5e:20:22:bf:ed:88:82:23:f4:fe:9c:2e:90:70:41:
         33:1b:84:48:94:2a:11:00:18:af:e7:d8:d1:de:70:66:0a:28:
         b0:19:26:8a:03:57:4e:9a:1b:2b:85:1d:49:ff:22:c8:ed:7e:
         08:4c:14:4d:80:48:69:85:bb:a8:c1:e8:5e:04:dd:ef:cd:5d:
         09:d1:cc:3d:5f:b1:cf:70:6a:64:b5:73:49:f2:4d:69:c1:34:
         a1:33:ce:2d
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUGSNfGYq7gXyDHA2p8QEl9sRTT90wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNWQ4MDM4MDVlMjE4MjNjOTMxOTg3ZTljOWMzN2YwNDAy
MGFhYmFiZjliNGRmZjliNjQwHhcNMjUwMzMxMTYxMDQ0WhcNMjUwNTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BmMjY2MDM2MTYzMzUyYWU5ZDU4ZDdkMzZjZjMxYjk1MTM1
MGIxMGQ5OGNlNmVlM2EyMTU2MDgzNmE1ZjNjNDE0MS0wKwYDVQQDEyQ3MWMzODc2
ZS1iOTQ0LTQ2MDAtOTJjNy1jZWMzM2Q4OTUyM2YwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCtsoNhPgAcl22k5sEg7glR5hNYooCQjS407ZdCa4AR8FJT
/ZNTXHnwtxeI91X8cBgd+CrKtU1F86iuyCoDVzJS+T01K02BzfYaCkzF+sPeexoM
86tiIRnsHPR5pGxE5hq/IPE7sn8Mr4vLTfupOZz6YVEhpjI3lC6u9Mok7Dn2upbk
Qr27fO90AihhOQY0HJVVW1RHmAEdBIRuqjKe0Uel1KAgWpLdaO16MDdPQd/H3+mf
FbwhpiwvZ4azPhtwDPPWm8KputxB9im/ppZjwFPQu8MZEKIpxib6gOZQXbAkqAOq
zisgoM9j1/S/02eeT6WQ+ye6cAYLotvSALuZZ929AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUx8gvA4/2OeXo7nYIySgi1i8809gwHwYDVR0jBBgwFoAU/iLg9yLMTwYM
WFoSb+aiZQA2XkgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi80MmIyOTkxZi0y
MmM3LTQyZjctOGNmNS00ZjMxMzg4NTk3MzIvNWQ4MDM4MDVlMjE4MjNjOTMxOTg3
ZTljOWMzN2YwNDAyMGFhYmFiZjliNGRmZjliNjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYTg0MTgyM2MtYTEwZC00NzdjLWJmZGYtNDA4
NmYwYjE1OTRjL2VmOTU2NmQ1LTkwOTYtNGQwMC1hYzkzLWYzZGY0NDgwMTNkOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2E4NDE4MjNjLWExMGQtNDc3Yy1iZmRm
LTQwODZmMGIxNTk0Yy9HQ1BKTVpoLW5KdzM4RUFncXJxX20wM19tMlEuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmIAEHMAIwDQYJKoZIhvcNAQELBQADggEBAEvlW8QPIt4mr+nF625wPK4s
Bxg9ciOwMrDPcZxt2xfGJLUb2S011DLg1/Hp/Wh/Ddp/oHeJ5cOeV3gwEfDSS3dF
E7ZkvVilZFI0H2v/tAfqOc+PF1BN8mKRJW43FTo+o1UkPVkRnVsKcHN43NGNS2ks
oKj9X485kXM+pMRgkO5mKm3smtXcA6nuebHxkrNDuNFL5Oby5CRT8cYsOUeHlic+
2n1Jm14gIr/tiIIj9P6cLpBwQTMbhEiUKhEAGK/n2NHecGYKKLAZJooDV06aGyuF
HUn/IsjtfghMFE2ASGmFu6jB6F4E3e/NXQnRzD1fsc9wamS1c0nyTWnBNKEzzi0=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:00:25 2025 by rpki-client