Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ee2c3586-4c23-4045-b98b-d28000a3bd55.roa
File:                     ee2c3586-4c23-4045-b98b-d28000a3bd55.roa (raw, json)
Hash identifier:          SkYTyvxxzxwBg+c9lW5smQgr5TJBx8Dpqmsj3Ve/CiY=
Subject key identifier:   63:2D:EA:0F:8A:69:71:AE:CB:9C:62:3C:C2:D4:A7:90:CC:AC:14:AC
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       7AF6C9A438E6ABCC95870553B10158CE9F1D393E
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ee2c3586-4c23-4045-b98b-d28000a3bd55.roa
Signing time:             Fri 24 Jan 2025 00:00:00 +0000
ROA not before:           Fri 24 Jan 2025 00:00:00 +0000
ROA not after:            Fri 28 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0f0:5503::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:f6:c9:a4:38:e6:ab:cc:95:87:05:53:b1:01:58:ce:9f:1d:39:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jan 24 00:00:00 2025 GMT
            Not After : Feb 28 23:59:59 2025 GMT
        Subject: CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:59:f5:13:dc:0f:be:98:07:6c:ce:47:fb:50:
                    f2:3d:d2:b1:93:c5:05:5d:be:88:16:c2:d5:33:80:
                    05:84:d3:98:5f:9c:32:21:43:2a:34:6c:ee:a2:a3:
                    6f:c7:ef:b3:8a:10:8b:23:85:d5:42:bb:8d:ce:61:
                    bf:db:f1:b6:fd:4e:1e:20:26:97:02:56:b4:7f:c1:
                    b7:cd:69:f2:08:c3:6c:3a:2e:04:23:de:e5:8c:9a:
                    9e:a8:f3:65:d8:a2:99:00:86:48:06:e1:8d:ef:9c:
                    f2:ae:09:64:40:28:3a:9d:0c:21:82:c9:1c:79:11:
                    30:3f:7d:83:88:38:8a:ed:a6:08:7e:ef:ba:91:f2:
                    58:47:38:d7:63:5d:13:e2:64:11:c8:d2:86:e8:aa:
                    45:3a:e2:c6:0c:fe:4c:02:e6:d7:69:21:cd:5d:22:
                    6d:1d:a9:33:4a:78:5b:4a:c8:72:dc:15:49:a4:98:
                    26:04:f6:a3:67:93:2d:ff:ab:4f:da:22:e3:ef:51:
                    a6:42:bf:b9:53:d9:23:2b:29:53:cb:59:d0:a2:b0:
                    a9:f3:a7:24:f0:69:d1:cd:57:ad:d1:56:15:96:3a:
                    4d:93:85:9b:90:c4:85:da:47:b0:18:c7:d8:0d:86:
                    86:33:ab:21:ec:03:2e:c8:77:a1:4b:cc:b7:12:8e:
                    94:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:2D:EA:0F:8A:69:71:AE:CB:9C:62:3C:C2:D4:A7:90:CC:AC:14:AC
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ee2c3586-4c23-4045-b98b-d28000a3bd55.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:5503::/48

    Signature Algorithm: sha256WithRSAEncryption
         4a:03:3d:32:9d:0c:21:18:db:ba:15:77:00:29:f1:45:8f:75:
         cd:55:1b:47:9f:f8:4f:4a:0c:71:3c:c9:b1:a9:65:20:c5:95:
         a9:11:9d:a5:8e:ad:98:51:27:a5:34:94:69:25:93:1b:60:42:
         a9:74:08:02:f4:e9:c1:55:55:ad:16:e1:1b:99:23:bf:28:bd:
         84:bb:18:e6:95:bd:2e:20:ba:61:5b:c3:ef:d0:76:f5:a8:42:
         78:6d:9a:0b:d8:59:3c:85:24:b5:67:31:09:77:4c:ca:9e:a4:
         70:53:a0:0a:0f:87:f1:9d:2e:3d:a3:29:9f:97:77:35:59:ed:
         c4:9b:9e:43:6a:b3:43:60:66:2c:31:68:f5:9f:29:a3:3a:94:
         f7:af:cf:08:66:cc:70:cc:c8:fe:c8:6e:86:8d:79:94:93:d3:
         73:b0:c7:b7:c9:57:56:cd:90:55:6e:35:1d:ec:a4:c1:f2:c9:
         1b:92:df:15:7e:41:3e:14:b4:a4:ae:3e:7e:97:f9:2c:2b:c0:
         79:51:e2:e9:a5:db:fa:1b:54:8e:86:fa:a7:64:60:ba:53:af:
         74:9d:0d:76:4d:24:b9:ed:e6:cd:bc:b5:4b:22:c8:55:6b:ce:
         91:05:bd:0f:35:5d:7d:bc:ff:d9:b3:44:7c:eb:65:ad:bd:37:
         3e:a3:1e:97
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUevbJpDjmq8yVhwVTsQFYzp8dOT4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTI0MDAwMDAwWhcNMjUwMjI4MjM1OTU5
WjB6MUkwRwYDVQQFE0AwNGUwZjI1MDRiODhhMzgxOGIxZmM2NmMzNWY0ZDBjNWVm
NDAwYTFjZmY1MTBlZWQyODlhNWI2YzhhODhmZDY5MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCqWfUT3A++mAdszkf7UPI90rGTxQVdvogWwtUzgAWE05hf
nDIhQyo0bO6io2/H77OKEIsjhdVCu43OYb/b8bb9Th4gJpcCVrR/wbfNafIIw2w6
LgQj3uWMmp6o82XYopkAhkgG4Y3vnPKuCWRAKDqdDCGCyRx5ETA/fYOIOIrtpgh+
77qR8lhHONdjXRPiZBHI0oboqkU64sYM/kwC5tdpIc1dIm0dqTNKeFtKyHLcFUmk
mCYE9qNnky3/q0/aIuPvUaZCv7lT2SMrKVPLWdCisKnzpyTwadHNV63RVhWWOk2T
hZuQxIXaR7AYx9gNhoYzqyHsAy7Id6FLzLcSjpSBAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUYy3qD4ppca7LnGI8wtSnkMysFKwwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2VlMmMzNTg2LTRjMjMtNDA0NS1iOThiLWQyODAwMGEzYmQ1NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVQMwDQYJKoZIhvcNAQELBQADggEBAEoDPTKdDCEY27oVdwAp8UWP
dc1VG0ef+E9KDHE8ybGpZSDFlakRnaWOrZhRJ6U0lGklkxtgQql0CAL06cFVVa0W
4RuZI78ovYS7GOaVvS4gumFbw+/QdvWoQnhtmgvYWTyFJLVnMQl3TMqepHBToAoP
h/GdLj2jKZ+XdzVZ7cSbnkNqs0NgZiwxaPWfKaM6lPevzwhmzHDMyP7IboaNeZST
03Owx7fJV1bNkFVuNR3spMHyyRuS3xV+QT4UtKSuPn6X+SwrwHlR4uml2/obVI6G
+qdkYLpTr3SdDXZNJLnt5s28tUsiyFVrzpEFvQ81XX28/9mzRHzrZa29Nz6jHpc=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:50:02 2025 by rpki-client