Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/789a1aef-77f7-4108-9d41-1a97c18e12cb.roa
File:                     789a1aef-77f7-4108-9d41-1a97c18e12cb.roa (raw, json)
Hash identifier:          yEbTY92NfejXDuZgnf2ggkFhhrWgdqKPIHtd5E9fhIw=
Subject key identifier:   DC:AA:D7:F1:9F:34:3C:01:D5:35:09:A2:AD:B4:ED:95:8B:D6:73:38
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       2504681C9E429530690CD2602522F6EC9D1BD62D
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/789a1aef-77f7-4108-9d41-1a97c18e12cb.roa
Signing time:             Wed 05 Feb 2025 00:00:00 +0000
ROA not before:           Wed 05 Feb 2025 00:00:00 +0000
ROA not after:            Wed 12 Mar 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f00c::/39 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:04:68:1c:9e:42:95:30:69:0c:d2:60:25:22:f6:ec:9d:1b:d6:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Feb  5 00:00:00 2025 GMT
            Not After : Mar 12 23:59:59 2025 GMT
        Subject: CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:e8:43:a6:9a:c2:12:37:7d:77:b3:75:2f:d8:
                    3d:35:b1:12:f6:86:94:5e:d4:c6:e8:66:2f:2a:99:
                    e9:7f:9b:85:62:83:a1:67:43:79:72:32:b8:f1:d8:
                    53:28:76:a3:d8:5b:4b:9e:ab:fa:3a:0f:cc:73:73:
                    1e:d5:2a:0b:69:d2:6b:20:fe:04:4f:f8:12:d0:bd:
                    a3:15:63:ca:a1:04:67:29:9f:0e:ec:25:da:cd:69:
                    79:c7:83:06:b2:49:1b:f4:c7:3d:ee:44:36:0a:9e:
                    57:c7:cd:cd:07:b2:ff:e6:1c:1b:ab:c3:27:45:b4:
                    ca:71:51:c8:fa:c7:8e:3d:2e:23:10:29:2c:0c:6e:
                    62:17:d4:ab:29:d8:a5:bb:8d:cc:0d:4b:49:d3:62:
                    9a:e7:c5:63:ff:d5:8e:de:12:a3:91:7f:7d:4e:76:
                    fb:44:ce:04:8d:d9:5b:86:61:6d:a4:6d:2b:ed:70:
                    f5:bd:6d:e1:4e:06:d8:4a:d6:83:07:86:c9:53:d0:
                    8b:d8:20:95:48:3a:7b:f5:e6:e9:60:da:83:e7:07:
                    52:60:28:c8:76:be:6b:1d:7a:92:1b:9c:5c:ab:da:
                    f2:51:06:61:d1:7f:e7:8f:16:3d:60:e0:5e:81:2a:
                    f0:34:62:d0:96:1a:3f:91:bf:c0:05:d9:77:9d:27:
                    d3:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:AA:D7:F1:9F:34:3C:01:D5:35:09:A2:AD:B4:ED:95:8B:D6:73:38
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/789a1aef-77f7-4108-9d41-1a97c18e12cb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f00c::/39

    Signature Algorithm: sha256WithRSAEncryption
         6e:89:c6:cb:5c:8d:3f:26:a5:f1:57:ae:1b:3c:b0:32:04:7d:
         f8:72:da:ea:99:28:48:a8:49:70:78:fa:12:b0:ac:da:4f:33:
         0b:70:02:d4:30:d6:14:74:69:66:2b:53:7e:f1:e4:82:66:26:
         04:17:55:91:46:b4:c4:f5:85:20:b6:9b:0a:7a:b0:a3:f2:8f:
         f4:dc:82:5f:f1:63:93:75:81:9e:23:c2:96:36:a4:36:c3:89:
         81:07:59:78:35:ad:db:2c:a0:6e:ed:7d:b2:5d:82:c0:c0:f0:
         a2:48:b6:2e:0d:2a:f3:08:4c:f2:75:72:7c:0f:b0:b3:70:d1:
         41:45:8e:2c:1c:c1:25:b7:09:06:0d:92:da:02:e8:bc:d4:b0:
         f7:14:37:34:1e:0a:63:7d:63:d2:2c:ec:55:47:a4:4a:20:d8:
         37:cb:a3:b1:d6:5d:f1:20:84:6d:48:d5:5b:f5:5d:2a:f9:52:
         a8:23:b1:8a:0e:f6:21:a2:bc:35:cd:46:3f:d0:73:a9:b8:98:
         55:df:f5:f0:85:48:82:26:0f:8f:b1:b0:9e:70:4c:82:ca:df:
         17:56:91:17:fd:a9:fe:e7:8a:8c:c7:d2:7e:27:f1:0d:bc:f7:
         77:fc:35:0c:d5:9b:c1:04:a2:a4:56:62:f4:9e:ea:c2:24:f2:
         8d:85:47:81
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUJQRoHJ5ClTBpDNJgJSL27J0b1i0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMjA1MDAwMDAwWhcNMjUwMzEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BjZGU5ODg3ZjdjM2ZlYjkwY2VlZTQyOGYyMzllNTMwM2Jh
MzlkYjVjNzE4NmFmM2EzOGQ3ODZhMzM1ZGJiYzRmMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCQ6EOmmsISN313s3Uv2D01sRL2hpRe1MboZi8qmel/m4Vi
g6FnQ3lyMrjx2FModqPYW0ueq/o6D8xzcx7VKgtp0msg/gRP+BLQvaMVY8qhBGcp
nw7sJdrNaXnHgwaySRv0xz3uRDYKnlfHzc0Hsv/mHBurwydFtMpxUcj6x449LiMQ
KSwMbmIX1Ksp2KW7jcwNS0nTYprnxWP/1Y7eEqORf31OdvtEzgSN2VuGYW2kbSvt
cPW9beFOBthK1oMHhslT0IvYIJVIOnv15ulg2oPnB1JgKMh2vmsdepIbnFyr2vJR
BmHRf+ePFj1g4F6BKvA0YtCWGj+Rv8AF2XedJ9NHAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU3KrX8Z80PAHVNQmirbTtlYvWczgwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2Lzc4OWExYWVmLTc3ZjctNDEwOC05ZDQxLTFhOTdjMThlMTJjYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmAPAMADANBgkqhkiG9w0BAQsFAAOCAQEAbonGy1yNPyal8VeuGzywMgR9
+HLa6pkoSKhJcHj6ErCs2k8zC3AC1DDWFHRpZitTfvHkgmYmBBdVkUa0xPWFILab
Cnqwo/KP9NyCX/Fjk3WBniPCljakNsOJgQdZeDWt2yygbu19sl2CwMDwoki2Lg0q
8whM8nVyfA+ws3DRQUWOLBzBJbcJBg2S2gLovNSw9xQ3NB4KY31j0izsVUekSiDY
N8ujsdZd8SCEbUjVW/VdKvlSqCOxig72IaK8Nc1GP9BzqbiYVd/18IVIgiYPj7Gw
nnBMgsrfF1aRF/2p/ueKjMfSfifxDbz3d/w1DNWbwQSipFZi9J7qwiTyjYVHgQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:17:54 2025 by rpki-client