Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/86b03fee-2a6f-4c44-bcbd-7e59bccf1590.roa
File: 86b03fee-2a6f-4c44-bcbd-7e59bccf1590.roa (raw, json)
Hash identifier: vw1xAtJE1pDs68ikpfQkVVQqfhUS+iqy3ggGn0CChD8=
Subject key identifier: 40:5E:C9:4E:1C:BF:18:32:44:70:BA:2D:A5:25:E7:35:FD:21:B4:D4
Certificate issuer: /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial: 52D18BBEB04FF6CB22B7C2A1F4947F476416C889
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/86b03fee-2a6f-4c44-bcbd-7e59bccf1590.roa
Signing time: Mon 17 Mar 2025 15:40:11 +0000
ROA not before: Mon 17 Mar 2025 15:40:11 +0000
ROA not after: Mon 21 Apr 2025 23:59:59 +0000
asID: 21664
IP address blocks: 2605:9cc0:c20::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires: Wed 09 Apr 2025 18:00:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:d1:8b:be:b0:4f:f6:cb:22:b7:c2:a1:f4:94:7f:47:64:16:c8:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Validity
Not Before: Mar 17 15:40:11 2025 GMT
Not After : Apr 21 23:59:59 2025 GMT
Subject: CN=f7243785-46de-414b-9b8f-7a9699e979e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a5:29:9a:55:d1:97:de:48:a5:d1:f0:06:0a:
1b:b1:48:62:09:39:dd:b8:8a:ad:5b:62:52:4a:eb:
18:11:cf:34:fc:43:66:0c:7e:a3:11:dc:4a:bd:9c:
af:22:aa:7f:00:a8:cd:42:f9:a7:f4:90:7b:d8:e6:
e1:b4:45:09:28:02:a8:40:55:e9:50:a6:81:be:cd:
c5:56:1e:bc:02:c2:c6:3e:1e:5a:59:33:5b:64:36:
11:0a:35:d7:23:73:30:b6:74:cb:fb:0a:51:f1:b8:
89:77:7f:d0:22:79:7e:a8:65:7a:bb:87:df:32:91:
95:ec:a7:de:4c:57:8d:c5:b3:6a:45:c7:71:cd:5f:
d1:93:42:12:5b:c0:d5:22:05:63:de:c0:ac:06:22:
f9:46:b2:46:5a:b2:bd:dd:d0:26:a3:2d:6e:c1:be:
06:ae:b7:07:cb:66:ad:d9:56:31:46:27:57:fa:ec:
0b:81:89:cb:0c:f5:41:d5:f2:1b:9c:0f:87:6d:1d:
5c:8d:7f:5f:14:ff:2e:c4:46:f7:bc:d6:42:9f:ba:
91:a8:96:84:51:62:9a:94:e4:8a:9b:35:ff:c9:bf:
5e:1e:6e:c9:6d:5d:6e:24:eb:f2:e1:dd:8e:69:0a:
15:df:b5:22:3a:fe:11:5d:91:bb:75:72:5f:be:b4:
2b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:5E:C9:4E:1C:BF:18:32:44:70:BA:2D:A5:25:E7:35:FD:21:B4:D4
X509v3 Authority Key Identifier:
keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/86b03fee-2a6f-4c44-bcbd-7e59bccf1590.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2605:9cc0:c20::/48
Signature Algorithm: sha256WithRSAEncryption
58:ba:10:64:8f:19:aa:6e:95:05:91:72:cc:55:c3:2a:92:ee:
66:39:42:43:78:59:3a:f2:59:88:79:ab:71:97:cb:a5:31:d6:
cd:82:f9:1b:83:1c:ab:a1:38:7f:32:85:e8:be:24:8d:ec:ce:
1d:b9:8f:39:50:b1:a3:dc:81:77:dc:2e:68:41:dd:76:39:bf:
a4:7c:e9:90:09:de:9e:b0:43:0d:9d:f2:3b:a3:1d:a9:59:09:
c6:5b:46:f8:63:df:2c:6e:5a:64:3a:20:3e:b2:e9:75:ce:e3:
b7:1d:1c:d2:2f:90:e3:28:d4:7c:43:98:78:0b:db:74:9d:53:
44:53:8b:a6:8b:44:f7:fa:38:d0:0c:89:81:40:b3:55:42:08:
25:d0:e3:6e:74:47:98:2e:b4:ab:ed:17:94:1b:28:d9:b2:ed:
de:c9:c4:bb:03:48:5f:9c:69:67:a9:4e:fd:bb:2e:99:10:ae:
44:fb:6d:ff:a1:b9:37:52:4d:41:bc:c4:df:0a:92:f8:bc:82:
b7:70:a3:65:24:36:94:e8:9f:f8:cd:e5:24:ec:e5:a3:c3:cd:
ad:a3:bb:6f:e4:1a:46:7d:e7:e5:e5:cc:0c:e2:cf:d7:08:d1:
88:5e:dc:de:e5:13:1c:30:40:06:0e:31:6b:f3:57:be:9f:1a:
b3:7f:3e:02
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUUtGLvrBP9ssit8Kh9JR/R2QWyIkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwMzE3MTU0MDExWhcNMjUwNDIxMjM1OTU5
WjB6MUkwRwYDVQQFE0AwN2I2ZDg5MmNlYjUxYWZhMThiMTVmOTZhMGEwMzA2ODli
NGFmMTA3ZTM4NzNjOTk3MTEyN2EwZGI3MzQ4ZTdiMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC8pSmaVdGX3kil0fAGChuxSGIJOd24iq1bYlJK6xgRzzT8
Q2YMfqMR3Eq9nK8iqn8AqM1C+af0kHvY5uG0RQkoAqhAVelQpoG+zcVWHrwCwsY+
HlpZM1tkNhEKNdcjczC2dMv7ClHxuIl3f9AieX6oZXq7h98ykZXsp95MV43Fs2pF
x3HNX9GTQhJbwNUiBWPewKwGIvlGskZasr3d0CajLW7BvgautwfLZq3ZVjFGJ1f6
7AuBicsM9UHV8hucD4dtHVyNf18U/y7ERve81kKfupGoloRRYpqU5IqbNf/Jv14e
bsltXW4k6/Lh3Y5pChXftSI6/hFdkbt1cl++tCtXAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUQF7JThy/GDJEcLotpSXnNf0htNQwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzg2YjAzZmVlLTJhNmYtNGM0NC1iY2JkLTdlNTliY2NmMTU5MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzADCAwDQYJKoZIhvcNAQELBQADggEBAFi6EGSPGapulQWRcsxVwyqS
7mY5QkN4WTryWYh5q3GXy6Ux1s2C+RuDHKuhOH8yhei+JI3szh25jzlQsaPcgXfc
LmhB3XY5v6R86ZAJ3p6wQw2d8jujHalZCcZbRvhj3yxuWmQ6ID6y6XXO47cdHNIv
kOMo1HxDmHgL23SdU0RTi6aLRPf6ONAMiYFAs1VCCCXQ4250R5gutKvtF5QbKNmy
7d7JxLsDSF+caWepTv27LpkQrkT7bf+huTdSTUG8xN8Kkvi8grdwo2UkNpTon/jN
5STs5aPDza2ju2/kGkZ95+XlzAziz9cI0Yhe3N7lExwwQAYOMWvzV76fGrN/PgI=
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:59:25 2025 by rpki-client