Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/87fc20f7-0de9-48d8-850e-c430d88860e9.roa
File:                     87fc20f7-0de9-48d8-850e-c430d88860e9.roa (raw, json)
Hash identifier:          4A1+b0/xKyhlx0DI5LHND9DG+DrhuTVn1DInZMrSFY8=
Subject key identifier:   19:29:7E:2C:56:13:FA:EE:C7:F6:54:4C:D3:89:22:98:B1:0F:29:2A
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       66B724C67B431C5CF1ABFDAFF4545C7DC9DC69BC
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/87fc20f7-0de9-48d8-850e-c430d88860e9.roa
Signing time:             Wed 05 Feb 2025 00:00:00 +0000
ROA not before:           Wed 05 Feb 2025 00:00:00 +0000
ROA not after:            Wed 12 Mar 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0f0:3::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:b7:24:c6:7b:43:1c:5c:f1:ab:fd:af:f4:54:5c:7d:c9:dc:69:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Feb  5 00:00:00 2025 GMT
            Not After : Mar 12 23:59:59 2025 GMT
        Subject: CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:96:eb:da:4c:90:45:4e:e0:15:9c:38:01:78:
                    e2:5f:f2:f8:79:93:f4:ed:cf:ff:35:03:b5:e3:b4:
                    18:24:9f:05:a9:bc:2b:8c:77:70:8b:46:e1:cd:e6:
                    4d:ec:49:b5:d6:42:94:8b:3f:b3:e2:42:01:32:d6:
                    be:25:df:e4:29:dc:1b:c5:c4:8f:5d:a3:01:ea:35:
                    59:f0:61:e4:1a:c2:3c:35:63:5d:85:56:62:53:4c:
                    60:ba:2b:81:45:2e:7b:f5:2e:92:30:de:69:00:e0:
                    75:48:e2:92:27:ab:a9:3a:15:34:8e:e8:44:80:cd:
                    3c:b9:8f:46:0b:23:72:fc:0e:ca:ba:ff:87:99:05:
                    33:b3:27:36:97:83:37:d9:cf:73:b1:ea:b7:c5:7f:
                    13:db:34:51:40:af:69:27:bf:c4:37:ce:bc:af:d3:
                    dd:c4:d4:ed:bb:8f:75:7b:33:21:ff:ca:4d:d2:f2:
                    34:b1:be:c7:74:27:76:99:17:92:12:eb:47:9e:c9:
                    ea:9f:ce:27:4f:54:b2:4e:e8:28:88:f4:37:45:b1:
                    a0:1f:06:4e:bf:62:0a:60:3c:16:74:86:40:33:8d:
                    30:ea:d2:51:12:63:b6:1d:d7:75:c3:ce:f2:14:23:
                    e4:bb:fd:71:47:68:c2:86:dd:f9:28:67:ad:2f:e7:
                    18:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:29:7E:2C:56:13:FA:EE:C7:F6:54:4C:D3:89:22:98:B1:0F:29:2A
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/87fc20f7-0de9-48d8-850e-c430d88860e9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:3::/48

    Signature Algorithm: sha256WithRSAEncryption
         50:2a:e1:c6:f2:ea:4a:26:6c:be:b2:72:1b:ab:a1:2a:88:27:
         95:13:c5:b1:f6:3f:12:14:50:57:0f:57:5d:3a:10:f4:81:04:
         43:a1:84:ef:02:ff:23:b3:ce:ec:81:91:49:7c:c1:6a:93:d3:
         af:76:25:77:5f:3b:31:8e:90:5e:c8:6b:23:56:a9:f3:00:5a:
         c8:59:ef:92:b3:78:43:ba:24:b4:39:1f:03:9c:8e:ae:1d:77:
         1a:3f:3d:fd:4f:51:04:d2:ef:a8:5e:9a:82:b2:c0:9d:49:c7:
         87:aa:e4:2e:aa:13:a8:c3:f5:a5:7c:7f:be:22:3e:0c:ae:05:
         2f:d7:8b:ae:c6:c7:f1:ee:9e:19:59:25:d4:19:8e:dc:84:99:
         ab:f5:c0:e2:e8:b2:1a:b3:fb:fb:15:e7:ba:80:4a:df:77:ae:
         b8:7f:63:5e:6e:90:1f:9f:dc:c7:8c:db:b6:6c:54:68:88:d6:
         67:f7:06:72:8e:c9:21:ad:b5:96:07:bc:83:04:7a:cd:cb:ba:
         ad:81:e5:34:ac:c5:4d:a6:00:db:b6:f0:59:7f:77:83:e8:d9:
         02:2e:a8:fe:8b:be:e4:d5:df:e0:9d:f2:90:aa:58:5a:8e:26:
         dd:42:51:b6:73:e5:4a:b0:1f:a4:fb:17:34:f5:89:90:e2:82:
         01:d7:51:07
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUZrckxntDHFzxq/2v9FRcfcncabwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMjA1MDAwMDAwWhcNMjUwMzEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BhNDRjNGNiNjMxNTA3ODEwYzUxYTdmMmJiZTI0Njc0YmZj
NWU4Zjg0YjUzNTQ1NjEwMTZmYzliMmNiOWQ1OGMzMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzluvaTJBFTuAVnDgBeOJf8vh5k/Ttz/81A7XjtBgknwWp
vCuMd3CLRuHN5k3sSbXWQpSLP7PiQgEy1r4l3+Qp3BvFxI9dowHqNVnwYeQawjw1
Y12FVmJTTGC6K4FFLnv1LpIw3mkA4HVI4pInq6k6FTSO6ESAzTy5j0YLI3L8Dsq6
/4eZBTOzJzaXgzfZz3Ox6rfFfxPbNFFAr2knv8Q3zryv093E1O27j3V7MyH/yk3S
8jSxvsd0J3aZF5IS60eeyeqfzidPVLJO6CiI9DdFsaAfBk6/YgpgPBZ0hkAzjTDq
0lESY7Yd13XDzvIUI+S7/XFHaMKG3fkoZ60v5xi7AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUGSl+LFYT+u7H9lRM04kimLEPKSowHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2Lzg3ZmMyMGY3LTBkZTktNDhkOC04NTBlLWM0MzBkODg4NjBlOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwAAMwDQYJKoZIhvcNAQELBQADggEBAFAq4cby6kombL6ychuroSqI
J5UTxbH2PxIUUFcPV106EPSBBEOhhO8C/yOzzuyBkUl8wWqT0692JXdfOzGOkF7I
ayNWqfMAWshZ75KzeEO6JLQ5HwOcjq4ddxo/Pf1PUQTS76hemoKywJ1Jx4eq5C6q
E6jD9aV8f74iPgyuBS/Xi67Gx/HunhlZJdQZjtyEmav1wOLoshqz+/sV57qASt93
rrh/Y15ukB+f3MeM27ZsVGiI1mf3BnKOySGttZYHvIMEes3Luq2B5TSsxU2mANu2
8Fl/d4Po2QIuqP6LvuTV3+Cd8pCqWFqOJt1CUbZz5UqwH6T7FzT1iZDiggHXUQc=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:29:43 2025 by rpki-client