Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bf8d77dc-48f9-49c2-ac2d-febcf8af2bd6.roa
File:                     bf8d77dc-48f9-49c2-ac2d-febcf8af2bd6.roa (raw, json)
Hash identifier:          BqyCh7Ckc9qDQFltpigozhQQRUE/fB8RpXsO4tugUKg=
Subject key identifier:   68:A6:3B:B1:E8:37:5C:3F:03:34:58:20:41:08:50:E2:3B:60:2E:82
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       647BD025DB2398B92AF61E40E1BA59D830C22086
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bf8d77dc-48f9-49c2-ac2d-febcf8af2bd6.roa
Signing time:             Tue 22 Apr 2025 00:41:53 +0000
ROA not before:           Tue 22 Apr 2025 00:41:53 +0000
ROA not after:            Tue 27 May 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f00:8050::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 27 Apr 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            64:7b:d0:25:db:23:98:b9:2a:f6:1e:40:e1:ba:59:d8:30:c2:20:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 22 00:41:53 2025 GMT
            Not After : May 27 23:59:59 2025 GMT
        Subject: serialNumber=e592023126f41a6524003c8f0af93b45fb18aef644fed7610029d2d847804a48, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:f6:a8:2d:fa:f2:7c:10:32:13:0b:b1:49:55:
                    76:d6:53:96:4b:c3:74:cf:bf:a3:ed:93:97:b5:94:
                    2a:aa:e3:0a:f9:eb:28:0a:8b:74:8a:ef:94:fa:d3:
                    39:f6:b9:b0:56:b4:37:9f:e0:33:68:31:a8:ef:1d:
                    20:0b:42:e5:f6:37:62:36:65:b4:e0:7c:b9:bb:1b:
                    b3:3f:74:76:4f:c8:3f:ca:49:1e:ea:5b:5b:51:25:
                    97:9c:8b:51:83:58:20:ee:25:dc:18:c6:a7:62:f6:
                    d5:71:03:a4:9a:1b:fb:00:b6:e1:e0:8d:27:e2:47:
                    1e:61:e5:20:1c:22:e8:1f:68:9d:60:9e:48:a6:b6:
                    46:db:5e:df:aa:60:b2:fc:fd:4d:de:57:84:c7:3a:
                    35:8e:42:f5:a5:da:19:6c:f0:49:3c:b4:44:9f:c8:
                    32:f4:5d:8c:42:57:92:b0:45:b7:4d:6f:0d:ee:0f:
                    3c:ed:ba:c3:3e:0a:db:2c:81:ff:eb:b3:b3:52:b1:
                    c7:d6:68:bb:cd:a4:64:03:c4:d5:d1:18:ff:c3:1b:
                    2a:fa:53:19:90:1a:85:fd:2a:ad:00:16:e8:56:f1:
                    9f:2f:eb:54:ab:1a:99:d1:88:13:14:20:fc:34:33:
                    77:15:54:0d:11:5e:02:a9:68:f0:c7:5b:81:74:a2:
                    81:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:A6:3B:B1:E8:37:5C:3F:03:34:58:20:41:08:50:E2:3B:60:2E:82
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bf8d77dc-48f9-49c2-ac2d-febcf8af2bd6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f00:8050::/48

    Signature Algorithm: sha256WithRSAEncryption
         9a:80:67:87:f6:8d:61:1d:b2:20:8a:5f:15:6f:42:fb:fc:b9:
         2d:cd:2d:59:ed:1c:2e:7a:45:a7:7b:eb:ad:f6:01:32:0a:88:
         02:60:ab:9a:30:65:36:3b:f6:ca:c0:4a:70:d4:46:d9:87:47:
         42:94:67:85:c8:c6:31:df:cf:48:c4:ed:8e:2e:c9:99:f6:4c:
         f4:35:61:da:e2:f2:54:03:14:9d:d2:e9:0f:08:23:bd:d6:72:
         a7:d2:6b:3e:40:07:4c:a8:86:e3:d2:ed:93:73:72:24:20:b2:
         41:19:5d:6a:02:04:a9:3c:76:e0:f9:80:95:90:cd:91:97:63:
         0b:f2:b6:69:76:7f:ca:af:9f:30:b1:d6:a1:38:df:a5:53:d6:
         3c:42:7e:7f:83:47:8f:d7:82:3e:fa:d9:5b:eb:8e:7d:38:ef:
         c6:d6:15:23:6b:fd:5e:5e:1c:22:fb:84:6c:7f:e0:a3:2d:e6:
         4a:7a:f7:69:a7:be:ad:4a:f1:47:c8:c0:22:bb:92:64:10:d8:
         e2:f8:29:72:63:be:f4:7e:a3:a2:a5:89:96:97:62:81:1a:79:
         58:21:76:a1:65:5a:fc:c0:71:26:25:35:bd:d2:e6:f3:03:09:
         92:fe:af:d5:d9:da:71:a8:f6:ed:7f:a8:13:a3:68:f2:0c:d5:
         1d:ae:a7:41
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUZHvQJdsjmLkq9h5A4bpZ2DDCIIYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDIyMDA0MTUzWhcNMjUwNTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BlNTkyMDIzMTI2ZjQxYTY1MjQwMDNjOGYwYWY5M2I0NWZi
MThhZWY2NDRmZWQ3NjEwMDI5ZDJkODQ3ODA0YTQ4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCy9qgt+vJ8EDITC7FJVXbWU5ZLw3TPv6Ptk5e1lCqq4wr5
6ygKi3SK75T60zn2ubBWtDef4DNoMajvHSALQuX2N2I2ZbTgfLm7G7M/dHZPyD/K
SR7qW1tRJZeci1GDWCDuJdwYxqdi9tVxA6SaG/sAtuHgjSfiRx5h5SAcIugfaJ1g
nkimtkbbXt+qYLL8/U3eV4THOjWOQvWl2hls8Ek8tESfyDL0XYxCV5KwRbdNbw3u
DzztusM+Ctssgf/rs7NSscfWaLvNpGQDxNXRGP/DGyr6UxmQGoX9Kq0AFuhW8Z8v
61SrGpnRiBMUIPw0M3cVVA0RXgKpaPDHW4F0ooFJAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUaKY7seg3XD8DNFggQQhQ4jtgLoIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JmOGQ3N2RjLTQ4ZjktNDljMi1hYzJkLWZlYmNmOGFmMmJkNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB8AgFAwDQYJKoZIhvcNAQELBQADggEBAJqAZ4f2jWEdsiCKXxVvQvv8
uS3NLVntHC56Rad76632ATIKiAJgq5owZTY79srASnDURtmHR0KUZ4XIxjHfz0jE
7Y4uyZn2TPQ1Ydri8lQDFJ3S6Q8II73WcqfSaz5AB0yohuPS7ZNzciQgskEZXWoC
BKk8duD5gJWQzZGXYwvytml2f8qvnzCx1qE436VT1jxCfn+DR4/Xgj762Vvrjn04
78bWFSNr/V5eHCL7hGx/4KMt5kp692mnvq1K8UfIwCK7kmQQ2OL4KXJjvvR+o6Kl
iZaXYoEaeVghdqFlWvzAcSYlNb3S5vMDCZL+r9XZ2nGo9u1/qBOjaPIM1R2up0E=
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:24:13 2025 by rpki-client