Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/3d2c81ea-9409-45ff-91e4-45a394e9fb80.roa
File:                     3d2c81ea-9409-45ff-91e4-45a394e9fb80.roa (raw, json)
Hash identifier:          VQUbp+PrMETdGaETQRhhkibGDFwU8KF/+N/SgLMcE/I=
Subject key identifier:   09:C9:27:4B:CF:C1:BC:99:2F:ED:2A:5C:51:10:DF:1C:AA:EF:1B:13
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       7AC996152B14D2E6E339696B193651AC02FD1012
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/3d2c81ea-9409-45ff-91e4-45a394e9fb80.roa
Signing time:             Tue 14 Jan 2025 00:00:00 +0000
ROA not before:           Tue 14 Jan 2025 00:00:00 +0000
ROA not after:            Tue 18 Feb 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2605:9cc0:62b::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 12 Feb 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:c9:96:15:2b:14:d2:e6:e3:39:69:6b:19:36:51:ac:02:fd:10:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jan 14 00:00:00 2025 GMT
            Not After : Feb 18 23:59:59 2025 GMT
        Subject: CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:a3:c1:69:1f:68:df:9b:00:30:e7:9c:d2:7b:
                    3a:33:43:4a:6b:68:95:ce:ad:e6:2c:03:58:19:59:
                    88:fa:0d:c9:a6:45:e1:1a:ed:76:d6:dc:90:34:70:
                    b3:20:25:c7:a6:03:f0:ec:7b:8f:ad:fb:53:d5:fe:
                    1a:b0:05:bf:0f:13:00:6c:ac:f7:2d:39:bc:59:31:
                    4b:36:f0:76:80:4f:55:33:ab:52:8c:9c:0c:66:5a:
                    6a:20:ee:17:48:6f:8c:c9:6a:ae:4d:29:49:2b:29:
                    b2:db:1d:03:c1:d1:6c:53:d7:90:6e:39:b9:b8:1c:
                    c0:46:77:c3:e5:83:9b:f7:f4:da:13:3e:a8:c7:e4:
                    4c:7e:a9:ff:8e:ab:74:28:93:dd:a3:bd:af:54:c8:
                    98:3e:39:30:9d:47:ba:46:23:dc:99:91:cf:92:4c:
                    55:66:3c:97:5a:4b:f8:c3:3a:7d:62:ed:a7:54:15:
                    43:b6:ce:2c:8e:2e:97:c7:92:49:df:77:a7:70:62:
                    a0:a6:ff:b8:6e:4b:bf:17:3f:b0:46:12:8b:4d:c9:
                    8e:63:1a:af:47:9f:82:9c:52:33:ba:a4:c6:28:fd:
                    41:c7:2d:30:f2:1f:0f:c9:c5:94:0b:5a:fb:8c:b7:
                    5f:46:25:7c:cf:0f:c9:ef:20:f2:b5:a0:d8:fd:69:
                    cc:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:C9:27:4B:CF:C1:BC:99:2F:ED:2A:5C:51:10:DF:1C:AA:EF:1B:13
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/3d2c81ea-9409-45ff-91e4-45a394e9fb80.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:62b::/48

    Signature Algorithm: sha256WithRSAEncryption
         09:4c:b3:80:30:29:4c:ee:96:f4:57:61:5a:e8:a1:e5:f4:5f:
         1c:37:3c:5e:d7:dc:55:d2:c8:0c:2f:75:68:2e:ea:41:47:e8:
         c7:44:3f:90:46:0a:2c:1c:5d:21:ce:18:29:85:bb:39:a5:bf:
         1e:4f:1b:c9:9f:58:71:d6:3c:02:ed:c4:2c:84:62:0d:21:c6:
         02:82:e8:82:b9:0b:0a:b4:a4:5b:a7:3c:4e:ab:f8:c0:d2:c8:
         44:6d:4a:f6:39:8f:8a:26:95:e0:78:e1:f4:85:3b:0e:b5:09:
         b8:bf:4c:fb:f9:fc:e7:54:b5:82:10:5e:e3:fa:ff:5a:8d:08:
         bb:01:2d:87:ea:c3:d7:1e:40:58:b1:54:31:16:7b:58:7d:3b:
         a6:52:3b:10:ec:05:0e:40:d2:8a:3c:8e:ff:7b:7e:33:bc:df:
         15:12:8a:4d:02:52:a0:55:01:79:69:ec:fd:ae:ba:60:4e:36:
         0f:5e:0c:68:ec:1b:ff:5b:7b:34:b1:21:5a:61:44:fa:3f:34:
         9b:70:13:e9:9c:fb:87:a7:74:1a:f9:f0:3b:bc:7d:e1:c1:01:
         03:61:cc:6d:2e:21:13:a2:f2:44:9b:cf:81:73:16:7b:c7:28:
         18:9e:9c:f0:c8:fc:fc:e9:8c:e7:bb:3c:05:5f:ce:82:89:db:
         ed:aa:1f:e5
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUesmWFSsU0ubjOWlrGTZRrAL9EBIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwMTE0MDAwMDAwWhcNMjUwMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AxMWI2M2Q4MzY3YzEzOGNlODg1ZWY2MmIyN2ViNjIwMGMz
NGNlNDc0NjNjMzVkNjQ5NGRkZTdhNzE3ZDVjZGQwMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDho8FpH2jfmwAw55zSezozQ0praJXOreYsA1gZWYj6Dcmm
ReEa7XbW3JA0cLMgJcemA/Dse4+t+1PV/hqwBb8PEwBsrPctObxZMUs28HaAT1Uz
q1KMnAxmWmog7hdIb4zJaq5NKUkrKbLbHQPB0WxT15BuObm4HMBGd8Plg5v39NoT
PqjH5Ex+qf+Oq3Qok92jva9UyJg+OTCdR7pGI9yZkc+STFVmPJdaS/jDOn1i7adU
FUO2ziyOLpfHkknfd6dwYqCm/7huS78XP7BGEotNyY5jGq9Hn4KcUjO6pMYo/UHH
LTDyHw/JxZQLWvuMt19GJXzPD8nvIPK1oNj9acwZAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUCcknS8/BvJkv7SpcURDfHKrvGxMwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzNkMmM4MWVhLTk0MDktNDVmZi05MWU0LTQ1YTM5NGU5ZmI4MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzABiswDQYJKoZIhvcNAQELBQADggEBAAlMs4AwKUzulvRXYVrooeX0
Xxw3PF7X3FXSyAwvdWgu6kFH6MdEP5BGCiwcXSHOGCmFuzmlvx5PG8mfWHHWPALt
xCyEYg0hxgKC6IK5Cwq0pFunPE6r+MDSyERtSvY5j4omleB44fSFOw61Cbi/TPv5
/OdUtYIQXuP6/1qNCLsBLYfqw9ceQFixVDEWe1h9O6ZSOxDsBQ5A0oo8jv97fjO8
3xUSik0CUqBVAXlp7P2uumBONg9eDGjsG/9bezSxIVphRPo/NJtwE+mc+4endBr5
8Du8feHBAQNhzG0uIROi8kSbz4FzFnvHKBienPDI/PzpjOe7PAVfzoKJ2+2qH+U=
-----END CERTIFICATE-----
Generated at Mon Feb 10 17:11:45 2025 by rpki-client