Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/9738bb0d-1a84-4601-bc6b-25ba7f49c72b.roa
File:                     9738bb0d-1a84-4601-bc6b-25ba7f49c72b.roa (raw, json)
Hash identifier:          P1lYLz/jXTav99oEdmpzUppi/cDVxu9wbqT6Hg2acW4=
Subject key identifier:   6D:DF:31:38:35:9D:A8:7E:95:0A:29:44:6A:B6:21:2F:56:95:7F:D9
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       52E8911BB6EF30E6FDB8F42EA6516EA33188E07C
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/9738bb0d-1a84-4601-bc6b-25ba7f49c72b.roa
Signing time:             Fri 24 Jan 2025 00:00:00 +0000
ROA not before:           Fri 24 Jan 2025 00:00:00 +0000
ROA not after:            Fri 28 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:5503::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:e8:91:1b:b6:ef:30:e6:fd:b8:f4:2e:a6:51:6e:a3:31:88:e0:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jan 24 00:00:00 2025 GMT
            Not After : Feb 28 23:59:59 2025 GMT
        Subject: CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:0f:e4:9a:1a:e5:af:63:bd:5b:9e:f1:80:15:
                    f3:0a:9e:78:a7:00:95:dd:52:40:fa:0b:aa:a7:2e:
                    fe:1f:5b:6b:88:f1:77:f9:f5:84:4a:02:ec:99:bd:
                    1d:92:77:71:87:86:03:be:d7:be:5c:b2:a1:91:a2:
                    38:3b:48:96:52:b4:50:64:5f:98:d8:2f:c7:74:a8:
                    5c:f2:16:8a:c9:e2:99:59:33:74:09:9c:9c:d5:23:
                    74:37:a3:d2:4f:df:17:a6:68:6e:e8:b2:4c:d7:e9:
                    24:9f:cb:69:d7:de:a0:7e:9a:a4:cb:4b:e0:32:97:
                    6a:f8:94:3d:d4:ee:cd:f7:11:e0:e5:72:10:82:8e:
                    d8:aa:c8:84:51:86:8e:cd:1e:ba:12:23:22:98:db:
                    10:a7:4c:7a:8a:4b:d8:48:33:95:e7:72:e6:ed:cd:
                    1f:dc:9c:77:e4:64:40:ec:55:b6:61:f7:ba:02:17:
                    46:0d:18:16:f3:86:3f:8d:5e:0f:e4:cc:50:e5:e4:
                    d0:10:b2:82:19:e8:fe:17:55:73:e9:dd:48:e2:07:
                    0a:2d:1d:de:ae:46:5d:c0:65:1c:e1:fe:d8:5c:2a:
                    55:76:c8:93:07:17:53:a1:1e:cf:63:db:1a:58:3e:
                    61:86:08:6c:d0:38:fb:3e:18:e4:48:76:61:08:8e:
                    8e:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:DF:31:38:35:9D:A8:7E:95:0A:29:44:6A:B6:21:2F:56:95:7F:D9
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/9738bb0d-1a84-4601-bc6b-25ba7f49c72b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:5503::/48

    Signature Algorithm: sha256WithRSAEncryption
         78:18:9d:df:b3:9b:a8:a4:16:5d:f0:64:62:44:4a:e7:82:e0:
         10:15:f3:a7:5a:37:4c:4d:19:24:b9:81:60:38:e7:89:32:ff:
         a8:19:3c:92:dc:b1:a3:70:40:71:ab:e5:3a:6b:a0:79:e5:65:
         85:a9:37:ca:b1:d7:44:bb:85:c0:2c:35:bc:eb:d1:7d:a3:7d:
         c4:7d:38:ba:e4:1b:42:ea:31:7b:86:e2:0f:d7:c6:c1:e2:44:
         03:73:07:4b:6f:80:a9:49:fe:95:e7:76:95:d0:d9:4d:a2:de:
         a1:06:fa:f6:d6:a0:10:22:51:20:8f:c8:aa:9b:2d:cf:36:4e:
         da:cb:77:30:96:ea:b2:67:11:df:ca:dd:a6:57:6c:b0:45:e8:
         5c:4c:dd:f3:6f:ad:6f:b5:2e:89:4f:8e:74:95:1d:80:20:db:
         e1:f9:91:3a:c7:04:71:d9:83:c7:b6:8f:b1:a4:92:66:02:ae:
         d5:04:31:4c:ac:dd:c0:52:e8:f0:e9:e8:a8:f7:e4:52:1d:30:
         8c:b0:29:83:39:e9:fb:00:ff:d9:11:8f:15:53:f6:c0:20:e9:
         4f:fd:cf:23:81:d0:44:ec:fe:28:44:38:03:3b:92:40:b6:92:
         49:49:98:e3:f4:99:b7:5e:6c:8b:0a:2c:cc:45:3a:f2:5b:a7:
         cc:20:a3:2b
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUUuiRG7bvMOb9uPQuplFuozGI4HwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTI0MDAwMDAwWhcNMjUwMjI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BjNzNlNTkyYTM1NzNjYzVlNTQ4MjFhODk1MTQ0OWYzNDE5
YTE1OTk0Y2YzNGUwODk1YzhmOTlhMjMzZjhiMGQyMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCxD+SaGuWvY71bnvGAFfMKnninAJXdUkD6C6qnLv4fW2uI
8Xf59YRKAuyZvR2Sd3GHhgO+175csqGRojg7SJZStFBkX5jYL8d0qFzyForJ4plZ
M3QJnJzVI3Q3o9JP3xemaG7oskzX6SSfy2nX3qB+mqTLS+Ayl2r4lD3U7s33EeDl
chCCjtiqyIRRho7NHroSIyKY2xCnTHqKS9hIM5XncubtzR/cnHfkZEDsVbZh97oC
F0YNGBbzhj+NXg/kzFDl5NAQsoIZ6P4XVXPp3UjiBwotHd6uRl3AZRzh/thcKlV2
yJMHF1OhHs9j2xpYPmGGCGzQOPs+GORIdmEIjo5lAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUbd8xODWdqH6VCilEarYhL1aVf9kwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2Lzk3MzhiYjBkLTFhODQtNDYwMS1iYzZiLTI1YmE3ZjQ5YzcyYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVQMwDQYJKoZIhvcNAQELBQADggEBAHgYnd+zm6ikFl3wZGJESueC
4BAV86daN0xNGSS5gWA454ky/6gZPJLcsaNwQHGr5TproHnlZYWpN8qx10S7hcAs
Nbzr0X2jfcR9OLrkG0LqMXuG4g/XxsHiRANzB0tvgKlJ/pXndpXQ2U2i3qEG+vbW
oBAiUSCPyKqbLc82TtrLdzCW6rJnEd/K3aZXbLBF6FxM3fNvrW+1LolPjnSVHYAg
2+H5kTrHBHHZg8e2j7GkkmYCrtUEMUys3cBS6PDp6Kj35FIdMIywKYM56fsA/9kR
jxVT9sAg6U/9zyOB0ETs/ihEOAM7kkC2kklJmOP0mbdebIsKLMxFOvJbp8wgoys=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:53:09 2025 by rpki-client