Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1b35ef4c-a3c4-48e9-9f86-c2d68b0fe6ce.roa
File:                     1b35ef4c-a3c4-48e9-9f86-c2d68b0fe6ce.roa (raw, json)
Hash identifier:          CyYPPQNfstUTaiPcpMJdefhmTereTE8VvgBzj4sDGRE=
Subject key identifier:   24:6C:B2:98:7A:3E:45:EF:65:91:42:FB:C9:20:EF:9C:05:0F:0F:4B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5B4F5E3C22ADC5AC8BE49D9B1E10D5F9423B92C1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1b35ef4c-a3c4-48e9-9f86-c2d68b0fe6ce.roa
Signing time:             Sat 16 Mar 2024 00:00:00 +0000
ROA not before:           Sat 16 Mar 2024 00:00:00 +0000
ROA not after:            Sat 20 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ffd:81c2::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:4f:5e:3c:22:ad:c5:ac:8b:e4:9d:9b:1e:10:d5:f9:42:3b:92:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 16 00:00:00 2024 GMT
            Not After : Apr 20 23:59:59 2024 GMT
        Subject: serialNumber=f7ea11687686ae6ebdd86089ba356420da75a7dbcee4a2757176cfc42d4c8a54, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:1e:a3:fb:3f:5f:46:41:38:ad:99:38:0b:8e:
                    36:f4:cf:94:a1:ff:13:59:c2:f1:90:54:f5:75:37:
                    eb:9e:a0:88:e1:c2:6e:23:b8:6d:ff:10:20:09:86:
                    2f:7f:2d:53:da:0b:9c:b6:0d:d0:85:69:4f:e1:47:
                    87:38:89:9c:26:8b:c5:3c:a5:e8:dc:fa:aa:f0:c8:
                    df:9c:ca:bb:3b:66:79:cb:0a:49:d5:de:56:83:f4:
                    4c:d4:80:ee:b6:5d:44:89:b3:b0:54:4b:e7:9d:34:
                    03:e4:c2:57:6d:97:29:8a:c9:8f:98:9f:47:ce:2c:
                    41:2d:61:27:19:eb:f5:6c:d8:fb:6f:14:48:b5:9c:
                    c9:56:1b:a3:f0:d5:eb:7b:df:65:30:c3:ff:45:98:
                    82:55:82:af:24:cc:2c:db:6b:be:34:ce:63:8f:68:
                    f7:9e:2e:66:7e:4d:52:5a:b7:5f:d2:f3:79:b4:2f:
                    8e:d1:3d:3f:dd:3f:14:6b:b0:9c:b9:8b:d6:a0:c0:
                    6f:49:df:52:ea:c8:54:5e:52:bd:60:ad:69:3f:fc:
                    39:db:69:26:86:2d:74:a2:ab:1d:61:f8:1a:05:61:
                    a3:36:b9:57:54:9c:e6:27:e8:07:7c:81:06:e8:f8:
                    79:75:be:d7:b1:5e:7f:ad:66:1a:01:ab:a5:35:b8:
                    80:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:6C:B2:98:7A:3E:45:EF:65:91:42:FB:C9:20:EF:9C:05:0F:0F:4B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1b35ef4c-a3c4-48e9-9f86-c2d68b0fe6ce.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ffd:81c2::/48

    Signature Algorithm: sha256WithRSAEncryption
         98:e2:cf:b7:db:7d:40:71:31:05:13:ba:da:c3:9d:3b:36:13:
         7a:a2:ea:f7:a9:85:5e:1f:83:3f:fc:eb:41:33:25:f4:b4:08:
         67:7f:ec:4e:58:0d:99:4b:14:8d:e1:d5:e7:2b:0e:a4:2a:d1:
         ee:a5:3c:96:d6:17:00:c7:d8:2c:85:77:55:ff:b3:91:c0:d4:
         6a:04:06:14:0c:63:b4:98:d6:7f:d2:ce:fb:77:8c:ec:33:e1:
         51:14:25:1a:c4:d8:7a:72:8a:0a:62:be:05:ae:9a:33:8d:53:
         77:a3:01:a0:a9:ef:c0:57:e5:b5:4e:22:94:4f:48:5f:3c:18:
         1f:81:47:46:9e:33:78:93:86:70:67:e0:6b:70:c1:6d:51:33:
         b8:7a:d7:d9:ce:52:f9:0d:78:5e:06:d3:c2:f9:c8:5f:6b:63:
         37:f1:06:b0:0a:6f:a7:8d:25:66:df:65:e1:70:27:29:fe:57:
         7a:49:26:67:63:b5:f4:1f:c3:ff:f6:a2:27:7f:b6:02:ef:34:
         30:10:a8:44:14:d9:b5:92:08:11:d6:52:2c:64:24:dd:77:e9:
         46:9c:b6:84:2d:c2:03:39:70:31:2d:1b:e4:d8:91:a8:82:32:
         0c:09:20:6d:a5:af:ff:39:a5:64:14:4b:5f:90:76:71:6b:ee:
         cd:29:d3:ef
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUW09ePCKtxayL5J2bHhDV+UI7ksEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE2MDAwMDAwWhcNMjQwNDIwMjM1OTU5
WjB6MUkwRwYDVQQFE0BmN2VhMTE2ODc2ODZhZTZlYmRkODYwODliYTM1NjQyMGRh
NzVhN2RiY2VlNGEyNzU3MTc2Y2ZjNDJkNGM4YTU0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0HqP7P19GQTitmTgLjjb0z5Sh/xNZwvGQVPV1N+ueoIjh
wm4juG3/ECAJhi9/LVPaC5y2DdCFaU/hR4c4iZwmi8U8pejc+qrwyN+cyrs7ZnnL
CknV3laD9EzUgO62XUSJs7BUS+edNAPkwldtlymKyY+Yn0fOLEEtYScZ6/Vs2Ptv
FEi1nMlWG6Pw1et732Uww/9FmIJVgq8kzCzba740zmOPaPeeLmZ+TVJat1/S83m0
L47RPT/dPxRrsJy5i9agwG9J31LqyFReUr1grWk//DnbaSaGLXSiqx1h+BoFYaM2
uVdUnOYn6Ad8gQbo+Hl1vtexXn+tZhoBq6U1uIBpAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUJGyymHo+Re9lkUL7ySDvnAUPD0swHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzFiMzVlZjRjLWEzYzQtNDhlOS05Zjg2LWMyZDY4YjBmZTZjZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB/9gcIwDQYJKoZIhvcNAQELBQADggEBAJjiz7fbfUBxMQUTutrDnTs2
E3qi6vephV4fgz/860EzJfS0CGd/7E5YDZlLFI3h1ecrDqQq0e6lPJbWFwDH2CyF
d1X/s5HA1GoEBhQMY7SY1n/Szvt3jOwz4VEUJRrE2HpyigpivgWumjONU3ejAaCp
78BX5bVOIpRPSF88GB+BR0aeM3iThnBn4GtwwW1RM7h619nOUvkNeF4G08L5yF9r
YzfxBrAKb6eNJWbfZeFwJyn+V3pJJmdjtfQfw//2oid/tgLvNDAQqEQU2bWSCBHW
UixkJN136UactoQtwgM5cDEtG+TYkaiCMgwJIG2lr/85pWQUS1+QdnFr7s0p0+8=
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:05:12 2024 by rpki-client on console-ams.rpki-client.org