Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/35b59133-4d27-4b21-82bd-b29aea871580.roa
File:                     35b59133-4d27-4b21-82bd-b29aea871580.roa (raw, json)
Hash identifier:          oH7ox9zGg8k5QZkg9+jE1DmzLkzLSH+ppC/IBE4GBIw=
Subject key identifier:   65:77:28:99:B4:B6:BD:7E:8C:62:22:5E:92:97:E0:79:9C:FE:29:BB
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7963A799D783D64FB7B002E00F35C6D3CABE2EEB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/35b59133-4d27-4b21-82bd-b29aea871580.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f60:6000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:63:a7:99:d7:83:d6:4f:b7:b0:02:e0:0f:35:c6:d3:ca:be:2e:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=e2ed0781b90c07602895fa3d8ab9b02e5dea7efdb470d173397ed00d355aa860, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:9b:d7:12:b2:4e:c5:cf:0b:9c:01:61:5e:ab:
                    31:95:0c:da:67:6c:11:f5:11:94:06:61:4a:5d:f7:
                    bc:c1:3d:91:6b:41:be:e1:45:1d:8c:bf:70:c7:d5:
                    75:db:2b:58:77:6e:b2:38:53:dc:e4:ec:5d:e2:0e:
                    61:a6:c0:bc:4c:91:64:2e:86:19:4b:f9:30:16:19:
                    69:3b:d1:de:51:43:2c:5f:d2:64:e2:97:51:5c:e8:
                    eb:9d:f9:4b:ba:a7:9e:00:30:79:df:f2:f5:de:6a:
                    5b:3a:cf:69:a4:e0:c3:f3:db:e5:29:45:db:85:ee:
                    6d:51:87:dc:e2:6c:88:8e:4b:77:e0:e1:b7:d9:f9:
                    cc:fc:2e:86:55:01:d4:9b:d1:c6:c0:e7:ef:c2:2f:
                    20:60:b7:cd:6c:fc:a0:86:7e:c5:44:2d:9b:d3:ac:
                    1c:d0:6b:97:5a:e5:3a:55:b9:ca:c7:14:66:65:be:
                    7b:19:0c:56:72:98:1e:5b:ab:ed:22:86:e4:ff:ad:
                    c2:c6:50:4e:77:c5:11:a3:52:99:f0:29:e5:42:a0:
                    0a:82:d0:7b:d0:16:06:ac:5f:c9:07:0c:66:e2:50:
                    e8:f3:af:56:66:1e:16:8c:90:de:a2:f5:f9:dd:69:
                    7f:a9:42:fe:03:d1:ba:9f:31:95:4c:c9:7f:64:bd:
                    52:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:77:28:99:B4:B6:BD:7E:8C:62:22:5E:92:97:E0:79:9C:FE:29:BB
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/35b59133-4d27-4b21-82bd-b29aea871580.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f60:6000::/40

    Signature Algorithm: sha256WithRSAEncryption
         01:ac:47:37:96:7e:e6:13:40:e8:30:f1:69:24:a2:19:af:a0:
         2c:c2:af:2b:01:1a:da:cd:c7:9f:86:66:b0:56:2e:74:0f:15:
         d0:d0:9e:76:ef:34:eb:71:ff:3f:43:e7:fa:24:ae:48:9e:d0:
         99:66:b4:1b:fa:47:30:14:97:a5:b1:16:0e:af:2c:57:68:ff:
         23:80:7f:43:f6:f0:fd:fc:f4:9c:76:5c:05:90:92:41:ce:4c:
         14:2e:84:0e:b5:28:fa:35:72:c3:96:4a:0b:02:fe:76:98:44:
         1b:b3:3a:f2:8c:b6:46:88:6f:73:ec:8a:56:fd:ae:63:b7:be:
         c3:2d:ea:20:f2:cb:c7:9a:a0:cf:be:12:ac:c2:af:1f:4f:f3:
         73:aa:f6:6c:84:17:16:4d:bc:7e:35:6a:ee:fd:0c:dd:b4:4c:
         e4:86:83:35:2c:94:17:64:7a:6e:a4:e8:a4:85:34:2e:a5:4e:
         b1:63:80:b6:9d:9e:2a:99:ff:20:e5:21:e9:04:a6:02:83:c5:
         c4:30:1c:b5:8b:bb:6f:95:81:7f:4b:50:df:d1:19:2b:68:cc:
         00:ad:ec:cf:68:6b:3f:d3:f8:26:aa:31:af:b2:67:8c:4f:f9:
         01:ce:3f:05:8d:d2:43:30:5c:1b:30:5b:4c:90:8c:e9:49:a9:
         9b:da:1c:85
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUeWOnmdeD1k+3sALgDzXG08q+LuswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BlMmVkMDc4MWI5MGMwNzYwMjg5NWZhM2Q4YWI5YjAyZTVk
ZWE3ZWZkYjQ3MGQxNzMzOTdlZDAwZDM1NWFhODYwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDHm9cSsk7FzwucAWFeqzGVDNpnbBH1EZQGYUpd97zBPZFr
Qb7hRR2Mv3DH1XXbK1h3brI4U9zk7F3iDmGmwLxMkWQuhhlL+TAWGWk70d5RQyxf
0mTil1Fc6Oud+Uu6p54AMHnf8vXeals6z2mk4MPz2+UpRduF7m1Rh9zibIiOS3fg
4bfZ+cz8LoZVAdSb0cbA5+/CLyBgt81s/KCGfsVELZvTrBzQa5da5TpVucrHFGZl
vnsZDFZymB5bq+0ihuT/rcLGUE53xRGjUpnwKeVCoAqC0HvQFgasX8kHDGbiUOjz
r1ZmHhaMkN6i9fndaX+pQv4D0bqfMZVMyX9kvVLVAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUZXcombS2vX6MYiJekpfgeZz+KbswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM1YjU5MTMzLTRkMjctNGIyMS04MmJkLWIyOWFlYTg3MTU4MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB9gYDANBgkqhkiG9w0BAQsFAAOCAQEAAaxHN5Z+5hNA6DDxaSSiGa+g
LMKvKwEa2s3Hn4ZmsFYudA8V0NCedu8063H/P0Pn+iSuSJ7QmWa0G/pHMBSXpbEW
Dq8sV2j/I4B/Q/bw/fz0nHZcBZCSQc5MFC6EDrUo+jVyw5ZKCwL+dphEG7M68oy2
Rohvc+yKVv2uY7e+wy3qIPLLx5qgz74SrMKvH0/zc6r2bIQXFk28fjVq7v0M3bRM
5IaDNSyUF2R6bqTopIU0LqVOsWOAtp2eKpn/IOUh6QSmAoPFxDActYu7b5WBf0tQ
39EZK2jMAK3sz2hrP9P4Jqoxr7JnjE/5Ac4/BY3SQzBcGzBbTJCM6Umpm9ochQ==
-----END CERTIFICATE-----
Generated at Thu Mar 28 00:59:51 2024 by rpki-client on console-fra.rpki-client.org