Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/66f01be3-62cc-4bca-94fa-a48a5f45f2ff.roa
File:                     66f01be3-62cc-4bca-94fa-a48a5f45f2ff.roa (raw, json)
Hash identifier:          RNIzJb489xCPV9wdpoSdJhGwwO9coCnjVa7E1cmh2RY=
Subject key identifier:   A2:E8:3A:71:22:38:6A:FC:D4:22:C7:5B:1B:C0:42:5F:74:66:2B:AB
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       5C402C5E4BC9F96B5292C6D16664F29F500C071F
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/66f01be3-62cc-4bca-94fa-a48a5f45f2ff.roa
Signing time:             Mon 10 Feb 2025 00:00:00 +0000
ROA not before:           Mon 10 Feb 2025 00:00:00 +0000
ROA not after:            Mon 17 Mar 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2605:9cc0:310::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:40:2c:5e:4b:c9:f9:6b:52:92:c6:d1:66:64:f2:9f:50:0c:07:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Feb 10 00:00:00 2025 GMT
            Not After : Mar 17 23:59:59 2025 GMT
        Subject: CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:e5:e6:79:93:9d:b2:ec:37:f2:7f:64:b1:f5:
                    f1:7d:58:d5:f4:fb:24:d0:bc:56:97:64:ca:42:d6:
                    9c:8a:ba:b6:34:87:94:09:8d:e0:a4:e0:9e:29:93:
                    c1:d4:90:18:0b:67:3e:d5:15:22:c3:cc:8e:f6:81:
                    49:4d:ad:b7:f7:75:67:43:c0:2f:f8:2f:f9:6c:ec:
                    45:04:da:50:7c:bd:48:f3:d2:53:7a:25:19:2b:c8:
                    95:ba:77:6c:69:ee:fc:20:b7:d2:55:48:fe:e4:f0:
                    57:69:34:74:f1:fe:89:af:d7:29:a9:3a:f2:ee:46:
                    ea:77:51:e5:24:40:54:80:83:3b:fb:77:0a:59:9e:
                    f6:b7:b6:bf:a4:3d:07:97:67:1b:02:40:00:21:2d:
                    56:13:90:b7:cc:6b:a5:05:57:a5:cc:18:50:9e:ae:
                    f7:fc:d5:0f:14:bb:26:d9:25:71:12:a1:da:3f:5d:
                    2a:f4:97:6c:cd:05:f9:75:80:4e:bf:d8:2f:e5:da:
                    3e:5f:2a:55:52:94:fe:9c:54:68:da:4a:40:13:bc:
                    60:76:9e:c3:db:c2:d6:e2:66:e5:0c:24:6c:50:97:
                    d5:ac:db:5b:7d:87:7b:2d:66:e5:a6:ea:2b:77:02:
                    54:67:69:b0:85:15:73:84:7c:1e:12:37:f4:7c:0f:
                    92:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:E8:3A:71:22:38:6A:FC:D4:22:C7:5B:1B:C0:42:5F:74:66:2B:AB
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/66f01be3-62cc-4bca-94fa-a48a5f45f2ff.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:310::/48

    Signature Algorithm: sha256WithRSAEncryption
         33:b9:e3:b8:66:c6:4b:3c:08:ff:d2:ab:70:fc:0f:ec:06:4d:
         dc:d7:13:13:a2:71:67:26:69:db:eb:63:89:2c:3d:39:45:76:
         97:71:68:7f:07:a0:26:34:79:c6:f5:da:dc:63:86:46:1d:d9:
         fa:8c:eb:91:bc:92:30:e8:73:72:ab:c8:18:33:5d:94:8b:14:
         9d:38:ce:46:85:11:20:6f:f0:8a:82:84:6d:f8:5c:9b:11:16:
         bf:03:93:50:ee:3e:a5:09:20:36:3e:53:9e:c6:d9:3f:80:62:
         ca:28:70:a3:03:41:e4:59:cc:cc:66:01:9b:11:8f:c9:95:b4:
         cc:5d:0a:bf:bb:91:e3:b6:7c:b9:94:3b:25:37:ee:b3:16:1c:
         42:e4:3e:4b:53:47:cf:94:47:e6:bd:c6:d4:02:a7:e6:d4:b5:
         a5:e8:1d:0c:ed:75:7c:ac:01:1c:d5:b0:4b:b8:8d:f2:f9:c7:
         a1:8e:78:3c:ae:06:25:bb:68:dc:ea:bf:9b:a6:81:0a:78:07:
         17:bf:3a:76:1a:34:42:f5:3d:63:d2:04:2f:2e:2e:a0:64:ff:
         95:e9:b9:dd:07:eb:c8:6b:22:f6:25:ac:2b:17:b6:dc:e7:43:
         fe:c6:02:f8:09:3d:40:83:e0:2e:8e:0b:09:cb:df:0b:ca:1f:
         b7:8b:a8:a7
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUXEAsXkvJ+WtSksbRZmTyn1AMBx8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwMjEwMDAwMDAwWhcNMjUwMzE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BiMzNiNWEwNjM0N2Y3NzAwMWNlODA5ZTM4MzMxOGI3M2M4
N2Y3MmM0OTYxMWQyNmFlZjQ5OTk4NmU0YzgxZDQ3MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDX5eZ5k52y7Dfyf2Sx9fF9WNX0+yTQvFaXZMpC1pyKurY0
h5QJjeCk4J4pk8HUkBgLZz7VFSLDzI72gUlNrbf3dWdDwC/4L/ls7EUE2lB8vUjz
0lN6JRkryJW6d2xp7vwgt9JVSP7k8FdpNHTx/omv1ympOvLuRup3UeUkQFSAgzv7
dwpZnva3tr+kPQeXZxsCQAAhLVYTkLfMa6UFV6XMGFCervf81Q8UuybZJXESodo/
XSr0l2zNBfl1gE6/2C/l2j5fKlVSlP6cVGjaSkATvGB2nsPbwtbiZuUMJGxQl9Ws
21t9h3stZuWm6it3AlRnabCFFXOEfB4SN/R8D5JPAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUoug6cSI4avzUIsdbG8BCX3RmK6swHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzY2ZjAxYmUzLTYyY2MtNGJjYS05NGZhLWE0OGE1ZjQ1ZjJmZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzAAxAwDQYJKoZIhvcNAQELBQADggEBADO547hmxks8CP/Sq3D8D+wG
TdzXExOicWcmadvrY4ksPTlFdpdxaH8HoCY0ecb12txjhkYd2fqM65G8kjDoc3Kr
yBgzXZSLFJ04zkaFESBv8IqChG34XJsRFr8Dk1DuPqUJIDY+U57G2T+AYsoocKMD
QeRZzMxmAZsRj8mVtMxdCr+7keO2fLmUOyU37rMWHELkPktTR8+UR+a9xtQCp+bU
taXoHQztdXysARzVsEu4jfL5x6GOeDyuBiW7aNzqv5umgQp4Bxe/OnYaNEL1PWPS
BC8uLqBk/5Xpud0H68hrIvYlrCsXttznQ/7GAvgJPUCD4C6OCwnL3wvKH7eLqKc=
-----END CERTIFICATE-----
Generated at Sun Feb 16 05:39:15 2025 by rpki-client