Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f5ede365-047d-4c5f-a97d-dee6ba58b110.roa
File:                     f5ede365-047d-4c5f-a97d-dee6ba58b110.roa (raw, json)
Hash identifier:          LefQX4ipUoJMMlFo3f6RmJmmM49rN7C56X5h/Af9WF0=
Subject key identifier:   EC:9B:4F:7D:F9:1D:C9:11:73:B1:A0:9C:16:99:25:67:3E:1D:25:B7
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0C1B75904E9B78D2E50DD23E9A911261C2F8EA13
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f5ede365-047d-4c5f-a97d-dee6ba58b110.roa
Signing time:             Tue 22 Apr 2025 16:50:09 +0000
ROA not before:           Tue 22 Apr 2025 16:50:09 +0000
ROA not after:            Tue 27 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f17:4400::/38 maxlen: 38
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 27 Apr 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:1b:75:90:4e:9b:78:d2:e5:0d:d2:3e:9a:91:12:61:c2:f8:ea:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 22 16:50:09 2025 GMT
            Not After : May 27 23:59:59 2025 GMT
        Subject: serialNumber=ef4712fcd23f410f6c2b3351a46d9e44176359312ab26a324c6165565e7fb2e7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:0d:92:68:76:93:06:dd:bd:9a:d5:fd:a1:ea:
                    80:12:6d:61:15:76:48:5d:33:12:59:98:9a:9d:ef:
                    a0:8e:bf:49:7d:03:52:91:f7:40:1b:c5:28:da:70:
                    4b:b5:b6:05:04:2f:4a:7e:7d:eb:12:f5:a5:85:b3:
                    52:d7:ef:4d:b5:e5:60:db:db:59:f7:15:2f:70:1d:
                    a6:a3:7d:c8:e7:86:42:43:ea:53:0e:d3:2f:70:81:
                    9a:0b:57:28:e4:5e:09:15:86:c2:e1:87:ec:db:6b:
                    6e:ca:5b:9d:b3:99:35:a6:e2:2e:25:67:48:18:b7:
                    6e:c9:0a:e8:6a:78:12:b7:50:2e:9f:ee:8d:f7:50:
                    b3:26:4a:7f:00:86:9b:f6:fc:30:28:44:79:ea:04:
                    a8:af:df:44:f7:9e:99:46:13:fe:b3:8f:1d:cd:3b:
                    43:53:e2:31:45:27:36:60:6f:73:69:29:57:83:37:
                    cf:67:4b:49:a9:23:7a:f8:f8:60:6f:5f:cf:dc:ef:
                    65:78:04:b4:47:16:9a:2d:c9:78:0d:3a:8b:44:77:
                    4a:fa:c5:d3:3a:b0:40:37:a5:09:66:5e:df:54:6c:
                    9d:fa:bb:28:c6:0c:7a:73:2e:ae:b2:43:2d:b7:99:
                    70:c6:4c:48:50:08:b7:39:cd:6f:0f:95:97:d5:f2:
                    e9:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:9B:4F:7D:F9:1D:C9:11:73:B1:A0:9C:16:99:25:67:3E:1D:25:B7
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f5ede365-047d-4c5f-a97d-dee6ba58b110.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f17:4400::/38

    Signature Algorithm: sha256WithRSAEncryption
         6f:73:c0:76:f6:b2:6e:1f:a3:f0:73:49:82:15:71:c9:cd:a4:
         ff:94:19:c4:8e:c0:57:1e:c2:be:bc:75:06:2e:2f:42:d0:74:
         1b:be:db:b1:be:70:2f:7b:c4:8e:8e:b8:59:61:d6:99:1d:64:
         71:47:84:cd:e7:06:b9:db:e4:2b:1f:84:ab:74:ab:03:cc:55:
         cf:95:ce:2f:e3:d2:8c:5e:90:39:b1:48:91:dc:cf:42:5e:a6:
         1b:49:53:aa:b2:c8:e8:fc:35:c5:b7:0a:71:1e:24:7c:9f:00:
         4e:1c:08:4d:e9:9d:70:9f:39:4b:50:f7:84:b0:c7:ce:f1:cb:
         87:b4:c7:27:f3:11:49:5a:e4:80:61:ec:6a:d2:d1:8a:e0:e9:
         c5:f6:0e:a1:8b:58:66:0a:90:fb:aa:9e:88:df:df:ae:84:6b:
         26:79:02:2d:4c:a7:25:8e:19:2a:c7:bb:b8:cc:13:4d:33:3a:
         3e:39:e8:74:66:16:7e:1d:67:f8:43:df:39:69:32:3b:d4:ee:
         9d:47:53:82:33:6f:c2:f3:7b:36:56:de:16:6a:97:4c:40:82:
         52:fc:82:8e:14:a3:57:fb:82:b4:39:b6:74:a0:c9:e0:af:27:
         cc:e7:19:43:53:f7:0f:9b:cc:fe:59:15:35:c9:df:44:40:b4:
         77:cc:d2:be
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUDBt1kE6beNLlDdI+mpESYcL46hMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDIyMTY1MDA5WhcNMjUwNTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BlZjQ3MTJmY2QyM2Y0MTBmNmMyYjMzNTFhNDZkOWU0NDE3
NjM1OTMxMmFiMjZhMzI0YzYxNjU1NjVlN2ZiMmU3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/DZJodpMG3b2a1f2h6oASbWEVdkhdMxJZmJqd76COv0l9
A1KR90AbxSjacEu1tgUEL0p+fesS9aWFs1LX70215WDb21n3FS9wHaajfcjnhkJD
6lMO0y9wgZoLVyjkXgkVhsLhh+zba27KW52zmTWm4i4lZ0gYt27JCuhqeBK3UC6f
7o33ULMmSn8Ahpv2/DAoRHnqBKiv30T3nplGE/6zjx3NO0NT4jFFJzZgb3NpKVeD
N89nS0mpI3r4+GBvX8/c72V4BLRHFpotyXgNOotEd0r6xdM6sEA3pQlmXt9UbJ36
uyjGDHpzLq6yQy23mXDGTEhQCLc5zW8PlZfV8um/AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU7JtPffkdyRFzsaCcFpklZz4dJbcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Y1ZWRlMzY1LTA0N2QtNGM1Zi1hOTdkLWRlZTZiYTU4YjExMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgImAB8XRDANBgkqhkiG9w0BAQsFAAOCAQEAb3PAdvaybh+j8HNJghVxyc2k
/5QZxI7AVx7Cvrx1Bi4vQtB0G77bsb5wL3vEjo64WWHWmR1kcUeEzecGudvkKx+E
q3SrA8xVz5XOL+PSjF6QObFIkdzPQl6mG0lTqrLI6Pw1xbcKcR4kfJ8AThwITemd
cJ85S1D3hLDHzvHLh7THJ/MRSVrkgGHsatLRiuDpxfYOoYtYZgqQ+6qeiN/froRr
JnkCLUynJY4ZKse7uMwTTTM6PjnodGYWfh1n+EPfOWkyO9TunUdTgjNvwvN7Nlbe
FmqXTECCUvyCjhSjV/uCtDm2dKDJ4K8nzOcZQ1P3D5vM/lkVNcnfREC0d8zSvg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:52:15 2025 by rpki-client