Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4b5640d4-2dff-44f8-a1c3-a9a1475d9866.roa
File:                     4b5640d4-2dff-44f8-a1c3-a9a1475d9866.roa (raw, json)
Hash identifier:          bH+pnExhBSa5C7Ca1wrp74b+exzPT/D70rcR+xT8AgU=
Subject key identifier:   82:ED:10:A1:DC:4A:81:6C:F3:5C:CD:59:BC:D2:C5:6C:61:1A:E7:63
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7991FDC3895CCC89942E3677599D94CCAB41920C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4b5640d4-2dff-44f8-a1c3-a9a1475d9866.roa
Signing time:             Wed 05 Feb 2025 00:00:00 +0000
ROA not before:           Wed 05 Feb 2025 00:00:00 +0000
ROA not after:            Wed 12 Mar 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2600:1f30:2000::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:91:fd:c3:89:5c:cc:89:94:2e:36:77:59:9d:94:cc:ab:41:92:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb  5 00:00:00 2025 GMT
            Not After : Mar 12 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:fe:0d:d5:58:07:74:f4:46:92:ce:81:1b:3d:
                    8c:49:84:89:38:2b:c0:c8:97:8f:0e:aa:e4:6a:e7:
                    ca:58:25:55:3e:77:78:55:66:0f:23:9c:fb:65:e4:
                    4c:e9:a7:1f:ae:04:71:3c:e6:f0:0d:08:f3:2b:0d:
                    16:0e:b6:fe:44:c0:a6:a7:ec:5d:1c:cc:54:b1:01:
                    45:6a:9f:d8:b4:c1:97:87:3d:3d:ac:45:27:4d:09:
                    68:cd:7d:b6:1c:a7:66:c5:dd:4a:57:83:53:96:c8:
                    8e:88:10:01:8a:73:67:1b:d5:bb:19:22:bd:d9:79:
                    21:32:b4:30:00:7c:b5:2b:14:e5:b6:0d:cc:6d:16:
                    98:59:d4:4c:90:3d:55:e1:10:30:24:40:ba:a5:3e:
                    75:91:0b:65:5c:78:d5:86:2d:c9:41:50:c2:2a:be:
                    77:3c:b4:02:86:b0:45:20:bd:b0:30:7a:ba:80:a7:
                    d5:27:04:53:ac:a9:c1:17:74:b7:79:2b:4f:f7:8d:
                    d0:1c:4e:1a:b6:b1:21:3f:76:15:37:aa:48:6a:52:
                    e1:c6:a9:53:c5:64:c3:65:85:03:aa:9f:be:4e:ab:
                    b5:d1:f0:3b:f4:dc:0a:68:42:4e:52:1a:c2:20:ee:
                    67:ce:62:68:dc:f9:0c:bd:5c:3d:ac:c7:44:54:38:
                    20:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:ED:10:A1:DC:4A:81:6C:F3:5C:CD:59:BC:D2:C5:6C:61:1A:E7:63
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4b5640d4-2dff-44f8-a1c3-a9a1475d9866.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f30:2000::/40

    Signature Algorithm: sha256WithRSAEncryption
         d3:9f:f9:41:c3:04:f8:b9:6d:f8:7c:f5:d4:75:90:7b:19:67:
         aa:4c:da:e1:c2:8f:c0:40:d2:c0:d6:0f:36:fc:0a:ce:12:24:
         ef:16:75:76:f1:e9:59:75:4d:da:ea:f2:56:bd:c4:28:ba:cd:
         85:7e:7f:87:fe:12:38:1f:bb:68:ee:bc:41:a2:af:d4:e0:bf:
         78:b0:76:ff:48:7a:b5:55:21:fa:4a:6b:5a:86:78:bf:3c:61:
         4f:8c:d4:88:fc:12:51:3d:9d:c1:e9:d3:33:c2:8c:bf:28:33:
         b3:d3:a5:19:3a:01:21:94:53:12:3e:cf:c3:ad:69:39:b9:3c:
         45:b7:9b:ad:8c:82:f3:1f:a8:c9:8e:a9:3d:8a:5d:45:09:2f:
         a8:84:8e:39:d8:8b:d6:21:d1:14:5b:76:20:2e:af:34:c0:f4:
         f3:c5:21:ca:77:55:1b:ff:28:d4:57:0c:41:12:c4:ef:cb:a7:
         1f:9d:e5:e8:21:9d:99:a5:1d:de:4d:2f:01:f5:5a:94:df:76:
         ec:35:83:ad:f0:e9:e1:88:bf:2c:b0:11:bb:06:39:03:d5:c2:
         f6:83:f4:7a:be:06:f0:85:98:2f:3f:71:c7:1a:b1:bb:c4:26:
         bc:33:12:2c:0c:7c:66:87:69:a9:54:0f:c7:30:7d:4e:b7:c1:
         ff:16:90:44
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUeZH9w4lczImULjZ3WZ2UzKtBkgwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMjA1MDAwMDAwWhcNMjUwMzEyMjM1OTU5
WjB6MUkwRwYDVQQFE0A4YTQwZjZkNmUwZTVkMzYxYzc2MzQ4Mjc1MzM3ODU3MWU5
ZWNmZjlmNTNlZGY2MWVlMjI4MjMxNjAxZGM4NGEwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCY/g3VWAd09EaSzoEbPYxJhIk4K8DIl48OquRq58pYJVU+
d3hVZg8jnPtl5Ezppx+uBHE85vANCPMrDRYOtv5EwKan7F0czFSxAUVqn9i0wZeH
PT2sRSdNCWjNfbYcp2bF3UpXg1OWyI6IEAGKc2cb1bsZIr3ZeSEytDAAfLUrFOW2
DcxtFphZ1EyQPVXhEDAkQLqlPnWRC2VceNWGLclBUMIqvnc8tAKGsEUgvbAwerqA
p9UnBFOsqcEXdLd5K0/3jdAcThq2sSE/dhU3qkhqUuHGqVPFZMNlhQOqn75Oq7XR
8Dv03ApoQk5SGsIg7mfOYmjc+Qy9XD2sx0RUOCDhAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUgu0QodxKgWzzXM1ZvNLFbGEa52MwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRiNTY0MGQ0LTJkZmYtNDRmOC1hMWMzLWE5YTE0NzVkOTg2Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB8wIDANBgkqhkiG9w0BAQsFAAOCAQEA05/5QcME+Llt+Hz11HWQexln
qkza4cKPwEDSwNYPNvwKzhIk7xZ1dvHpWXVN2uryVr3EKLrNhX5/h/4SOB+7aO68
QaKv1OC/eLB2/0h6tVUh+kprWoZ4vzxhT4zUiPwSUT2dwenTM8KMvygzs9OlGToB
IZRTEj7Pw61pObk8RbebrYyC8x+oyY6pPYpdRQkvqISOOdiL1iHRFFt2IC6vNMD0
88UhyndVG/8o1FcMQRLE78unH53l6CGdmaUd3k0vAfValN927DWDrfDp4Yi/LLAR
uwY5A9XC9oP0er4G8IWYLz9xxxqxu8QmvDMSLAx8ZodpqVQPxzB9TrfB/xaQRA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 06:03:40 2025 by rpki-client