Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ef295804-89a7-4ec3-826e-73e32733dc02.roa
File:                     ef295804-89a7-4ec3-826e-73e32733dc02.roa (raw, json)
Hash identifier:          8qWVy8/1+RCkbeiGIEFpk+wjPA0ygvTn6QrzO9TpNr8=
Subject key identifier:   E4:CA:7A:86:B5:3D:A0:76:53:72:F8:71:44:0A:F4:50:DB:A8:F9:5E
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       197B7502ADD4DD087EDA107E3144A607E11DEED7
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ef295804-89a7-4ec3-826e-73e32733dc02.roa
Signing time:             Wed 05 Feb 2025 00:00:00 +0000
ROA not before:           Wed 05 Feb 2025 00:00:00 +0000
ROA not after:            Wed 12 Mar 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0f0:551d::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:7b:75:02:ad:d4:dd:08:7e:da:10:7e:31:44:a6:07:e1:1d:ee:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Feb  5 00:00:00 2025 GMT
            Not After : Mar 12 23:59:59 2025 GMT
        Subject: CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:71:e8:fc:1f:32:b9:59:8f:53:e1:10:52:57:
                    1b:de:9d:a3:ab:a7:47:3c:98:10:50:4a:55:68:cb:
                    2a:80:bf:6c:9f:90:cd:f5:4d:03:f6:8d:60:c1:e7:
                    a0:fb:96:b5:cc:ed:61:b4:fb:73:4d:ac:23:80:4d:
                    03:3d:b7:d3:e7:14:5d:41:fc:a4:4b:b4:57:a2:ca:
                    f1:55:2c:21:23:32:6f:5a:8c:c2:f8:bb:69:d7:f3:
                    14:c9:73:de:61:63:44:d8:57:6d:7f:8e:e0:d0:04:
                    2f:89:4f:f0:5f:1e:19:20:d4:1c:47:ca:cf:60:dc:
                    ac:1a:f8:6f:b4:e1:19:39:a5:6c:43:e6:1c:b2:ee:
                    e6:94:b3:9a:fa:95:b4:0c:4d:d8:93:49:e1:0e:b6:
                    fb:17:c7:b2:07:b0:bb:82:15:31:72:5c:7f:e0:5a:
                    8c:62:a8:eb:25:a0:27:31:57:ba:df:2f:d6:d2:68:
                    1e:81:73:2d:97:49:13:40:8a:9f:ef:52:ba:dd:b5:
                    b1:34:24:37:41:2c:81:c7:cd:7f:4d:27:73:1d:f8:
                    5c:45:bd:cb:cc:7d:ab:8b:1f:0a:d4:af:29:37:f7:
                    09:06:30:e4:a2:27:66:01:49:54:6c:a0:56:91:a8:
                    5d:20:47:4c:17:72:fc:60:86:04:94:93:b0:ea:a9:
                    ca:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:CA:7A:86:B5:3D:A0:76:53:72:F8:71:44:0A:F4:50:DB:A8:F9:5E
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ef295804-89a7-4ec3-826e-73e32733dc02.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:551d::/48

    Signature Algorithm: sha256WithRSAEncryption
         04:08:eb:fc:41:fe:a9:c1:1c:32:82:bf:cc:17:20:25:4c:38:
         3a:ff:28:86:68:0d:09:8d:ec:41:e1:4a:2a:d5:07:fa:b7:b8:
         f8:7e:a3:5b:8a:12:9a:d1:4f:bd:a1:57:ee:e0:6c:06:99:6f:
         69:37:a4:e3:a4:3d:c2:98:c6:2e:b4:12:ed:a3:16:e0:bf:37:
         65:31:e6:49:0c:d2:c7:61:8b:5e:a7:8e:5f:35:ac:d5:b9:54:
         77:96:73:3c:fd:3f:a1:93:62:fc:b5:3f:f8:6c:47:32:ce:01:
         65:99:55:4d:03:27:6a:14:b0:13:f5:11:55:39:f0:8c:e7:dd:
         2c:1b:60:07:16:82:9e:eb:72:43:b1:22:1b:ff:3e:36:9f:9f:
         ed:6d:a8:85:b2:5a:8f:cf:1e:e7:22:0c:72:63:96:4a:09:f0:
         e7:26:14:44:fa:1b:9b:05:1b:e1:24:a2:d7:47:59:24:f4:f6:
         a3:0b:8b:01:07:67:b9:8e:74:0d:30:96:e9:b1:c4:20:f6:8a:
         50:18:12:e3:0b:3c:ef:6e:88:0d:45:c1:32:12:22:04:67:83:
         89:87:c2:5c:9b:2c:fc:96:5e:f8:df:fd:ad:c4:ba:6b:77:b7:
         14:0e:47:42:09:8f:9b:f3:9a:73:89:bb:e7:42:4c:1f:27:34:
         c0:b4:54:01
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUGXt1Aq3U3Qh+2hB+MUSmB+Ed7tcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMjA1MDAwMDAwWhcNMjUwMzEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BmNjZlZmYyZTdkNTQ4NGQ5ZTYxNTA3YTk2NTNjYzM5ZmJj
ZjNhZWI1NTJkZTY5ZTkzM2UxYzI1YTE3ZDhkMzM4MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0cej8HzK5WY9T4RBSVxvenaOrp0c8mBBQSlVoyyqAv2yf
kM31TQP2jWDB56D7lrXM7WG0+3NNrCOATQM9t9PnFF1B/KRLtFeiyvFVLCEjMm9a
jML4u2nX8xTJc95hY0TYV21/juDQBC+JT/BfHhkg1BxHys9g3Kwa+G+04Rk5pWxD
5hyy7uaUs5r6lbQMTdiTSeEOtvsXx7IHsLuCFTFyXH/gWoxiqOsloCcxV7rfL9bS
aB6Bcy2XSRNAip/vUrrdtbE0JDdBLIHHzX9NJ3Md+FxFvcvMfauLHwrUryk39wkG
MOSiJ2YBSVRsoFaRqF0gR0wXcvxghgSUk7DqqcpbAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU5Mp6hrU9oHZTcvhxRAr0UNuo+V4wHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2VmMjk1ODA0LTg5YTctNGVjMy04MjZlLTczZTMyNzMzZGMwMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVR0wDQYJKoZIhvcNAQELBQADggEBAAQI6/xB/qnBHDKCv8wXICVM
ODr/KIZoDQmN7EHhSirVB/q3uPh+o1uKEprRT72hV+7gbAaZb2k3pOOkPcKYxi60
Eu2jFuC/N2Ux5kkM0sdhi16njl81rNW5VHeWczz9P6GTYvy1P/hsRzLOAWWZVU0D
J2oUsBP1EVU58Izn3SwbYAcWgp7rckOxIhv/Pjafn+1tqIWyWo/PHuciDHJjlkoJ
8OcmFET6G5sFG+EkotdHWST09qMLiwEHZ7mOdA0wlumxxCD2ilAYEuMLPO9uiA1F
wTISIgRng4mHwlybLPyWXvjf/a3Eumt3txQOR0IJj5vzmnOJu+dCTB8nNMC0VAE=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:43:15 2025 by rpki-client