Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a0024e00-f937-4b63-91df-d45ce0a6a27d.roa
File:                     a0024e00-f937-4b63-91df-d45ce0a6a27d.roa (raw, json)
Hash identifier:          207WGVtf7bNfcdzqjXrL8896WrQBabJb2ocq0/iWm0g=
Subject key identifier:   0C:59:A4:6C:C4:51:D6:18:4E:D8:68:80:27:51:8F:A4:86:BB:21:61
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       3FAD287B41951B7946B7C69CD361AE8E0B9E6AF1
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a0024e00-f937-4b63-91df-d45ce0a6a27d.roa
Signing time:             Wed 05 Feb 2025 00:00:00 +0000
ROA not before:           Wed 05 Feb 2025 00:00:00 +0000
ROA not after:            Wed 12 Mar 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0f0:6010::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:ad:28:7b:41:95:1b:79:46:b7:c6:9c:d3:61:ae:8e:0b:9e:6a:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Feb  5 00:00:00 2025 GMT
            Not After : Mar 12 23:59:59 2025 GMT
        Subject: CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:6b:d8:cd:5b:76:ca:0f:f3:97:d4:22:54:a2:
                    10:77:78:bb:2c:f8:4b:ee:c1:de:fa:36:f8:7a:b4:
                    07:31:c8:80:c6:e8:28:a2:bf:27:1b:a0:df:93:4d:
                    f6:c0:86:ef:6f:d2:5e:ff:70:f5:75:2e:f6:a3:52:
                    3c:ff:3d:ad:e7:cb:22:2c:29:a8:c8:29:62:bb:02:
                    96:72:32:4a:ac:9d:13:b0:2c:a3:56:ed:34:84:94:
                    09:a1:ba:61:11:45:34:19:10:5a:2b:8c:af:c5:b0:
                    79:9e:bb:ce:96:84:87:23:f1:55:b0:83:9e:b8:e6:
                    c0:8c:45:2b:8f:16:6a:2e:22:9a:ba:5f:c9:f1:84:
                    6a:02:81:4e:d9:63:81:94:d7:20:5d:12:f0:ae:a4:
                    79:c7:63:0f:a1:e1:bd:22:ed:5d:9d:4a:49:7c:28:
                    45:59:8d:03:94:63:75:4f:e6:74:56:25:c7:f9:97:
                    99:07:78:59:46:7c:66:88:f3:7b:a5:a5:a2:16:2f:
                    98:a0:fe:0a:e2:b3:23:46:f4:a5:af:b8:86:43:7a:
                    57:b9:59:6a:3d:56:7b:46:4d:ce:39:5e:b3:00:a7:
                    a8:8c:97:5d:d3:93:9b:82:ef:a4:52:b3:50:11:2a:
                    8f:0d:62:49:2c:d2:df:6b:79:bc:81:2b:0f:e8:e3:
                    25:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:59:A4:6C:C4:51:D6:18:4E:D8:68:80:27:51:8F:A4:86:BB:21:61
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a0024e00-f937-4b63-91df-d45ce0a6a27d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:6010::/44

    Signature Algorithm: sha256WithRSAEncryption
         14:26:70:28:7e:ff:5c:30:69:df:a1:7e:a1:95:ad:a0:41:b1:
         ae:52:eb:f1:50:3f:e3:0a:1d:84:6a:f1:e8:07:ee:e2:82:ec:
         4c:8b:01:73:4d:1c:6f:90:99:f2:c4:b5:01:5a:5d:f4:34:aa:
         2a:cf:e2:93:6b:36:0b:99:6a:0d:e9:f0:84:e2:97:f7:fb:ac:
         67:fc:20:d3:81:2e:9f:77:ca:03:9d:86:51:d2:1a:f6:0c:c3:
         a0:a2:db:ec:63:58:f8:e1:8b:b0:52:18:14:4f:94:24:80:38:
         60:7e:09:5f:f1:5c:09:57:3a:a8:31:8b:54:ba:33:31:21:29:
         e5:c2:43:2e:1f:3f:c9:60:fa:a2:79:de:54:d6:d9:db:2e:b2:
         50:05:16:5f:e9:6e:ed:78:36:b4:5c:2e:3b:bb:ac:3f:d2:4b:
         17:75:e7:2a:80:95:21:4e:4d:62:0c:3b:81:35:10:bf:75:a2:
         80:b3:1d:ca:69:5e:40:c0:88:cd:42:b8:0d:75:76:92:50:b1:
         87:6b:cb:5d:26:43:71:5a:61:57:37:70:c9:45:31:70:f8:e3:
         0b:a0:63:f9:18:ff:21:5e:29:a2:82:3a:03:6a:03:42:0f:55:
         4f:1b:64:12:09:48:42:e6:af:99:a0:fc:05:72:d9:ee:e1:cc:
         11:ca:61:9e
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUP60oe0GVG3lGt8ac02GujgueavEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMjA1MDAwMDAwWhcNMjUwMzEyMjM1OTU5
WjB6MUkwRwYDVQQFE0AwYmM5NWQ3OWRjNzZhMWMwOTg1ZWIxYmYzZWRlYTg2ZWMy
NTgxMDkxN2QzMDNiNDQyZTJmMGEyMzA3MjIwMmFhMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCRa9jNW3bKD/OX1CJUohB3eLss+Evuwd76Nvh6tAcxyIDG
6CiivycboN+TTfbAhu9v0l7/cPV1LvajUjz/Pa3nyyIsKajIKWK7ApZyMkqsnROw
LKNW7TSElAmhumERRTQZEForjK/FsHmeu86WhIcj8VWwg5645sCMRSuPFmouIpq6
X8nxhGoCgU7ZY4GU1yBdEvCupHnHYw+h4b0i7V2dSkl8KEVZjQOUY3VP5nRWJcf5
l5kHeFlGfGaI83ulpaIWL5ig/grisyNG9KWvuIZDele5WWo9VntGTc45XrMAp6iM
l13Tk5uC76RSs1ARKo8NYkks0t9rebyBKw/o4yUzAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUDFmkbMRR1hhO2GiAJ1GPpIa7IWEwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2EwMDI0ZTAwLWY5MzctNGI2My05MWRmLWQ0NWNlMGE2YTI3ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwQmAPDwYBAwDQYJKoZIhvcNAQELBQADggEBABQmcCh+/1wwad+hfqGVraBB
sa5S6/FQP+MKHYRq8egH7uKC7EyLAXNNHG+QmfLEtQFaXfQ0qirP4pNrNguZag3p
8ITil/f7rGf8INOBLp93ygOdhlHSGvYMw6Ci2+xjWPjhi7BSGBRPlCSAOGB+CV/x
XAlXOqgxi1S6MzEhKeXCQy4fP8lg+qJ53lTW2dsuslAFFl/pbu14NrRcLju7rD/S
Sxd15yqAlSFOTWIMO4E1EL91ooCzHcppXkDAiM1CuA11dpJQsYdry10mQ3FaYVc3
cMlFMXD44wugY/kY/yFeKaKCOgNqA0IPVU8bZBIJSELmr5mg/AVy2e7hzBHKYZ4=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:15:23 2025 by rpki-client