Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9c515954-c06b-4fbe-bd5b-10154b491b20.roa
File:                     9c515954-c06b-4fbe-bd5b-10154b491b20.roa (raw, json)
Hash identifier:          Kj+6o//MpFoc7ul6ymnbRUQ1i4/f6FwTJC+4BGOQ890=
Subject key identifier:   87:CB:70:59:CA:7F:4C:C1:6D:AE:50:A3:1A:B1:7D:75:73:AC:FE:6A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5FD3EC4D1C09EF4A3203F8C3755A1578AEBA1DE7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9c515954-c06b-4fbe-bd5b-10154b491b20.roa
Signing time:             Wed 05 Feb 2025 00:00:00 +0000
ROA not before:           Wed 05 Feb 2025 00:00:00 +0000
ROA not after:            Wed 12 Mar 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2600:1fb9:2000::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:d3:ec:4d:1c:09:ef:4a:32:03:f8:c3:75:5a:15:78:ae:ba:1d:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb  5 00:00:00 2025 GMT
            Not After : Mar 12 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:a3:d1:e8:43:af:af:dd:58:79:f9:4c:63:f9:
                    47:78:c5:eb:d5:70:ec:87:4e:75:6b:4d:cd:b3:e2:
                    d8:8b:89:ba:c7:9c:84:a2:86:47:4f:16:c2:44:3c:
                    12:d3:04:0f:1e:c0:cf:34:ef:87:30:44:86:cf:cc:
                    0e:32:d3:b0:c7:75:9e:66:82:6f:b4:0a:8c:6c:15:
                    b9:c6:f2:6a:4d:b5:d5:fb:19:b1:14:ff:82:23:5f:
                    e2:07:5f:47:6b:64:69:2e:f3:c0:b6:b5:4b:7f:19:
                    e5:5a:64:d9:51:2e:9d:34:b3:e7:50:0b:a2:d4:28:
                    96:bb:b5:cd:e2:fc:9a:f9:a9:89:b1:3f:11:80:b2:
                    83:e1:1e:46:44:d1:30:ca:f4:8d:b9:a5:64:67:96:
                    9a:12:2e:8e:6c:b2:79:56:51:21:c5:6e:10:82:2a:
                    04:ba:f1:4c:0d:13:3a:89:6a:47:39:92:3c:c1:ca:
                    80:f3:6b:19:f4:93:74:8c:6d:7b:86:83:eb:4d:16:
                    da:5a:e8:7c:a4:55:a2:13:64:75:8b:19:ae:7a:39:
                    d8:f9:17:1e:8b:b5:1f:cf:e4:67:8c:06:19:56:ff:
                    9f:53:d6:76:39:e7:27:70:9c:ec:a3:d4:48:5e:81:
                    71:dd:88:23:49:4b:9e:af:c8:8e:4c:cd:4d:1c:4d:
                    1f:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:CB:70:59:CA:7F:4C:C1:6D:AE:50:A3:1A:B1:7D:75:73:AC:FE:6A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9c515954-c06b-4fbe-bd5b-10154b491b20.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fb9:2000::/40

    Signature Algorithm: sha256WithRSAEncryption
         5e:5c:27:22:e3:b2:e4:9d:e8:28:76:7a:a7:82:22:4c:0e:6f:
         fb:cf:a0:7c:0f:61:56:c3:1c:8d:54:47:3b:25:d8:af:71:b1:
         6e:72:d0:2d:16:16:bd:d0:15:a0:37:4e:fe:da:ab:7e:b2:bf:
         74:48:96:88:6e:a2:4a:b6:d3:86:b3:be:9d:9a:4d:a5:8b:f9:
         d9:a1:42:f6:01:e9:35:42:2b:3c:51:b2:92:47:e6:59:6c:2d:
         4f:14:0a:9b:5c:74:3e:77:d2:11:6b:d6:17:89:90:ea:20:de:
         47:28:ee:52:8d:14:7c:41:2c:4e:09:7f:07:d1:e9:11:8b:1b:
         5a:64:38:af:fa:cd:81:22:82:7e:62:f1:d3:08:96:de:a4:ba:
         28:d8:2a:aa:89:71:ff:72:4e:70:e4:92:2a:d0:5c:73:52:9f:
         f0:79:36:31:9a:76:13:90:c1:06:49:d2:01:17:9e:4f:c3:8c:
         aa:cf:6c:41:c2:2f:76:4f:9b:5a:da:bc:d2:0e:4b:67:37:6e:
         ae:68:75:71:c7:9b:1d:9e:c5:a6:ed:25:a2:da:e7:4b:f4:7f:
         d4:89:b0:4a:8d:85:b6:43:7f:7b:4e:19:d3:5e:1e:7b:18:1d:
         e0:20:46:ba:55:8a:36:0c:da:1e:61:6b:49:70:d4:ac:bf:f3:
         82:e9:ed:62
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUX9PsTRwJ70oyA/jDdVoVeK66HecwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMjA1MDAwMDAwWhcNMjUwMzEyMjM1OTU5
WjB6MUkwRwYDVQQFE0A4ZTI1NjMxNzQzYTJmMmRlM2YxNDBjN2QzNDJjNDFlYzg5
YzViZGNkY2MxYjk4Mzc0N2I4MmRjZmJkOGI4MTNmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDco9HoQ6+v3Vh5+Uxj+Ud4xevVcOyHTnVrTc2z4tiLibrH
nISihkdPFsJEPBLTBA8ewM8074cwRIbPzA4y07DHdZ5mgm+0CoxsFbnG8mpNtdX7
GbEU/4IjX+IHX0drZGku88C2tUt/GeVaZNlRLp00s+dQC6LUKJa7tc3i/Jr5qYmx
PxGAsoPhHkZE0TDK9I25pWRnlpoSLo5ssnlWUSHFbhCCKgS68UwNEzqJakc5kjzB
yoDzaxn0k3SMbXuGg+tNFtpa6HykVaITZHWLGa56Odj5Fx6LtR/P5GeMBhlW/59T
1nY55ydwnOyj1EhegXHdiCNJS56vyI5MzU0cTR8lAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUh8twWcp/TMFtrlCjGrF9dXOs/mowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzljNTE1OTU0LWMwNmItNGZiZS1iZDViLTEwMTU0YjQ5MWIyMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB+5IDANBgkqhkiG9w0BAQsFAAOCAQEAXlwnIuOy5J3oKHZ6p4IiTA5v
+8+gfA9hVsMcjVRHOyXYr3GxbnLQLRYWvdAVoDdO/tqrfrK/dEiWiG6iSrbThrO+
nZpNpYv52aFC9gHpNUIrPFGykkfmWWwtTxQKm1x0PnfSEWvWF4mQ6iDeRyjuUo0U
fEEsTgl/B9HpEYsbWmQ4r/rNgSKCfmLx0wiW3qS6KNgqqolx/3JOcOSSKtBcc1Kf
8Hk2MZp2E5DBBknSAReeT8OMqs9sQcIvdk+bWtq80g5LZzdurmh1ccebHZ7Fpu0l
otrnS/R/1ImwSo2FtkN/e04Z014eexgd4CBGulWKNgzaHmFrSXDUrL/zguntYg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 05:31:41 2025 by rpki-client