Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/9e1e47e0-3b2f-41ac-80ad-9b08d4353fd1.roa
File:                     9e1e47e0-3b2f-41ac-80ad-9b08d4353fd1.roa (raw, json)
Hash identifier:          X/xMuKwXyZOa0kUy7R5y1Shmc7RywsLCzPLbzoZvdYQ=
Subject key identifier:   53:E0:F9:B2:11:62:2B:50:62:20:28:43:DB:98:0B:BB:67:E0:DA:9D
Certificate issuer:       /CN=c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04
Certificate serial:       2E420A066101A8D5991F76AF851A021D21CFDDE6
Authority key identifier: 99:C3:54:4C:08:C9:94:54:B8:79:95:1E:FF:A4:7A:8F:63:C8:A7:77
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/9e1e47e0-3b2f-41ac-80ad-9b08d4353fd1.roa
Signing time:             Fri 07 Feb 2025 00:00:00 +0000
ROA not before:           Fri 07 Feb 2025 00:00:00 +0000
ROA not after:            Fri 14 Mar 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        96.127.2.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/77b56428-9b52-416f-b279-bbae14422de2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/77b56428-9b52-416f-b279-bbae14422de2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 13 Feb 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:42:0a:06:61:01:a8:d5:99:1f:76:af:85:1a:02:1d:21:cf:dd:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04
        Validity
            Not Before: Feb  7 00:00:00 2025 GMT
            Not After : Mar 14 23:59:59 2025 GMT
        Subject: CN=0099a7ea-794a-4a28-b164-49547626eb11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:74:dd:64:4f:cf:9d:c9:38:1a:02:76:b4:90:
                    23:c1:09:a9:a7:1c:39:3b:74:04:64:38:87:bd:99:
                    81:88:f4:c5:a1:b9:7b:67:6f:03:16:7b:bb:d9:a3:
                    87:8a:c7:aa:38:5d:b0:44:1b:b9:eb:49:88:42:80:
                    07:d8:6c:87:2e:89:16:89:67:cd:90:80:f9:92:49:
                    27:85:05:da:2c:96:91:17:82:01:0a:e6:2e:86:8c:
                    9b:ed:25:21:1d:69:49:66:e6:86:70:4c:01:2e:bc:
                    05:89:c4:99:8b:55:7e:bf:e6:d4:62:6b:2e:fd:95:
                    f8:21:ff:77:2b:42:0d:0a:58:51:71:4f:32:57:1f:
                    7d:c7:3b:b8:f0:4d:96:50:16:ff:b7:12:ad:bb:42:
                    e6:12:80:fd:1b:70:42:51:18:59:47:87:8e:10:35:
                    fb:f7:b3:80:bf:6b:a3:17:9e:4a:4d:b4:cf:d7:c7:
                    cd:c6:44:9e:f1:f8:30:86:c5:79:a3:b7:50:b4:6d:
                    f5:b0:12:17:ba:72:74:3e:22:04:0a:28:63:f2:f8:
                    ba:15:45:f7:66:32:2a:04:83:b2:2b:14:d1:2c:14:
                    f0:ec:f6:a6:cf:42:65:9f:41:e0:c6:2e:47:f4:68:
                    9c:43:4e:eb:eb:ac:ee:72:54:00:58:82:2c:17:32:
                    0a:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:E0:F9:B2:11:62:2B:50:62:20:28:43:DB:98:0B:BB:67:E0:DA:9D
            X509v3 Authority Key Identifier:
                keyid:99:C3:54:4C:08:C9:94:54:B8:79:95:1E:FF:A4:7A:8F:63:C8:A7:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/9e1e47e0-3b2f-41ac-80ad-9b08d4353fd1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  96.127.2.0/23

