Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/4550dcb5-431c-4b07-9e46-224c71cb2b00.roa
File:                     4550dcb5-431c-4b07-9e46-224c71cb2b00.roa (raw, json)
Hash identifier:          jkMHcEq1rumVANaVL5ORnpCJ5oDbD46eGNxqFW/t7gM=
Subject key identifier:   E9:B1:39:8F:13:85:D6:42:9E:0E:53:3F:F0:CC:50:CD:28:6D:13:28
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       180D67ED5A614F2ADA232FE60E6C84214766E8F9
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/4550dcb5-431c-4b07-9e46-224c71cb2b00.roa
Signing time:             Wed 05 Feb 2025 00:00:00 +0000
ROA not before:           Wed 05 Feb 2025 00:00:00 +0000
ROA not after:            Wed 12 Mar 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0f0:5518::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:0d:67:ed:5a:61:4f:2a:da:23:2f:e6:0e:6c:84:21:47:66:e8:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Feb  5 00:00:00 2025 GMT
            Not After : Mar 12 23:59:59 2025 GMT
        Subject: CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:80:53:8b:42:a2:dc:1d:ac:dc:b2:19:b2:2c:
                    4e:c3:85:30:54:0d:19:16:d5:50:5b:1b:01:b5:d5:
                    64:4c:e4:b3:88:ab:bb:a1:41:11:fe:62:d7:92:f9:
                    58:f8:a4:f7:ef:5b:16:2d:19:af:fe:2b:18:b8:3c:
                    c5:1b:26:bb:28:fe:ba:bf:79:ac:86:6d:78:40:8f:
                    31:12:15:66:a9:03:96:2f:85:6c:00:68:fe:ac:ab:
                    b2:a7:cf:23:18:c6:7d:19:eb:68:3f:82:94:5c:a1:
                    0e:db:98:50:fa:d7:77:dc:80:6e:c6:60:54:e6:ad:
                    a0:00:bb:71:d4:0c:55:03:56:8c:3f:a5:a2:a3:3f:
                    b2:8a:c3:3d:0e:6b:90:3e:68:bf:3b:85:cc:10:46:
                    4a:23:df:6c:3c:b3:e9:de:25:34:41:84:1c:5e:9e:
                    f9:15:f1:2b:53:cf:e4:23:87:4d:e5:59:ac:5d:a9:
                    0c:5c:51:86:5b:02:63:3a:6b:6e:ef:25:3d:e2:d6:
                    dd:40:93:dd:d1:5c:9d:4b:a7:30:c7:b6:a2:36:d5:
                    bd:c7:17:dc:ee:5d:13:60:fa:09:55:49:66:76:0c:
                    12:e1:c0:7d:f6:99:db:47:8f:3b:c6:0a:72:82:32:
                    19:54:a6:5c:13:35:1f:e3:ba:68:7d:1c:25:8c:a9:
                    d6:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:B1:39:8F:13:85:D6:42:9E:0E:53:3F:F0:CC:50:CD:28:6D:13:28
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/4550dcb5-431c-4b07-9e46-224c71cb2b00.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:5518::/48

    Signature Algorithm: sha256WithRSAEncryption
         a1:50:e9:54:2b:f3:1e:3d:44:af:aa:40:5b:3f:0f:7b:13:0d:
         1b:71:65:f3:75:3e:d8:a2:2a:df:2c:f4:cd:e9:f3:39:50:7d:
         47:56:e6:f8:89:fc:76:38:54:95:b7:50:96:81:2a:07:5a:9e:
         65:49:9e:eb:01:25:04:8c:46:f6:97:53:e9:cb:d6:b6:0e:c6:
         9d:9a:88:41:11:c9:ed:57:04:b8:2b:81:8a:72:3a:3e:8e:82:
         c3:39:56:d0:dc:a3:1f:e7:23:2b:60:2b:8b:96:b9:37:68:65:
         67:11:ba:66:bd:19:f2:b0:57:64:bb:71:ab:5c:8f:f0:9b:ae:
         b9:f1:d7:85:be:f7:94:59:a2:17:8b:2a:1f:c1:b4:80:42:b2:
         63:2c:d1:2c:f0:26:77:51:cc:c9:5f:b8:c4:79:a2:4c:5a:31:
         a9:d2:fa:d9:e7:1c:f8:6c:67:4e:02:13:60:e5:f0:5b:dc:ea:
         75:a7:3f:13:7d:be:5c:57:61:96:ef:34:41:6d:5f:83:70:03:
         da:8a:d6:3b:e6:18:f8:a6:7d:00:e9:70:1b:b5:59:9b:a2:58:
         38:09:2c:f4:0f:4f:f6:a9:c1:a3:5c:7c:b8:a1:47:81:db:04:
         c2:d1:8e:8e:bc:d8:b2:76:92:34:e4:5d:cd:0f:ce:39:7b:06:
         15:ff:ed:e7
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUGA1n7VphTyraIy/mDmyEIUdm6PkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMjA1MDAwMDAwWhcNMjUwMzEyMjM1OTU5
WjB6MUkwRwYDVQQFE0AzY2ZmNDY2ODU1ZjQwZTdlNTg1YTFkNWUzMjNjZTRmYThh
MWEzZmQ0ZmYyMGFjNWNmYTVmN2Y3NDY0ZjdjNmQ1MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCogFOLQqLcHazcshmyLE7DhTBUDRkW1VBbGwG11WRM5LOI
q7uhQRH+YteS+Vj4pPfvWxYtGa/+Kxi4PMUbJrso/rq/eayGbXhAjzESFWapA5Yv
hWwAaP6sq7KnzyMYxn0Z62g/gpRcoQ7bmFD613fcgG7GYFTmraAAu3HUDFUDVow/
paKjP7KKwz0Oa5A+aL87hcwQRkoj32w8s+neJTRBhBxenvkV8StTz+Qjh03lWaxd
qQxcUYZbAmM6a27vJT3i1t1Ak93RXJ1LpzDHtqI21b3HF9zuXRNg+glVSWZ2DBLh
wH32mdtHjzvGCnKCMhlUplwTNR/jumh9HCWMqdZDAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU6bE5jxOF1kKeDlM/8MxQzShtEygwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzQ1NTBkY2I1LTQzMWMtNGIwNy05ZTQ2LTIyNGM3MWNiMmIwMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVRgwDQYJKoZIhvcNAQELBQADggEBAKFQ6VQr8x49RK+qQFs/D3sT
DRtxZfN1PtiiKt8s9M3p8zlQfUdW5viJ/HY4VJW3UJaBKgdanmVJnusBJQSMRvaX
U+nL1rYOxp2aiEERye1XBLgrgYpyOj6OgsM5VtDcox/nIytgK4uWuTdoZWcRuma9
GfKwV2S7catcj/Cbrrnx14W+95RZoheLKh/BtIBCsmMs0SzwJndRzMlfuMR5okxa
ManS+tnnHPhsZ04CE2Dl8Fvc6nWnPxN9vlxXYZbvNEFtX4NwA9qK1jvmGPimfQDp
cBu1WZuiWDgJLPQPT/apwaNcfLihR4HbBMLRjo682LJ2kjTkXc0Pzjl7BhX/7ec=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:30:17 2025 by rpki-client