Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/379473a4-1fad-417b-8aa1-0054523c76bb.roa
File:                     379473a4-1fad-417b-8aa1-0054523c76bb.roa (raw, json)
Hash identifier:          RoWT+xGdyn2GnJHF9wzjTMhYjKBJkOT3o4FKxAgucOo=
Subject key identifier:   7F:E7:16:78:E1:BE:C4:88:B8:43:2B:A3:63:8E:82:41:0B:DF:0C:E6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       549CCA5F341DCBB00B0F2DB2491351CBA1E4523C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/379473a4-1fad-417b-8aa1-0054523c76bb.roa
Signing time:             Tue 29 Aug 2023 00:00:00 +0000
ROA not before:           Tue 29 Aug 2023 00:00:00 +0000
ROA not after:            Tue 03 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        2620:107:4002::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 30 Aug 2023 12:12:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:9c:ca:5f:34:1d:cb:b0:0b:0f:2d:b2:49:13:51:cb:a1:e4:52:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 29 00:00:00 2023 GMT
            Not After : Oct  3 23:59:59 2023 GMT
        Subject: serialNumber=6858796c00ba49e3d828182b868c5c310e7ee5361a74cdf49725b57f8b9f9a6d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:d0:e1:79:cf:19:e5:96:63:97:48:08:61:b3:
                    07:a0:79:de:5d:5d:b0:06:f8:13:2c:4c:3f:10:cc:
                    4f:23:7b:44:fa:e2:ac:1a:f9:0f:06:4f:cd:26:29:
                    25:60:eb:0c:98:77:4a:92:23:47:65:b1:a5:fe:79:
                    c7:a3:19:6f:0f:56:61:4d:27:32:36:c8:a9:98:6a:
                    bb:cb:d3:4f:99:09:66:47:3f:1f:d2:ff:47:e3:9b:
                    d1:c8:65:e2:18:28:3c:a5:8f:0e:dc:70:e9:f8:35:
                    a6:bf:f0:05:32:fd:91:68:b0:03:c5:ef:34:7b:2a:
                    ae:04:6e:b3:16:29:52:f3:92:8e:ab:b4:34:05:ed:
                    64:e0:04:7a:4b:07:08:a5:45:06:f9:cc:b8:d9:72:
                    c5:14:56:9f:6e:4b:ad:3e:c3:6d:73:c2:a7:e1:ee:
                    a3:e9:b7:a0:3b:97:f6:9c:ef:8d:d0:e6:f6:70:28:
                    55:e1:68:db:f3:5e:c5:28:dc:78:57:70:1e:c8:d3:
                    04:f2:56:e2:03:96:9a:db:bd:68:d4:2b:ef:36:df:
                    42:55:52:52:f7:65:b6:9d:00:2c:42:ff:f7:1a:4c:
                    9e:1a:4e:e8:e1:f4:6d:73:35:84:78:bf:bd:18:30:
                    dc:af:ce:da:9e:14:2d:70:6c:55:ea:8f:e0:7c:65:
                    dc:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:E7:16:78:E1:BE:C4:88:B8:43:2B:A3:63:8E:82:41:0B:DF:0C:E6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/379473a4-1fad-417b-8aa1-0054523c76bb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2620:107:4002::/48

    Signature Algorithm: sha256WithRSAEncryption
         d8:6e:d8:d3:66:3c:c6:08:0b:83:80:74:1e:9d:4e:e2:8b:e8:
         29:35:fc:d7:04:ba:61:27:6a:a4:cc:29:9a:10:fd:9d:80:5c:
         a0:9b:19:f9:43:bc:e5:7d:dd:98:b4:55:ce:88:05:22:2e:03:
         5e:28:17:07:ba:aa:67:bc:75:2e:cb:78:dd:f7:34:64:90:7e:
         1e:c0:3f:31:45:f3:c6:f3:e1:78:a7:a2:4b:51:8c:51:1f:a4:
         b1:16:cd:5e:b1:e5:72:b1:0c:a8:08:60:ad:39:ae:0f:0e:3a:
         5e:b9:bb:01:8e:b9:ab:25:bb:0a:46:d3:11:65:d3:51:6a:11:
         72:74:bb:c5:23:12:c1:97:e3:2a:ab:13:4a:35:b3:b4:ed:f5:
         47:93:1c:e5:65:0c:da:10:74:8f:73:a1:8c:42:ff:88:44:7a:
         9d:42:ad:ae:ba:12:f6:75:2e:ee:6e:56:1d:6a:be:f0:5b:42:
         4f:5e:82:ae:e5:c6:8f:ad:4d:8c:d3:8d:70:e2:40:7d:d7:e5:
         16:fa:c1:5c:a2:1f:9f:15:b1:7d:88:2b:df:ed:65:82:54:dc:
         72:f3:d1:fa:bd:3d:cf:57:d2:ea:ff:da:9f:a6:25:3d:87:3f:
         47:c5:d4:73:96:7a:8f:bd:b7:3c:c6:2d:06:54:85:3b:c8:fd:
         55:0c:ca:dc
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUVJzKXzQdy7ALDy2ySRNRy6HkUjwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwODI5MDAwMDAwWhcNMjMxMDAzMjM1OTU5
WjB6MUkwRwYDVQQFE0A2ODU4Nzk2YzAwYmE0OWUzZDgyODE4MmI4NjhjNWMzMTBl
N2VlNTM2MWE3NGNkZjQ5NzI1YjU3ZjhiOWY5YTZkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD10OF5zxnllmOXSAhhsweged5dXbAG+BMsTD8QzE8je0T6
4qwa+Q8GT80mKSVg6wyYd0qSI0dlsaX+ecejGW8PVmFNJzI2yKmYarvL00+ZCWZH
Px/S/0fjm9HIZeIYKDyljw7ccOn4Naa/8AUy/ZFosAPF7zR7Kq4EbrMWKVLzko6r
tDQF7WTgBHpLBwilRQb5zLjZcsUUVp9uS60+w21zwqfh7qPpt6A7l/ac743Q5vZw
KFXhaNvzXsUo3HhXcB7I0wTyVuIDlprbvWjUK+8230JVUlL3ZbadACxC//caTJ4a
Tujh9G1zNYR4v70YMNyvztqeFC1wbFXqj+B8ZdwzAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUf+cWeOG+xIi4QyujY46CQQvfDOYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM3OTQ3M2E0LTFmYWQtNDE3Yi04YWExLTAwNTQ1MjNjNzZiYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmIAEHQAIwDQYJKoZIhvcNAQELBQADggEBANhu2NNmPMYIC4OAdB6dTuKL
6Ck1/NcEumEnaqTMKZoQ/Z2AXKCbGflDvOV93Zi0Vc6IBSIuA14oFwe6qme8dS7L
eN33NGSQfh7APzFF88bz4XinoktRjFEfpLEWzV6x5XKxDKgIYK05rg8OOl65uwGO
uasluwpG0xFl01FqEXJ0u8UjEsGX4yqrE0o1s7Tt9UeTHOVlDNoQdI9zoYxC/4hE
ep1Cra66EvZ1Lu5uVh1qvvBbQk9egq7lxo+tTYzTjXDiQH3X5Rb6wVyiH58VsX2I
K9/tZYJU3HLz0fq9Pc9X0ur/2p+mJT2HP0fF1HOWeo+9tzzGLQZUhTvI/VUMytw=
-----END CERTIFICATE-----
Generated at Tue Aug 29 00:48:23 2023 by rpki-client on console-ams.rpki-client.org