Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2dff1d1c-ed0c-4bce-b471-b01cd80c2b81.roa
File:                     2dff1d1c-ed0c-4bce-b471-b01cd80c2b81.roa (raw, json)
Hash identifier:          6eqtkM/VV+ks6mW0XLvEQ3IOO9wQffZkaeFAoDdPSVw=
Subject key identifier:   62:88:C3:3B:7C:0D:62:50:4D:14:0A:D6:61:81:50:98:5C:6E:FF:2F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       353FF0F1DCD8852F96EB8F4DCA4B093BDE4CFD81
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2dff1d1c-ed0c-4bce-b471-b01cd80c2b81.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f60:a400::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:3f:f0:f1:dc:d8:85:2f:96:eb:8f:4d:ca:4b:09:3b:de:4c:fd:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=733da4bd2ae0ccb6c812c3b0e0157af3fa21d5b1b0290646ee20676d26b51fd4, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:e4:ea:f6:5b:8f:23:86:54:c8:a4:9f:82:d7:
                    d4:98:c5:ff:0a:7f:00:ad:7a:84:18:02:eb:06:ed:
                    8a:68:f9:d5:17:7a:20:e0:27:a3:93:16:a9:47:ec:
                    32:61:9e:5f:a6:e9:f3:d0:dd:1d:09:3b:5d:9e:08:
                    6e:57:1b:b2:e3:96:19:d7:31:ff:97:d8:62:e9:36:
                    7b:ca:f3:2c:6b:f3:1e:65:16:c5:0c:ed:83:f2:e6:
                    8f:c5:63:4a:d1:82:ed:04:cb:1f:b8:10:a4:80:4b:
                    a1:b3:09:9c:88:6c:e7:86:d2:31:5c:b8:66:68:a0:
                    4a:b7:ad:dd:6b:58:b9:aa:b2:11:bb:e1:2f:99:b9:
                    0f:a1:56:07:24:c5:46:4b:87:89:e5:25:78:ac:8d:
                    57:41:6e:c3:98:25:58:10:0e:8e:0f:f6:2d:a7:d6:
                    5a:f0:e4:39:ee:73:e6:fe:45:e0:ee:63:ac:7c:40:
                    47:57:f0:17:26:59:94:d7:ff:63:a7:7c:f4:8b:0a:
                    96:fc:16:d8:28:10:e6:c1:6a:a6:30:9e:32:d9:31:
                    31:5b:7e:4f:d6:c7:f1:f9:78:34:16:7c:31:fc:ce:
                    79:50:ea:13:dd:c8:0b:dc:f7:a6:02:89:68:c4:23:
                    e7:52:bd:08:38:29:61:f2:72:d3:24:b3:a0:67:06:
                    8f:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:88:C3:3B:7C:0D:62:50:4D:14:0A:D6:61:81:50:98:5C:6E:FF:2F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2dff1d1c-ed0c-4bce-b471-b01cd80c2b81.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f60:a400::/40

    Signature Algorithm: sha256WithRSAEncryption
         ce:a1:de:64:f5:56:c1:c9:7c:a8:41:d8:c5:fa:3e:99:b7:3b:
         6f:4f:bd:39:45:ec:74:e9:bd:c0:80:19:53:07:03:22:98:d6:
         41:e2:7b:23:24:90:67:9b:93:7c:8a:d0:de:80:1a:a3:4f:91:
         01:8e:06:42:fc:95:36:dc:66:c4:29:6f:90:93:c1:89:d7:cf:
         83:25:d4:9b:25:cd:49:ca:74:45:54:46:89:89:42:73:6a:93:
         94:49:6b:51:96:45:b3:27:fc:8f:e5:3f:04:24:16:82:6e:16:
         53:bf:ec:4f:a2:67:a2:ae:11:20:0a:86:27:1e:e4:8e:f4:8a:
         69:d3:b0:5d:0f:47:46:2f:0f:1d:be:8e:28:6e:b1:84:09:f2:
         9c:7a:01:fe:eb:8f:a0:b8:57:16:3b:95:c3:3d:f0:d7:09:6d:
         ef:2b:f9:8e:a5:d5:c3:41:a3:d9:35:1b:dc:5d:8f:81:71:86:
         ca:bb:c4:91:6c:3a:25:66:b3:41:6c:d9:f0:55:81:85:61:6d:
         cb:32:81:71:ab:65:ca:ac:eb:b2:9a:0e:23:d5:8e:a1:cd:f3:
         5d:a6:89:dd:5e:7d:c3:77:96:4e:0f:35:e0:64:0a:fb:1e:92:
         da:e0:dc:07:0b:bf:24:89:9d:65:de:d7:97:4a:98:6a:f6:18:
         98:3a:94:82
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUNT/w8dzYhS+W649NyksJO95M/YEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A3MzNkYTRiZDJhZTBjY2I2YzgxMmMzYjBlMDE1N2FmM2Zh
MjFkNWIxYjAyOTA2NDZlZTIwNjc2ZDI2YjUxZmQ0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCs5Or2W48jhlTIpJ+C19SYxf8KfwCteoQYAusG7Ypo+dUX
eiDgJ6OTFqlH7DJhnl+m6fPQ3R0JO12eCG5XG7LjlhnXMf+X2GLpNnvK8yxr8x5l
FsUM7YPy5o/FY0rRgu0Eyx+4EKSAS6GzCZyIbOeG0jFcuGZooEq3rd1rWLmqshG7
4S+ZuQ+hVgckxUZLh4nlJXisjVdBbsOYJVgQDo4P9i2n1lrw5Dnuc+b+ReDuY6x8
QEdX8BcmWZTX/2OnfPSLCpb8FtgoEObBaqYwnjLZMTFbfk/Wx/H5eDQWfDH8znlQ
6hPdyAvc96YCiWjEI+dSvQg4KWHyctMks6BnBo8rAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUYojDO3wNYlBNFArWYYFQmFxu/y8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJkZmYxZDFjLWVkMGMtNGJjZS1iNDcxLWIwMWNkODBjMmI4MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB9gpDANBgkqhkiG9w0BAQsFAAOCAQEAzqHeZPVWwcl8qEHYxfo+mbc7
b0+9OUXsdOm9wIAZUwcDIpjWQeJ7IySQZ5uTfIrQ3oAao0+RAY4GQvyVNtxmxClv
kJPBidfPgyXUmyXNScp0RVRGiYlCc2qTlElrUZZFsyf8j+U/BCQWgm4WU7/sT6Jn
oq4RIAqGJx7kjvSKadOwXQ9HRi8PHb6OKG6xhAnynHoB/uuPoLhXFjuVwz3w1wlt
7yv5jqXVw0Gj2TUb3F2PgXGGyrvEkWw6JWazQWzZ8FWBhWFtyzKBcatlyqzrspoO
I9WOoc3zXaaJ3V59w3eWTg814GQK+x6S2uDcBwu/JImdZd7Xl0qYavYYmDqUgg==
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:05:16 2024 by rpki-client on console-ams.rpki-client.org