Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/379473a4-1fad-417b-8aa1-0054523c76bb.roa
File:                     379473a4-1fad-417b-8aa1-0054523c76bb.roa (raw, json)
Hash identifier:          5WYbsTEz6PI7gjTiUSQeVWGioekTy7LCdUgtCX6a7SY=
Subject key identifier:   61:75:F8:C8:EA:FE:F8:4A:31:FC:76:DA:CD:46:BC:7F:D4:8E:8C:E6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       01F0DC1BC6BBC390620882825BE6FC107994C180
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/379473a4-1fad-417b-8aa1-0054523c76bb.roa
Signing time:             Tue 03 Dec 2024 00:00:00 +0000
ROA not before:           Tue 03 Dec 2024 00:00:00 +0000
ROA not after:            Tue 07 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2620:107:4002::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 12 Dec 2024 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:f0:dc:1b:c6:bb:c3:90:62:08:82:82:5b:e6:fc:10:79:94:c1:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec  3 00:00:00 2024 GMT
            Not After : Jan  7 23:59:59 2025 GMT
        Subject: serialNumber=14ef34b9485f9484c6daea687dcd4e62c5ca13aad976fc1e8642f514870f496c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:3f:a8:73:c9:da:f9:f8:9a:b0:f7:d3:97:60:
                    7a:b8:52:6e:28:90:63:08:52:6c:0d:4b:f7:4c:58:
                    72:87:51:48:f3:b9:db:1c:39:78:af:30:eb:b5:c8:
                    d6:7c:ac:91:00:51:84:51:96:69:ac:96:70:7f:d4:
                    e3:bc:a9:ad:55:e3:e2:2f:0a:2f:79:0d:ab:a2:e5:
                    30:32:f0:45:b9:20:71:60:7e:10:87:1c:45:db:14:
                    b4:c6:98:35:a8:8c:4b:26:ff:02:79:13:19:80:d6:
                    b7:20:55:f1:33:a7:64:d4:2f:6d:93:52:21:45:94:
                    73:77:76:be:ec:18:3b:de:b9:d8:c8:ba:ce:e7:b6:
                    d2:62:0b:cf:68:0d:8b:74:16:94:ac:27:09:63:58:
                    d8:89:c7:ff:4a:7c:63:58:2c:3a:fa:e8:9e:b4:f5:
                    2b:dd:69:2a:20:91:c6:27:69:fb:e9:72:9f:07:80:
                    10:51:9d:aa:76:4a:c4:28:02:e0:8c:10:cf:65:60:
                    d1:fd:09:0a:d7:33:46:fe:51:bb:61:bd:43:45:57:
                    c9:75:bb:27:b7:a4:d0:a6:b9:a0:a2:22:52:ae:f3:
                    e6:bf:80:24:ed:85:0c:bc:c7:a1:97:86:ed:2d:48:
                    1d:ab:36:dd:0b:b2:73:6b:9c:02:dd:1f:ba:c7:a9:
                    19:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:75:F8:C8:EA:FE:F8:4A:31:FC:76:DA:CD:46:BC:7F:D4:8E:8C:E6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/379473a4-1fad-417b-8aa1-0054523c76bb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2620:107:4002::/48

    Signature Algorithm: sha256WithRSAEncryption
         d6:e7:6b:b6:4b:27:60:1e:91:e8:b7:d6:9c:0b:33:44:31:50:
         af:a5:14:e8:38:e4:89:82:57:b2:f6:62:7a:bc:f3:c0:17:39:
         a6:de:b2:89:7f:7b:11:18:e8:09:c7:6f:74:c6:66:c8:fa:89:
         4d:db:b3:2a:7d:f6:50:fb:7e:fc:9c:a9:e6:02:47:43:b1:28:
         0a:a9:8b:d6:e0:a9:7e:81:c9:2b:79:95:4b:0b:a5:b6:72:f0:
         59:90:6d:6e:39:e3:b7:a7:b7:53:2f:6b:b1:6a:3c:8f:ef:d7:
         79:59:02:a2:5e:25:62:ae:f1:bb:4f:69:0a:bd:a9:cf:94:ec:
         a3:ee:0c:69:f7:54:ed:80:3e:3e:df:2e:67:70:11:69:d4:c8:
         ff:a0:19:d5:e1:a2:9a:b9:2c:af:0f:fd:6d:2b:d5:18:8a:77:
         32:a5:22:f7:54:63:1a:39:42:41:24:40:27:c1:c7:3c:02:49:
         0e:58:89:24:c9:01:50:4a:7f:b5:6c:75:eb:02:68:22:e2:aa:
         3f:94:59:cc:71:0a:13:aa:03:bc:01:e3:6c:0c:3c:33:2f:09:
         d3:79:1e:b7:e9:e0:05:fd:9e:65:82:3a:17:cd:c5:f1:2c:65:
         84:ad:4f:7a:6f:fc:f0:68:12:5c:ca:2a:b9:dc:13:15:36:fb:
         ac:2d:b6:8e
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUAfDcG8a7w5BiCIKCW+b8EHmUwYAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAzMDAwMDAwWhcNMjUwMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0AxNGVmMzRiOTQ4NWY5NDg0YzZkYWVhNjg3ZGNkNGU2MmM1
Y2ExM2FhZDk3NmZjMWU4NjQyZjUxNDg3MGY0OTZjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCTP6hzydr5+Jqw99OXYHq4Um4okGMIUmwNS/dMWHKHUUjz
udscOXivMOu1yNZ8rJEAUYRRlmmslnB/1OO8qa1V4+IvCi95Daui5TAy8EW5IHFg
fhCHHEXbFLTGmDWojEsm/wJ5ExmA1rcgVfEzp2TUL22TUiFFlHN3dr7sGDveudjI
us7nttJiC89oDYt0FpSsJwljWNiJx/9KfGNYLDr66J609SvdaSogkcYnafvpcp8H
gBBRnap2SsQoAuCMEM9lYNH9CQrXM0b+UbthvUNFV8l1uye3pNCmuaCiIlKu8+a/
gCTthQy8x6GXhu0tSB2rNt0LsnNrnALdH7rHqRkzAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUYXX4yOr++Eox/HbazUa8f9SOjOYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM3OTQ3M2E0LTFmYWQtNDE3Yi04YWExLTAwNTQ1MjNjNzZiYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmIAEHQAIwDQYJKoZIhvcNAQELBQADggEBANbna7ZLJ2Aekei31pwLM0Qx
UK+lFOg45ImCV7L2Ynq888AXOabesol/exEY6AnHb3TGZsj6iU3bsyp99lD7fvyc
qeYCR0OxKAqpi9bgqX6BySt5lUsLpbZy8FmQbW4547ent1Mva7FqPI/v13lZAqJe
JWKu8btPaQq9qc+U7KPuDGn3VO2APj7fLmdwEWnUyP+gGdXhopq5LK8P/W0r1RiK
dzKlIvdUYxo5QkEkQCfBxzwCSQ5YiSTJAVBKf7VsdesCaCLiqj+UWcxxChOqA7wB
42wMPDMvCdN5Hrfp4AX9nmWCOhfNxfEsZYStT3pv/PBoElzKKrncExU2+6wtto4=
-----END CERTIFICATE-----
Generated at Wed Dec 11 00:54:02 2024 by rpki-client on console-ams.rpki-client.org