Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c4d7033d-2443-415e-b118-06f9d052957f.roa
File:                     c4d7033d-2443-415e-b118-06f9d052957f.roa (raw, json)
Hash identifier:          MCmt3eJzlPh7AKw6qmabHDo9jPGDtuaCR/m2AMMPME0=
Subject key identifier:   DC:BB:FA:E2:96:F0:75:0B:32:75:EE:F2:F3:30:F0:2D:2E:88:CC:0A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4347C92BD717B19970047B2315A4BBD626AF9A6B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c4d7033d-2443-415e-b118-06f9d052957f.roa
Signing time:             Fri 24 Jan 2025 00:00:00 +0000
ROA not before:           Fri 24 Jan 2025 00:00:00 +0000
ROA not after:            Fri 28 Feb 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2600:1ff8:2000::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:47:c9:2b:d7:17:b1:99:70:04:7b:23:15:a4:bb:d6:26:af:9a:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 24 00:00:00 2025 GMT
            Not After : Feb 28 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:e3:35:07:32:37:8f:24:68:a6:e6:95:18:29:
                    71:22:68:85:41:8a:6f:80:7e:a2:a5:39:2b:03:db:
                    3d:be:86:56:5d:86:20:f7:74:55:d3:12:d1:bd:fd:
                    28:ae:70:fc:a0:f7:5e:50:01:d8:20:da:4e:ed:6e:
                    17:25:1a:e2:fd:91:8c:71:01:83:8c:4f:e9:54:c4:
                    87:a5:b2:8a:e5:6e:05:3f:aa:2b:5f:b1:dc:03:7b:
                    d9:fc:92:cc:b7:b5:1c:96:38:4c:5f:12:03:00:2b:
                    77:2f:0f:11:1f:3d:ed:69:ca:83:3c:ea:f4:a9:61:
                    d9:65:6b:d2:ab:0b:48:22:59:4a:9a:1a:73:ed:d7:
                    18:d4:cf:f2:c6:d1:0c:31:69:e9:69:98:f2:54:ec:
                    44:6a:39:b8:18:06:04:ad:c6:ac:73:6c:e0:4e:e1:
                    88:ad:cc:32:2b:0e:91:0f:bc:4d:87:41:3f:2a:fb:
                    ef:14:34:b2:e5:2d:29:79:8a:7b:d2:af:3e:9f:df:
                    d7:45:31:8e:49:da:c7:92:82:34:67:63:2b:bd:e4:
                    88:e1:a0:a5:93:42:e6:7d:91:9a:8a:43:2a:6f:16:
                    06:8a:22:72:81:09:ff:30:82:60:d8:aa:71:1a:3d:
                    45:56:42:69:17:1f:df:4c:5c:14:fd:e5:d0:b0:92:
                    91:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:BB:FA:E2:96:F0:75:0B:32:75:EE:F2:F3:30:F0:2D:2E:88:CC:0A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c4d7033d-2443-415e-b118-06f9d052957f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff8:2000::/40

    Signature Algorithm: sha256WithRSAEncryption
         09:ea:07:b9:a7:e6:32:16:dd:89:a1:28:bb:d7:82:3f:8c:c7:
         39:9b:2a:0f:d1:da:de:65:b7:59:a9:ce:dc:f0:60:79:80:43:
         03:5f:2c:dc:65:dc:ec:24:5b:bb:97:47:65:dd:6d:88:ec:cf:
         55:93:5e:6a:cb:7d:f6:32:36:4f:c0:c9:9f:32:e4:ea:e3:28:
         b8:67:1a:41:0a:8f:06:6e:aa:3e:5d:f2:e3:79:f5:db:3b:6a:
         3c:0f:36:d7:b0:f0:20:b2:a9:10:77:46:ef:d8:a5:e4:56:1a:
         ec:61:cd:9a:51:f7:30:f1:dc:06:26:5d:6a:b9:b1:94:f0:53:
         f8:56:70:12:53:4b:a6:02:7b:93:56:17:cc:08:3a:c9:dd:8e:
         b1:61:f4:3f:0c:f0:fa:b9:01:e6:c6:25:cf:87:07:8b:9b:e2:
         15:85:67:cc:f2:9f:6a:35:95:e8:44:11:a3:b3:68:40:dd:08:
         ab:a3:ff:8c:40:ff:e3:ee:67:96:a8:6f:74:24:dd:79:d2:09:
         8d:fe:40:87:58:a0:4c:0b:6f:28:b1:bb:f7:41:b2:7f:a2:ac:
         a9:3a:7e:1c:2d:d7:d1:42:96:7f:e9:30:0e:0f:6c:e4:25:99:
         c8:c7:d9:b1:94:bd:24:0e:3c:bd:63:79:64:c8:b1:3e:e6:f3:
         f4:9c:cf:66
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUQ0fJK9cXsZlwBHsjFaS71iavmmswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTI0MDAwMDAwWhcNMjUwMjI4MjM1OTU5
WjB6MUkwRwYDVQQFE0A1NDU2OWNmOTlmNzAzN2NlODdlZjI2NDZjZWY3MWJkNDE0
YzFmZWRkNjE4MTBhNGFhZjEyYWU4YzgxYzFiZDRiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCV4zUHMjePJGim5pUYKXEiaIVBim+AfqKlOSsD2z2+hlZd
hiD3dFXTEtG9/SiucPyg915QAdgg2k7tbhclGuL9kYxxAYOMT+lUxIelsorlbgU/
qitfsdwDe9n8ksy3tRyWOExfEgMAK3cvDxEfPe1pyoM86vSpYdlla9KrC0giWUqa
GnPt1xjUz/LG0QwxaelpmPJU7ERqObgYBgStxqxzbOBO4YitzDIrDpEPvE2HQT8q
++8UNLLlLSl5invSrz6f39dFMY5J2seSgjRnYyu95IjhoKWTQuZ9kZqKQypvFgaK
InKBCf8wgmDYqnEaPUVWQmkXH99MXBT95dCwkpGzAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU3Lv64pbwdQsyde7y8zDwLS6IzAowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M0ZDcwMzNkLTI0NDMtNDE1ZS1iMTE4LTA2ZjlkMDUyOTU3Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/4IDANBgkqhkiG9w0BAQsFAAOCAQEACeoHuafmMhbdiaEou9eCP4zH
OZsqD9Ha3mW3WanO3PBgeYBDA18s3GXc7CRbu5dHZd1tiOzPVZNeast99jI2T8DJ
nzLk6uMouGcaQQqPBm6qPl3y43n12ztqPA8217DwILKpEHdG79il5FYa7GHNmlH3
MPHcBiZdarmxlPBT+FZwElNLpgJ7k1YXzAg6yd2OsWH0Pwzw+rkB5sYlz4cHi5vi
FYVnzPKfajWV6EQRo7NoQN0Iq6P/jED/4+5nlqhvdCTdedIJjf5Ah1igTAtvKLG7
90Gyf6KsqTp+HC3X0UKWf+kwDg9s5CWZyMfZsZS9JA48vWN5ZMixPubz9JzPZg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 06:24:09 2025 by rpki-client