Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b11f31cd-336e-4434-8174-6a90ba67bb58.roa
File:                     b11f31cd-336e-4434-8174-6a90ba67bb58.roa (raw, json)
Hash identifier:          U9MeRd0TJaDHMUOJM3JJIw0lVKJgMt3fqYqUPJMq3a8=
Subject key identifier:   E7:54:BC:5B:CA:6A:9A:68:CD:66:42:3F:6D:11:39:D0:F3:08:04:AE
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       463024C3A78198A413253A78A4A3E3A714302198
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b11f31cd-336e-4434-8174-6a90ba67bb58.roa
Signing time:             Wed 05 Feb 2025 00:00:00 +0000
ROA not before:           Wed 05 Feb 2025 00:00:00 +0000
ROA not after:            Wed 12 Mar 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:5519::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:30:24:c3:a7:81:98:a4:13:25:3a:78:a4:a3:e3:a7:14:30:21:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Feb  5 00:00:00 2025 GMT
            Not After : Mar 12 23:59:59 2025 GMT
        Subject: CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:50:58:cd:8e:1f:e2:fa:7f:61:e9:0a:70:5e:
                    77:cf:e4:7e:da:f4:1e:3c:75:22:9f:e3:5a:0f:a7:
                    f8:de:74:f9:3d:fc:a4:fa:f2:35:d5:c1:b6:18:0e:
                    d0:ea:ac:38:86:9f:32:d0:5c:c7:6f:30:b8:f2:cd:
                    c9:a9:2d:28:c2:87:c2:f1:46:fc:6e:6b:99:6d:ab:
                    c8:1f:80:80:76:8d:b8:ae:be:13:f1:30:70:d6:91:
                    6a:8f:56:26:d4:83:d6:d6:da:db:e5:54:65:1f:d1:
                    80:d4:a9:b2:ae:df:17:a5:54:de:e3:ca:fb:e0:96:
                    fd:b4:fd:5a:fc:50:3a:c2:26:0c:1c:21:e3:07:87:
                    39:4f:b9:0c:3d:45:8d:21:31:0e:89:8d:5e:72:29:
                    05:63:81:00:a2:24:19:02:7b:da:02:97:85:21:30:
                    f7:1b:9d:79:5e:00:49:11:de:c9:f7:e6:97:8d:c3:
                    41:85:e7:42:53:a7:6d:95:4a:ac:6e:c3:b1:18:6b:
                    c8:69:08:51:ed:02:3f:1a:91:76:b7:41:3a:a9:38:
                    86:f8:3a:46:93:36:d2:3d:85:d4:15:69:3a:b8:27:
                    8c:f0:c8:37:07:bb:8b:f5:3f:fc:4a:cc:7a:4d:24:
                    50:35:fd:df:7b:93:2c:59:f0:10:7f:5f:c0:9e:b7:
                    55:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:54:BC:5B:CA:6A:9A:68:CD:66:42:3F:6D:11:39:D0:F3:08:04:AE
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b11f31cd-336e-4434-8174-6a90ba67bb58.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:5519::/48

    Signature Algorithm: sha256WithRSAEncryption
         4a:4f:80:48:ca:d3:de:c8:b4:5b:55:18:fb:b8:5c:4d:fc:69:
         98:fe:63:bc:d4:89:6d:61:d8:3e:50:fb:94:d1:17:0b:38:79:
         d5:d7:f4:ba:36:cc:d2:cb:a9:90:95:e1:a4:70:de:87:69:4d:
         67:30:f9:44:b8:40:32:c3:ce:85:ce:5e:0b:d0:d2:d7:df:fa:
         e8:fa:02:96:35:35:d2:2a:07:19:1a:f5:43:82:58:15:75:92:
         16:a2:b6:6f:c6:83:52:f1:53:1b:9b:1e:28:0a:aa:8b:4c:16:
         0d:d7:a3:1f:2e:7d:50:17:04:85:cb:cd:19:f5:07:4c:18:db:
         9f:04:41:64:0e:d1:0c:b2:c4:c6:7d:c5:c4:fd:c8:3b:f1:39:
         0f:ab:ee:fb:a2:18:32:ee:f5:72:26:1c:e1:65:a7:ad:77:ba:
         6b:46:e5:eb:f6:fb:77:7d:df:fa:b8:95:2a:86:59:4e:a1:11:
         81:35:ae:e8:e3:af:81:2c:9c:7c:01:5a:63:ed:d8:a9:7c:36:
         41:6b:c6:49:da:10:c4:cc:29:97:e2:5a:16:0e:30:ee:c0:ec:
         4f:6f:71:be:3a:db:3e:72:ff:99:69:23:9f:0d:26:a1:5c:d8:
         06:e2:17:e6:3f:b3:b1:28:40:7d:aa:11:11:4f:f3:c6:27:d4:
         2c:19:a4:4a
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIURjAkw6eBmKQTJTp4pKPjpxQwIZgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMjA1MDAwMDAwWhcNMjUwMzEyMjM1OTU5
WjB6MUkwRwYDVQQFE0AwOWI5YWJmY2NjY2RjY2NjYWY2NzgyMzJjYTZkYjgyYWQ2
YzA5MmViN2FjZjE3OTU3NjlmYzFmMzI3ODc5ZDYyMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCaUFjNjh/i+n9h6QpwXnfP5H7a9B48dSKf41oPp/jedPk9
/KT68jXVwbYYDtDqrDiGnzLQXMdvMLjyzcmpLSjCh8LxRvxua5ltq8gfgIB2jbiu
vhPxMHDWkWqPVibUg9bW2tvlVGUf0YDUqbKu3xelVN7jyvvglv20/Vr8UDrCJgwc
IeMHhzlPuQw9RY0hMQ6JjV5yKQVjgQCiJBkCe9oCl4UhMPcbnXleAEkR3sn35peN
w0GF50JTp22VSqxuw7EYa8hpCFHtAj8akXa3QTqpOIb4OkaTNtI9hdQVaTq4J4zw
yDcHu4v1P/xKzHpNJFA1/d97kyxZ8BB/X8Cet1WLAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU51S8W8pqmmjNZkI/bRE50PMIBK4wHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2IxMWYzMWNkLTMzNmUtNDQzNC04MTc0LTZhOTBiYTY3YmI1OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVRkwDQYJKoZIhvcNAQELBQADggEBAEpPgEjK097ItFtVGPu4XE38
aZj+Y7zUiW1h2D5Q+5TRFws4edXX9Lo2zNLLqZCV4aRw3odpTWcw+US4QDLDzoXO
XgvQ0tff+uj6ApY1NdIqBxka9UOCWBV1khaitm/Gg1LxUxubHigKqotMFg3Xox8u
fVAXBIXLzRn1B0wY258EQWQO0QyyxMZ9xcT9yDvxOQ+r7vuiGDLu9XImHOFlp613
umtG5ev2+3d93/q4lSqGWU6hEYE1rujjr4EsnHwBWmPt2Kl8NkFrxknaEMTMKZfi
WhYOMO7A7E9vcb462z5y/5lpI58NJqFc2AbiF+Y/s7EoQH2qERFP88Yn1CwZpEo=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:37:34 2025 by rpki-client