Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ae6edeec-08ba-4cde-8979-4faea4b1bc12/17/323630323a663965383a3a2f34302d3438203d3e203233323230.roa
File:                     323630323a663965383a3a2f34302d3438203d3e203233323230.roa (raw, json)
Hash identifier:          fswjGr1b3Vq7XxspaKSNsBI26J583gZ2oyXQli3a48E=
Subject key identifier:   49:4E:E6:50:36:8B:7A:D3:23:99:A3:99:6B:5C:BE:95:68:C9:44:B4
Certificate issuer:       /CN=d73656ced88be2df26e8fedea78d903fa24d694b36bf9f1992
Certificate serial:       040A46BB29697584F84820A082B3ED4D0EC177C1
Authority key identifier: C4:7A:79:9B:0B:26:9F:88:E8:38:1E:AD:F1:AA:22:E9:36:05:4D:F9
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/62dfe06a-d178-4b64-b19e-dc6d1fbf52b2/d73656ced88be2df26e8fedea78d903fa24d694b36bf9f1992.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/ae6edeec-08ba-4cde-8979-4faea4b1bc12/17/323630323a663965383a3a2f34302d3438203d3e203233323230.roa
Signing time:             Thu 13 Mar 2025 00:16:29 +0000
ROA not before:           Thu 13 Mar 2025 00:11:29 +0000
ROA not after:            Thu 12 Mar 2026 00:16:29 +0000
asID:                     23220
IP address blocks:        2602:f9e8::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/ae6edeec-08ba-4cde-8979-4faea4b1bc12/17/C47A799B0B269F88E8381EADF1AA22E936054DF9.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/ae6edeec-08ba-4cde-8979-4faea4b1bc12/17/C47A799B0B269F88E8381EADF1AA22E936054DF9.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/62dfe06a-d178-4b64-b19e-dc6d1fbf52b2/d73656ced88be2df26e8fedea78d903fa24d694b36bf9f1992.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/62dfe06a-d178-4b64-b19e-dc6d1fbf52b2/62dfe06a-d178-4b64-b19e-dc6d1fbf52b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/62dfe06a-d178-4b64-b19e-dc6d1fbf52b2/62dfe06a-d178-4b64-b19e-dc6d1fbf52b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/62dfe06a-d178-4b64-b19e-dc6d1fbf52b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/871da40f-793a-4a45-a0a9-978148321a07.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/871da40f-793a-4a45-a0a9-978148321a07.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 05 Apr 2025 16:34:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:0a:46:bb:29:69:75:84:f8:48:20:a0:82:b3:ed:4d:0e:c1:77:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d73656ced88be2df26e8fedea78d903fa24d694b36bf9f1992
        Validity
            Not Before: Mar 13 00:11:29 2025 GMT
            Not After : Mar 12 00:16:29 2026 GMT
        Subject: CN=494EE650368B7AD32399A3996B5CBE9568C944B4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:f2:98:bb:47:e0:8b:77:1e:5a:cc:1c:e3:ca:
                    b1:26:42:33:7f:ac:2d:a7:77:fb:17:fd:a3:cc:41:
                    0f:6a:47:5f:1d:fc:aa:0f:79:2e:57:17:1d:ee:8f:
                    4b:ce:29:29:ae:1f:15:12:4a:cd:fe:f8:3d:fc:52:
                    67:53:42:1a:45:ab:2a:57:0a:ae:d3:bf:fa:99:74:
                    b4:0f:14:00:5c:45:08:65:8d:cb:a6:c3:64:ab:35:
                    27:9b:22:74:45:9d:1d:8b:1f:ef:2a:c6:ec:af:e3:
                    f2:49:7e:1c:35:e3:8f:31:ef:6a:08:16:86:37:dc:
                    a3:53:ba:00:cc:0e:b0:aa:4e:ee:d4:5a:d2:2e:5c:
                    e1:73:4f:bf:fa:d1:1b:69:40:83:71:f2:45:aa:fc:
                    a4:f7:79:df:d7:fd:63:2f:29:d3:b0:94:af:32:57:
                    ad:d0:60:20:6e:d0:50:ba:d4:e9:1c:47:39:74:f2:
                    bb:cb:42:44:64:b5:7a:40:e4:75:20:c3:7c:25:fc:
                    ae:2a:be:25:6c:91:f8:65:6e:d9:32:bd:03:22:24:
                    c1:28:bf:87:8e:55:fb:0d:2a:82:60:26:86:05:d7:
                    9a:32:c5:96:4c:b0:71:2e:e7:32:ea:bd:8c:30:11:
                    21:e2:ba:66:23:7a:c6:99:c9:b2:a3:1d:0d:c9:c1:
                    11:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:4E:E6:50:36:8B:7A:D3:23:99:A3:99:6B:5C:BE:95:68:C9:44:B4