    Signature Algorithm: sha256WithRSAEncryption
         72:9f:32:b3:39:f1:58:1d:f3:df:6f:5d:b4:d1:61:ba:38:93:
         ba:7e:6b:9c:f6:f1:56:bc:b1:c9:45:8e:38:ee:36:86:05:4e:
         17:b6:ec:41:0d:02:01:b5:d0:7d:f6:60:dd:ae:23:3c:63:e8:
         08:c0:f1:f9:57:39:7c:8a:84:29:bb:c1:57:d3:10:24:9a:52:
         b9:7e:db:ec:06:57:56:46:4c:22:0c:a8:6d:2b:16:3d:41:c2:
         3b:4b:59:ad:54:ef:c0:e5:6c:8a:c4:b4:a4:0e:30:c6:de:d1:
         f2:d0:b1:aa:42:35:8e:5a:2f:9b:6e:3c:c9:a2:ba:86:03:ed:
         86:85:c3:75:1b:dc:04:60:71:32:2a:07:d6:cc:2f:97:92:57:
         2e:58:71:d4:41:ed:da:34:b9:57:b4:a6:84:f1:43:55:f9:35:
         5f:d4:df:9a:1a:92:2f:d9:96:40:c3:bd:f1:c7:f3:d2:ad:7e:
         26:3b:d5:9d:e4:42:d6:d5:94:ed:a5:e6:d1:23:04:8e:e4:3b:
         84:b4:42:c7:d1:f8:b9:5f:85:5b:46:ef:6a:23:6a:6a:6f:9f:
         f6:ce:be:28:06:87:6b:1a:68:e5:ac:74:a0:42:c0:d2:2a:d9:
         9f:c4:66:e2:26:52:3a:d8:6b:b2:22:a4:f9:28:1a:c8:05:4c:
         41:bd:16:84
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULkIKBmEBqNWZH3avhRoCHSHP3eYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzA1Njc2YzczM2ZkOGNjYWU1YmU2M2I5MmJkZGM5MGI3
YTViNzRlNjk0NDljMWViMDQwHhcNMjUwMjA3MDAwMDAwWhcNMjUwMzE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BhOTlmYTY4ZjI2NzMxZDZlOTA5OTFiOTU1YTFmZWFmYmUz
NWRkMjNkZWIxZmNkN2JhY2VhOWU1NDhlNDcwODUwMS0wKwYDVQQDEyQwMDk5YTdl
YS03OTRhLTRhMjgtYjE2NC00OTU0NzYyNmViMTEwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCfdN1kT8+dyTgaAna0kCPBCamnHDk7dARkOIe9mYGI9MWh
uXtnbwMWe7vZo4eKx6o4XbBEG7nrSYhCgAfYbIcuiRaJZ82QgPmSSSeFBdoslpEX
ggEK5i6GjJvtJSEdaUlm5oZwTAEuvAWJxJmLVX6/5tRiay79lfgh/3crQg0KWFFx
TzJXH33HO7jwTZZQFv+3Eq27QuYSgP0bcEJRGFlHh44QNfv3s4C/a6MXnkpNtM/X
x83GRJ7x+DCGxXmjt1C0bfWwEhe6cnQ+IgQKKGPy+LoVRfdmMioEg7IrFNEsFPDs
9qbPQmWfQeDGLkf0aJxDTuvrrO5yVABYgiwXMgoVAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUU+D5shFiK1BiIChD25gLu2fg2p0wHwYDVR0jBBgwFoAUmcNUTAjJlFS4
eZUe/6R6j2PIp3cwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi83N2I1NjQyOC05
YjUyLTQxNmYtYjI3OS1iYmFlMTQ0MjJkZTIvYzA1Njc2YzczM2ZkOGNjYWU1YmU2
M2I5MmJkZGM5MGI3YTViNzRlNjk0NDljMWViMDQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNDI1ODJjNjctZGQzZi00YmM1LWJhNjAtZTk3
ZTU1MmM2ZTM1LzllMWU0N2UwLTNiMmYtNDFhYy04MGFkLTliMDhkNDM1M2ZkMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzQyNTgyYzY3LWRkM2YtNGJjNS1iYTYw
LWU5N2U1NTJjNmUzNS9fWXpLNWI1anVTdmR5UXQ2VzNUbWxFbkI2d1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFgfwIwDQYJKoZIhvcNAQELBQADggEBAHKfMrM58Vgd899vXbTRYbo4k7p+
a5z28Va8sclFjjjuNoYFThe27EENAgG10H32YN2uIzxj6AjA8flXOXyKhCm7wVfT
ECSaUrl+2+wGV1ZGTCIMqG0rFj1BwjtLWa1U78DlbIrEtKQOMMbe0fLQsapCNY5a
L5tuPMmiuoYD7YaFw3Ub3ARgcTIqB9bML5eSVy5YcdRB7do0uVe0poTxQ1X5NV/U
35oaki/ZlkDDvfHH89KtfiY71Z3kQtbVlO2l5tEjBI7kO4S0QsfR+LlfhVtG72oj
ampvn/bOvigGh2saaOWsdKBCwNIq2Z/EZuImUjrYa7IipPkoGsgFTEG9FoQ=
-----END CERTIFICATE-----
Generated at Mon Feb 10 16:47:55 2025 by rpki-client