Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/edeaa5de-ef7b-4bb1-a968-474a4f671798.roa
File:                     edeaa5de-ef7b-4bb1-a968-474a4f671798.roa (raw, json)
Hash identifier:          X2260RxDLhqz3vn5CBM3L14pXtNRU7SiUqsiqt5tj6g=
Subject key identifier:   86:EE:3C:02:0D:F1:D7:CA:01:25:80:80:F3:BB:29:3C:B6:2A:99:23
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5C5F399A2EC470FE6B917A17C0E7E5340BFC4477
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/edeaa5de-ef7b-4bb1-a968-474a4f671798.roa
Signing time:             Fri 24 Jan 2025 00:00:00 +0000
ROA not before:           Fri 24 Jan 2025 00:00:00 +0000
ROA not after:            Fri 28 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f32:4000::/39 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:5f:39:9a:2e:c4:70:fe:6b:91:7a:17:c0:e7:e5:34:0b:fc:44:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 24 00:00:00 2025 GMT
            Not After : Feb 28 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:33:24:ba:a1:da:74:d6:e0:0c:44:e4:63:e9:
                    ce:a3:bc:39:e6:5b:51:15:8f:a9:3f:7e:28:80:7e:
                    23:2c:6c:96:cf:be:4a:d0:56:2b:e6:7f:6f:c1:71:
                    ff:d7:ef:e3:ec:36:dc:58:3c:9f:d6:80:78:25:2c:
                    b9:ba:d8:76:c5:5d:13:49:7b:84:12:8b:ed:ed:14:
                    08:f7:8e:d4:29:52:4a:dd:de:ac:06:4e:1c:f4:07:
                    ca:1b:db:41:3a:84:fc:9c:73:2c:11:39:59:15:2c:
                    ac:7a:ae:6b:41:17:f0:bf:ad:a6:75:f4:be:95:d3:
                    db:d6:70:ad:e4:e8:6e:cd:72:b3:dc:f9:c6:d7:05:
                    f5:0f:9e:9b:6a:d8:2b:02:b0:87:61:53:ab:5b:3a:
                    fe:f1:f2:17:d2:c7:f9:8d:ff:3f:88:fb:c4:f4:47:
                    ec:e6:7e:32:d7:af:43:a3:c4:ec:f6:11:ae:e7:9e:
                    1f:ec:f5:c2:bd:0a:4c:84:31:f6:a3:26:02:3e:6f:
                    1e:08:40:82:4d:1b:bf:fe:aa:fe:f8:90:98:b1:ef:
                    bf:e7:ad:33:63:7f:82:24:5f:47:e1:b7:e3:2c:af:
                    e6:c1:19:55:ff:0b:37:24:90:b0:38:35:c6:bf:11:
                    93:b7:45:d5:64:a1:c2:32:c2:b3:e6:c6:cc:92:24:
                    70:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:EE:3C:02:0D:F1:D7:CA:01:25:80:80:F3:BB:29:3C:B6:2A:99:23
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/edeaa5de-ef7b-4bb1-a968-474a4f671798.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f32:4000::/39

    Signature Algorithm: sha256WithRSAEncryption
         3e:de:20:6c:3a:2c:50:83:28:6c:23:3a:74:2c:db:b9:0b:a0:
         75:94:47:c1:eb:ba:1b:f2:4d:eb:2b:c6:d5:e9:f4:24:ab:e6:
         9e:79:a2:63:74:8e:76:05:1f:5c:63:c4:3f:ac:4e:54:56:2a:
         64:0f:ec:e2:3e:93:24:e7:e3:cd:f1:b8:50:53:62:7a:35:54:
         d8:29:5a:46:f3:08:ff:1d:d8:58:02:42:4e:05:ae:60:b8:bc:
         9a:f7:03:b3:a5:cf:3e:4f:a6:4b:cc:d6:6c:f7:33:aa:89:26:
         d3:a3:71:db:51:c7:74:94:01:cf:19:dd:61:72:41:20:d2:31:
         0a:ba:b4:ad:ab:6c:d4:5c:81:a4:ef:d0:45:9c:6e:76:7f:98:
         d4:b8:16:0c:70:5a:67:09:92:8f:85:84:1f:bd:e2:1f:16:f8:
         73:83:34:69:03:2e:94:65:91:bf:2a:32:a9:ba:4f:e9:00:63:
         ea:eb:ed:44:4d:b9:d1:1c:71:9a:64:59:b4:47:d9:20:d3:bd:
         4a:26:18:18:e1:c1:cd:6a:d8:fe:48:6d:1a:cd:0f:68:fd:e6:
         09:dd:a8:83:47:b6:ad:df:c5:bd:66:f3:df:8c:55:81:27:ec:
         d6:56:34:6a:50:58:1e:79:be:73:45:fe:57:63:82:7c:8e:02:
         f0:02:b3:64
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUXF85mi7EcP5rkXoXwOflNAv8RHcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTI0MDAwMDAwWhcNMjUwMjI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BiNmI0ZmE3NGI4MDdmMTdhZmFhMDA5ZjQ3NDM1YWU2YmUz
ZWQyYmMyNjRjMTJjZGU0MzNmYzlhMTM5YmI2Y2Q3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCoMyS6odp01uAMRORj6c6jvDnmW1EVj6k/fiiAfiMsbJbP
vkrQVivmf2/Bcf/X7+PsNtxYPJ/WgHglLLm62HbFXRNJe4QSi+3tFAj3jtQpUkrd
3qwGThz0B8ob20E6hPyccywROVkVLKx6rmtBF/C/raZ19L6V09vWcK3k6G7NcrPc
+cbXBfUPnptq2CsCsIdhU6tbOv7x8hfSx/mN/z+I+8T0R+zmfjLXr0OjxOz2Ea7n
nh/s9cK9CkyEMfajJgI+bx4IQIJNG7/+qv74kJix77/nrTNjf4IkX0fht+Msr+bB
GVX/CzckkLA4Nca/EZO3RdVkocIywrPmxsySJHABAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUhu48Ag3x18oBJYCA87spPLYqmSMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2VkZWFhNWRlLWVmN2ItNGJiMS1hOTY4LTQ3NGE0ZjY3MTc5OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmAB8yQDANBgkqhkiG9w0BAQsFAAOCAQEAPt4gbDosUIMobCM6dCzbuQug
dZRHweu6G/JN6yvG1en0JKvmnnmiY3SOdgUfXGPEP6xOVFYqZA/s4j6TJOfjzfG4
UFNiejVU2ClaRvMI/x3YWAJCTgWuYLi8mvcDs6XPPk+mS8zWbPczqokm06Nx21HH
dJQBzxndYXJBINIxCrq0rats1FyBpO/QRZxudn+Y1LgWDHBaZwmSj4WEH73iHxb4
c4M0aQMulGWRvyoyqbpP6QBj6uvtRE250RxxmmRZtEfZINO9SiYYGOHBzWrY/kht
Gs0PaP3mCd2og0e2rd/FvWbz34xVgSfs1lY0alBYHnm+c0X+V2OCfI4C8AKzZA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:35:45 2025 by rpki-client