            X509v3 Authority Key Identifier:
                keyid:C4:7A:79:9B:0B:26:9F:88:E8:38:1E:AD:F1:AA:22:E9:36:05:4D:F9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/ae6edeec-08ba-4cde-8979-4faea4b1bc12/17/C47A799B0B269F88E8381EADF1AA22E936054DF9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/62dfe06a-d178-4b64-b19e-dc6d1fbf52b2/d73656ced88be2df26e8fedea78d903fa24d694b36bf9f1992.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ae6edeec-08ba-4cde-8979-4faea4b1bc12/17/323630323a663965383a3a2f34302d3438203d3e203233323230.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2602:f9e8::/40

    Signature Algorithm: sha256WithRSAEncryption
         15:6c:5d:46:52:ef:29:17:d4:37:7a:cd:fa:7b:7f:e7:bd:98:
         f1:f4:54:df:f3:e5:1d:f1:7f:5d:81:49:bd:d9:c4:5a:6b:a9:
         15:ee:79:f2:c3:f6:3b:d3:77:3d:50:e4:7f:2a:09:6d:7a:97:
         62:7c:b0:95:14:b6:67:df:1c:7b:78:64:b2:48:86:61:e9:d5:
         4f:77:f8:6b:92:b5:10:30:cc:c0:56:38:e6:16:3d:20:19:2b:
         3e:84:21:85:3d:cb:f4:3b:49:e7:c6:35:89:0b:70:68:40:93:
         09:fe:46:99:77:b5:7d:66:68:89:87:37:fb:2b:b6:9e:ba:b0:
         aa:06:30:37:82:19:0e:eb:a2:32:10:52:20:87:04:de:65:f6:
         e8:c7:f1:7b:ad:47:a5:da:0b:9c:3f:1d:b3:69:5b:f7:53:6d:
         37:92:66:93:19:dc:f3:01:d9:ff:ff:6c:08:3e:9a:f4:e3:55:
         30:47:d7:04:be:c9:ff:57:d6:72:66:97:82:6a:9b:86:bc:26:
         74:19:52:5e:3d:77:96:f1:86:87:2c:28:64:f1:35:b1:5b:c5:
         b1:b4:2f:d3:be:c6:1e:14:29:66:96:6b:04:f3:21:db:c3:ff:
         e0:71:45:6a:bb:f7:ec:52:f7:20:18:b9:ee:9d:4b:5e:94:72:
         fa:88:4c:b4
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgIUBApGuylpdYT4SCCggrPtTQ7Bd8EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDczNjU2Y2VkODhiZTJkZjI2ZThmZWRlYTc4ZDkwM2Zh
MjRkNjk0YjM2YmY5ZjE5OTIwHhcNMjUwMzEzMDAxMTI5WhcNMjYwMzEyMDAxNjI5
WjAzMTEwLwYDVQQDEyg0OTRFRTY1MDM2OEI3QUQzMjM5OUEzOTk2QjVDQkU5NTY4
Qzk0NEI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0PKYu0fgi3ce
Wswc48qxJkIzf6wtp3f7F/2jzEEPakdfHfyqD3kuVxcd7o9Lzikprh8VEkrN/vg9
/FJnU0IaRasqVwqu07/6mXS0DxQAXEUIZY3LpsNkqzUnmyJ0RZ0dix/vKsbsr+Py
SX4cNeOPMe9qCBaGN9yjU7oAzA6wqk7u1FrSLlzhc0+/+tEbaUCDcfJFqvyk93nf
1/1jLynTsJSvMlet0GAgbtBQutTpHEc5dPK7y0JEZLV6QOR1IMN8JfyuKr4lbJH4
ZW7ZMr0DIiTBKL+HjlX7DSqCYCaGBdeaMsWWTLBxLucy6r2MMBEh4rpmI3rGmcmy
ox0NycERMwIDAQABo4IC0DCCAswwHQYDVR0OBBYEFElO5lA2i3rTI5mjmWtcvpVo
yUS0MB8GA1UdIwQYMBaAFMR6eZsLJp+I6DgerfGqIuk2BU35MA4GA1UdDwEB/wQE
AwIHgDCBlwYDVR0fBIGPMIGMMIGJoIGGoIGDhoGAcnN5bmM6Ly9yc3luYy5wYWFz
LnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9hZTZlZGVlYy0wOGJhLTRjZGUtODk3
OS00ZmFlYTRiMWJjMTIvMTcvQzQ3QTc5OUIwQjI2OUY4OEU4MzgxRUFERjFBQTIy
RTkzNjA1NERGOS5jcmwwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB
03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81
ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvODcxZGE0MGYtNzkz
YS00YTQ1LWEwYTktOTc4MTQ4MzIxYTA3LzYyZGZlMDZhLWQxNzgtNGI2NC1iMTll
LWRjNmQxZmJmNTJiMi9kNzM2NTZjZWQ4OGJlMmRmMjZlOGZlZGVhNzhkOTAzZmEy
NGQ2OTRiMzZiZjlmMTk5Mi5jZXIwgawGCCsGAQUFBwELBIGfMIGcMIGZBggrBgEF
BQcwC4aBjHJzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvYWU2ZWRlZWMtMDhiYS00Y2RlLTg5NzktNGZhZWE0YjFiYzEyLzE3LzMyMzYz
MDMyM2E2NjM5NjUzODNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzMzMjMyMzAu
cm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQ
MA4EAgACMAgDBgAmAvnoADANBgkqhkiG9w0BAQsFAAOCAQEAFWxdRlLvKRfUN3rN
+nt/572Y8fRU3/PlHfF/XYFJvdnEWmupFe558sP2O9N3PVDkfyoJbXqXYnywlRS2
Z98ce3hkskiGYenVT3f4a5K1EDDMwFY45hY9IBkrPoQhhT3L9DtJ58Y1iQtwaECT
Cf5GmXe1fWZoiYc3+yu2nrqwqgYwN4IZDuuiMhBSIIcE3mX26Mfxe61HpdoLnD8d
s2lb91NtN5Jmkxnc8wHZ//9sCD6a9ONVMEfXBL7J/1fWcmaXgmqbhrwmdBlSXj13
lvGGhywoZPE1sVvFsbQv077GHhQpZpZrBPMh28P/4HFFarv37FL3IBi57p1LXpRy
+ohMtA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:26:10 2025 by rpki-client