Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/058b2723-0749-41cb-992b-215b81ddf36a.roa
File:                     058b2723-0749-41cb-992b-215b81ddf36a.roa (raw, json)
Hash identifier:          LpUlquIhBOQufX8//j7x4yGhuGKrMBVgrFmqV/xETvk=
Subject key identifier:   2E:B2:84:13:8A:44:4C:49:E2:7C:38:AA:18:82:3B:88:D9:DA:CB:9D
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       215342FFB0A7F66A1265379874490771738C5305
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/058b2723-0749-41cb-992b-215b81ddf36a.roa
Signing time:             Fri 04 Apr 2025 00:20:31 +0000
ROA not before:           Fri 04 Apr 2025 00:20:31 +0000
ROA not after:            Fri 09 May 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0f2:7000::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 06 Apr 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:53:42:ff:b0:a7:f6:6a:12:65:37:98:74:49:07:71:73:8c:53:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Apr  4 00:20:31 2025 GMT
            Not After : May  9 23:59:59 2025 GMT
        Subject: CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:64:49:3e:28:cc:da:3e:1c:f2:c2:f5:85:1e:
                    5e:7f:5a:9f:0f:42:b2:50:35:83:5b:13:4d:cc:17:
                    0f:06:07:82:8c:69:eb:ae:76:7c:0b:90:d4:a5:d8:
                    96:d0:81:40:03:67:c0:ff:b2:c4:37:3b:3d:eb:6e:
                    d5:1f:2f:07:f8:a0:ee:47:65:04:76:53:a8:5d:fc:
                    7b:a9:44:5e:93:2a:f9:2a:a6:0d:33:49:8e:0e:89:
                    ce:b6:d3:2b:d4:3f:14:28:11:15:f3:35:6f:1d:55:
                    cf:36:10:30:21:d7:77:7f:dc:1b:3f:fd:04:cf:d2:
                    e7:99:ab:c9:e6:88:bd:17:7b:7c:36:71:19:4a:e8:
                    23:b6:ed:fe:a2:6f:b4:13:48:d9:38:93:2b:d6:f3:
                    8b:ed:b4:86:df:0c:f6:b8:53:86:ae:68:f7:1e:9f:
                    c8:fa:11:3d:0f:db:fa:ad:40:8e:5e:8f:b0:7f:09:
                    06:4c:b3:92:6a:ab:ef:4a:f2:45:5a:aa:f4:36:a5:
                    a9:79:84:76:14:8b:c9:a9:b2:03:a3:4a:65:65:d2:
                    83:46:a4:b2:39:a3:01:d0:02:3a:3a:f3:9a:3c:e3:
                    16:91:88:8d:46:24:c7:9e:2e:84:f6:08:75:d7:b1:
                    18:1d:d1:22:c2:fb:cf:8b:77:7b:38:3e:e2:53:5d:
                    3c:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:B2:84:13:8A:44:4C:49:E2:7C:38:AA:18:82:3B:88:D9:DA:CB:9D
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/058b2723-0749-41cb-992b-215b81ddf36a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f2:7000::/44

    Signature Algorithm: sha256WithRSAEncryption
         5b:95:ca:45:f3:b7:33:d2:26:00:a5:36:97:e2:0b:9b:27:ce:
         bc:79:34:3d:ef:91:de:d1:9f:16:94:46:65:c1:f3:c0:df:63:
         2c:5f:41:2f:a6:d9:06:4c:18:ee:be:36:a4:3a:f1:7b:a2:8e:
         d0:15:cd:78:38:d4:70:7c:3d:1b:ad:9f:4a:76:ea:db:e1:6e:
         3f:06:ab:c4:75:22:82:3e:e6:77:15:a4:5c:0f:46:fe:62:aa:
         00:fa:4c:b0:bd:1a:72:16:71:4f:53:68:a7:d9:ae:4c:95:2c:
         aa:a5:2e:18:9e:fa:28:f1:10:56:04:f8:cb:cc:cf:6e:6f:62:
         df:c2:5a:2a:bd:2c:81:67:72:bf:c8:88:69:95:e1:f5:b1:82:
         01:c4:6c:cb:4c:d4:39:62:90:55:bf:87:0d:32:3f:26:43:13:
         4e:97:d1:a7:08:57:e8:ff:ba:16:a4:ee:69:4b:62:96:4c:80:
         25:93:80:b7:d1:61:22:2d:05:12:5c:8a:ea:37:0b:9e:4d:43:
         c5:6b:2f:0a:fc:6b:c9:3a:00:4c:f3:7e:da:d2:e0:80:32:5f:
         9a:b9:1b:b4:34:3f:2b:18:87:7f:11:d3:a6:45:8a:f2:1f:60:
         2e:dd:a5:0b:73:ef:bb:1f:8d:c5:36:af:a0:b4:f4:80:5f:42:
         a2:e4:c8:2d
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUIVNC/7Cn9moSZTeYdEkHcXOMUwUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNDA0MDAyMDMxWhcNMjUwNTA5MjM1OTU5
WjB6MUkwRwYDVQQFE0AxYjc1NTMzNzMwZjZiOWM4ZmYxMzAxYTI1ZjNmMWZiMTM5
MWJiNjE2ZTI1MTI4MGU4N2I3N2QyZmFlNWM3YjljMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDQZEk+KMzaPhzywvWFHl5/Wp8PQrJQNYNbE03MFw8GB4KM
aeuudnwLkNSl2JbQgUADZ8D/ssQ3Oz3rbtUfLwf4oO5HZQR2U6hd/HupRF6TKvkq
pg0zSY4Oic620yvUPxQoERXzNW8dVc82EDAh13d/3Bs//QTP0ueZq8nmiL0Xe3w2
cRlK6CO27f6ib7QTSNk4kyvW84vttIbfDPa4U4auaPcen8j6ET0P2/qtQI5ej7B/
CQZMs5Jqq+9K8kVaqvQ2pal5hHYUi8mpsgOjSmVl0oNGpLI5owHQAjo685o84xaR
iI1GJMeeLoT2CHXXsRgd0SLC+8+Ld3s4PuJTXTxVAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQULrKEE4pETEnifDiqGII7iNnay50wHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzA1OGIyNzIzLTA3NDktNDFjYi05OTJiLTIxNWI4MWRkZjM2YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwQmAPDycAAwDQYJKoZIhvcNAQELBQADggEBAFuVykXztzPSJgClNpfiC5sn
zrx5ND3vkd7RnxaURmXB88DfYyxfQS+m2QZMGO6+NqQ68XuijtAVzXg41HB8PRut
n0p26tvhbj8Gq8R1IoI+5ncVpFwPRv5iqgD6TLC9GnIWcU9TaKfZrkyVLKqlLhie
+ijxEFYE+MvMz25vYt/CWiq9LIFncr/IiGmV4fWxggHEbMtM1DlikFW/hw0yPyZD
E06X0acIV+j/uhak7mlLYpZMgCWTgLfRYSItBRJciuo3C55NQ8VrLwr8a8k6AEzz
ftrS4IAyX5q5G7Q0PysYh38R06ZFivIfYC7dpQtz77sfjcU2r6C09IBfQqLkyC0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:42:07 2025 by rpki-client