Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/e1f114b0-d940-4fa0-8376-bac93d2868fc.roa
File:                     e1f114b0-d940-4fa0-8376-bac93d2868fc.roa (raw, json)
Hash identifier:          ah5FRJ4Ah+9Ie0rcxNhjDW7ZH7rY04XCCsQFL8Yayl0=
Subject key identifier:   E9:C1:5E:E4:FB:2F:25:0E:3C:F7:05:A2:E1:36:D7:7C:19:37:CF:22
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       4C9E1C6CEB49100FA53EEF6498F85B6DEAAADC00
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/e1f114b0-d940-4fa0-8376-bac93d2868fc.roa
Signing time:             Fri 16 May 2025 17:30:44 +0000
ROA not before:           Fri 16 May 2025 17:30:44 +0000
ROA not after:            Fri 20 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:4100::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 10 Jun 2025 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:9e:1c:6c:eb:49:10:0f:a5:3e:ef:64:98:f8:5b:6d:ea:aa:dc:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: May 16 17:30:44 2025 GMT
            Not After : Jun 20 23:59:59 2025 GMT
        Subject: serialNumber=6ed81c4103fd9718e01774b1795e38ccb9d76e5562937ecc922c6f4c4b14a875, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:7d:34:99:49:fc:6c:50:9b:fd:9e:9a:a3:7d:
                    7d:3a:38:e2:49:f8:e0:ee:38:11:9e:bc:cf:e0:7c:
                    14:b4:3e:0f:bb:be:0c:e6:88:8c:dd:7a:14:0b:da:
                    01:7b:33:57:73:2e:ab:cf:a3:63:40:ba:aa:b5:ef:
                    1f:37:e5:00:09:9e:5c:2d:06:00:bc:70:3e:ca:f6:
                    b1:58:98:f7:2b:e1:6f:16:cd:ca:f0:6a:04:8f:4e:
                    27:ee:4f:5c:b4:a5:83:05:c6:81:ee:27:c6:d9:64:
                    e6:74:92:8d:8d:78:53:67:e9:85:ec:dd:d8:f3:d8:
                    4d:93:60:00:39:f6:e8:b7:a3:40:ca:88:92:46:eb:
                    4e:ef:0a:f7:f6:3a:14:ee:45:35:be:f0:10:60:fc:
                    49:c1:88:40:ec:dd:cb:58:90:22:53:91:4d:01:3c:
                    cc:fb:c5:4d:c7:a5:8c:01:1d:b9:79:65:30:8d:d1:
                    e0:ee:ba:22:57:11:90:92:2b:53:60:ab:54:f3:bb:
                    a7:58:16:56:00:79:8d:fa:5b:ed:3c:77:63:96:59:
                    9c:6a:2f:0e:fc:b8:7b:fc:e5:2a:75:81:95:a8:66:
                    5b:fa:a4:d4:3e:83:e1:58:59:05:c0:f1:09:16:3f:
                    60:88:23:1c:eb:54:36:de:5e:16:da:4e:99:3d:a4:
                    f1:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:C1:5E:E4:FB:2F:25:0E:3C:F7:05:A2:E1:36:D7:7C:19:37:CF:22
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/e1f114b0-d940-4fa0-8376-bac93d2868fc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:4100::/40

    Signature Algorithm: sha256WithRSAEncryption
         a8:39:2d:32:ef:e7:4b:71:9f:c7:df:10:e6:89:df:bb:6d:c4:
         2c:d6:c8:5a:51:ea:b5:9a:b6:97:d5:33:41:74:bf:86:d7:ef:
         dd:0f:0e:93:a5:de:0a:3e:2b:b5:2a:28:3a:72:73:9d:ab:12:
         24:c4:68:78:c2:8f:6f:0a:6c:07:7f:95:26:b6:a7:31:bf:aa:
         a1:50:3e:81:42:d0:c1:ce:7b:f6:32:28:64:1c:1c:81:0c:d9:
         3b:81:4a:b3:e8:88:0c:c8:32:c4:16:47:fd:27:3d:70:70:07:
         c6:23:2f:33:f9:ef:60:24:a9:a9:49:75:cc:9e:3e:c7:97:20:
         29:3a:df:5e:a4:13:7a:6f:d5:77:96:1a:c9:a7:6c:4f:40:b2:
         57:5f:c3:02:69:eb:66:8c:83:d0:1e:fc:c6:d5:e1:62:aa:b4:
         0c:ac:ae:e0:ae:e7:3f:75:4f:57:69:f2:ea:7e:cd:42:1c:bb:
         d7:66:e6:fc:e8:a1:ad:9e:34:55:28:62:c4:a5:6c:da:13:9d:
         a0:ab:31:56:68:c0:e6:ef:13:b5:b7:ef:47:dc:13:ef:56:42:
         24:95:d5:e4:1b:4b:11:9c:74:5f:10:51:f6:49:c0:d2:fb:0b:
         ec:f7:fa:7c:6a:b4:24:30:26:7d:84:48:58:08:64:90:44:4b:
         11:e4:80:73
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUTJ4cbOtJEA+lPu9kmPhbbeqq3AAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNTE2MTczMDQ0WhcNMjUwNjIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A2ZWQ4MWM0MTAzZmQ5NzE4ZTAxNzc0YjE3OTVlMzhjY2I5
ZDc2ZTU1NjI5MzdlY2M5MjJjNmY0YzRiMTRhODc1MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCxfTSZSfxsUJv9npqjfX06OOJJ+ODuOBGevM/gfBS0Pg+7
vgzmiIzdehQL2gF7M1dzLqvPo2NAuqq17x835QAJnlwtBgC8cD7K9rFYmPcr4W8W
zcrwagSPTifuT1y0pYMFxoHuJ8bZZOZ0ko2NeFNn6YXs3djz2E2TYAA59ui3o0DK
iJJG607vCvf2OhTuRTW+8BBg/EnBiEDs3ctYkCJTkU0BPMz7xU3HpYwBHbl5ZTCN
0eDuuiJXEZCSK1Ngq1Tzu6dYFlYAeY36W+08d2OWWZxqLw78uHv85Sp1gZWoZlv6
pNQ+g+FYWQXA8QkWP2CIIxzrVDbeXhbaTpk9pPFRAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU6cFe5PsvJQ489wWi4TbXfBk3zyIwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2UxZjExNGIwLWQ5NDAtNGZhMC04Mzc2LWJhYzkzZDI4NjhmYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAPDwQTANBgkqhkiG9w0BAQsFAAOCAQEAqDktMu/nS3Gfx98Q5onfu23E
LNbIWlHqtZq2l9UzQXS/htfv3Q8Ok6XeCj4rtSooOnJznasSJMRoeMKPbwpsB3+V
JranMb+qoVA+gULQwc579jIoZBwcgQzZO4FKs+iIDMgyxBZH/Sc9cHAHxiMvM/nv
YCSpqUl1zJ4+x5cgKTrfXqQTem/Vd5YayadsT0CyV1/DAmnrZoyD0B78xtXhYqq0
DKyu4K7nP3VPV2ny6n7NQhy712bm/OihrZ40VShixKVs2hOdoKsxVmjA5u8Ttbfv
R9wT71ZCJJXV5BtLEZx0XxBR9knA0vsL7Pf6fGq0JDAmfYRIWAhkkERLEeSAcw==
-----END CERTIFICATE-----
Generated at Mon Jun 9 10:40:37 2025 by rpki-client