Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/ed3d80c5-fe07-46d3-90ed-6c6eaf8d34d3.roa
File:                     ed3d80c5-fe07-46d3-90ed-6c6eaf8d34d3.roa (raw, json)
Hash identifier:          BvzWhu24Ye1GbJ/T5OfeoUOFN8L+0Cuw1BifAfvQrp0=
Subject key identifier:   15:3A:4F:6C:AC:4A:2D:D9:83:C8:D5:15:EC:7D:E7:30:3E:6C:2C:BF
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       31EF133E186EA0B4F98362689E99A7FEAB4DDD41
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/ed3d80c5-fe07-46d3-90ed-6c6eaf8d34d3.roa
Signing time:             Wed 05 Feb 2025 00:00:00 +0000
ROA not before:           Wed 05 Feb 2025 00:00:00 +0000
ROA not after:            Wed 12 Mar 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2605:9cc0:b00::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:ef:13:3e:18:6e:a0:b4:f9:83:62:68:9e:99:a7:fe:ab:4d:dd:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Feb  5 00:00:00 2025 GMT
            Not After : Mar 12 23:59:59 2025 GMT
        Subject: CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:1e:12:41:9d:5f:b9:7e:9d:96:14:e6:3e:29:
                    a6:54:59:4f:2c:59:21:5c:14:e1:1e:40:d9:5a:0a:
                    88:19:9a:ce:60:ce:fb:49:64:ce:43:02:7f:3a:1a:
                    55:7b:0d:d2:1b:a9:1e:56:8f:d6:7e:83:44:eb:ab:
                    c2:5c:19:62:06:c1:37:47:d1:d8:74:0c:d0:8a:41:
                    1c:ce:2a:bc:35:98:e5:b2:77:08:ab:35:de:a8:f6:
                    a3:8a:55:ba:13:0b:18:97:4d:75:6f:36:86:4d:b9:
                    e4:b8:65:85:c6:a0:bd:fa:3a:2b:2e:f9:e7:09:3c:
                    6f:f0:0d:8a:b3:4b:0c:b6:3d:1f:4b:43:db:5f:f7:
                    f1:5a:41:0a:a8:3a:80:f1:f4:b8:32:8e:cd:1d:15:
                    0c:c4:cf:5d:4b:d7:f2:66:7f:dd:4d:15:93:6f:75:
                    5b:47:8b:6c:98:8c:a8:e5:9d:42:79:d9:47:dc:ba:
                    fb:0e:c0:e1:5d:59:12:09:2a:49:0b:4d:f3:b4:79:
                    0f:5b:9f:52:3f:ea:32:e6:67:73:f4:e7:8e:0a:23:
                    81:eb:61:10:de:e0:29:e3:7e:35:79:0b:4d:6b:e2:
                    d2:af:23:a1:c7:6f:ac:dc:4c:53:69:57:c9:56:c4:
                    75:81:df:fb:cc:26:0f:57:6d:e7:07:1b:e7:9c:6b:
                    e5:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:3A:4F:6C:AC:4A:2D:D9:83:C8:D5:15:EC:7D:E7:30:3E:6C:2C:BF
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/ed3d80c5-fe07-46d3-90ed-6c6eaf8d34d3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:b00::/40

    Signature Algorithm: sha256WithRSAEncryption
         8d:ae:07:5c:15:78:0b:c8:c5:bb:3e:2e:3c:7c:d7:aa:b8:69:
         19:ce:36:d7:57:ef:66:25:f5:c1:19:11:69:76:8a:d0:37:5a:
         ae:c5:74:38:c6:11:72:51:bc:96:e2:3a:50:44:55:e6:d8:64:
         ea:32:29:43:0f:c3:4f:59:90:b0:ad:ff:71:7b:8c:7a:55:3d:
         23:7c:e7:b4:c5:36:94:a6:04:08:25:77:4f:55:06:b0:8a:df:
         ff:3f:d6:a0:5b:ca:b9:19:1e:86:27:a5:52:70:bb:a6:b9:c8:
         d7:00:3d:a5:1e:f0:45:b9:ed:12:42:77:bf:c3:f0:51:7e:91:
         5c:84:7c:18:aa:d0:1e:9d:d5:eb:f4:83:3b:a8:c2:d4:5e:96:
         5f:07:94:18:f0:d5:80:e9:7d:4a:8d:dd:c1:15:cb:b0:f6:0e:
         76:20:60:9b:d0:fa:b9:ea:74:39:47:51:bf:78:51:9c:94:48:
         59:3c:36:f3:22:84:9f:86:e5:6c:fc:17:cc:b6:11:e7:bc:e8:
         17:47:6d:d0:1c:05:cb:a9:2a:5b:27:25:b3:82:34:03:e7:56:
         25:ad:23:df:0d:7d:3c:00:6b:2b:b1:14:a1:ee:96:65:75:0e:
         0c:d2:f5:21:3c:34:a8:06:4f:ef:0e:1b:0f:2f:4b:4e:b6:11:
         10:d6:1a:d3
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUMe8TPhhuoLT5g2Jonpmn/qtN3UEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwMjA1MDAwMDAwWhcNMjUwMzEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BmNDdmOTI2YmU3ZjlkNGFhYTkxYzU3YzU0NWRkM2ZhZTU5
NDgzNWIyZGEwNWY5Njg3ZTBkNGYyOGJiMmI2OWZhMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDXHhJBnV+5fp2WFOY+KaZUWU8sWSFcFOEeQNlaCogZms5g
zvtJZM5DAn86GlV7DdIbqR5Wj9Z+g0Trq8JcGWIGwTdH0dh0DNCKQRzOKrw1mOWy
dwirNd6o9qOKVboTCxiXTXVvNoZNueS4ZYXGoL36Oisu+ecJPG/wDYqzSwy2PR9L
Q9tf9/FaQQqoOoDx9Lgyjs0dFQzEz11L1/Jmf91NFZNvdVtHi2yYjKjlnUJ52Ufc
uvsOwOFdWRIJKkkLTfO0eQ9bn1I/6jLmZ3P0544KI4HrYRDe4CnjfjV5C01r4tKv
I6HHb6zcTFNpV8lWxHWB3/vMJg9XbecHG+eca+UHAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUFTpPbKxKLdmDyNUV7H3nMD5sLL8wHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2VkM2Q4MGM1LWZlMDctNDZkMy05MGVkLTZjNmVhZjhkMzRkMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmBZzACzANBgkqhkiG9w0BAQsFAAOCAQEAja4HXBV4C8jFuz4uPHzXqrhp
Gc4211fvZiX1wRkRaXaK0DdarsV0OMYRclG8luI6UERV5thk6jIpQw/DT1mQsK3/
cXuMelU9I3zntMU2lKYECCV3T1UGsIrf/z/WoFvKuRkehielUnC7prnI1wA9pR7w
RbntEkJ3v8PwUX6RXIR8GKrQHp3V6/SDO6jC1F6WXweUGPDVgOl9So3dwRXLsPYO
diBgm9D6uep0OUdRv3hRnJRIWTw28yKEn4blbPwXzLYR57zoF0dt0BwFy6kqWycl
s4I0A+dWJa0j3w19PABrK7EUoe6WZXUODNL1ITw0qAZP7w4bDy9LTrYRENYa0w==
-----END CERTIFICATE-----
Generated at Sun Feb 16 05:38:33 2025 by rpki-client