Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3b907310-5554-4e18-b6d9-3d4b33f6c030.roa
File:                     3b907310-5554-4e18-b6d9-3d4b33f6c030.roa (raw, json)
Hash identifier:          hdgDWCmAg+2UiGQ9Ycq+6oZTRGRK/m8JoZ0MFOKx1Ik=
Subject key identifier:   B1:A4:12:88:CA:34:8B:6C:B1:EF:33:2F:5F:C3:AB:05:B3:DB:94:3A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       626E7D79A3DD9CFA1F737C939D8AD2FFD081E798
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3b907310-5554-4e18-b6d9-3d4b33f6c030.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ffa:6000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:6e:7d:79:a3:dd:9c:fa:1f:73:7c:93:9d:8a:d2:ff:d0:81:e7:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=7339700d24c96313eead3a0b963670c2cd1cf59197d625e519f11ccd8639a0a8, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:80:5f:93:0b:c8:e7:3f:a9:04:66:67:65:4b:
                    42:b8:fc:eb:71:a7:2f:57:00:6d:47:cb:19:d9:65:
                    79:40:0f:e3:80:fd:e3:89:04:3c:3f:07:81:48:78:
                    17:92:7c:f4:40:9e:f1:c9:b4:09:1b:e2:3d:b7:44:
                    a6:4d:29:7b:b4:5d:f3:5c:52:bc:3f:4e:9c:f8:95:
                    46:3a:f4:0d:0e:45:85:16:0d:5e:45:e7:92:f4:d7:
                    c2:01:50:99:54:74:6b:22:ef:58:5f:8e:a5:85:51:
                    46:2f:4b:34:47:8b:6b:f6:31:41:a8:87:86:95:d8:
                    5b:af:f2:32:e9:75:3b:94:e9:dc:24:00:84:d2:ef:
                    69:46:f3:5e:d3:3c:54:59:8d:e3:da:59:47:80:c5:
                    af:3b:5e:e1:e1:46:d7:2a:c9:51:1b:4e:ee:52:cc:
                    95:7c:c8:3c:c7:dc:38:92:4f:b8:70:1f:13:da:ab:
                    e3:21:42:48:db:99:65:6b:e4:01:dd:2c:e7:f7:8f:
                    30:cb:e0:1f:11:5f:38:04:13:2b:20:b3:ab:04:eb:
                    22:89:0d:dd:6a:97:c3:0d:11:b9:7a:ba:f1:1d:b8:
                    5a:0d:46:02:77:f7:7d:89:86:c8:28:0e:5f:64:ec:
                    69:10:a9:2b:ea:3e:6e:ea:cb:30:9d:d6:eb:d7:6c:
                    1d:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:A4:12:88:CA:34:8B:6C:B1:EF:33:2F:5F:C3:AB:05:B3:DB:94:3A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3b907310-5554-4e18-b6d9-3d4b33f6c030.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ffa:6000::/40

    Signature Algorithm: sha256WithRSAEncryption
         26:6e:5e:cb:ba:7c:7f:c4:06:ca:93:bc:fc:46:4c:63:66:c9:
         13:2d:cb:05:12:40:b6:e4:09:6c:6f:ba:ed:51:81:76:d2:55:
         32:a2:5c:00:b8:0b:60:8c:da:74:32:df:ce:58:b0:a7:15:56:
         ab:1e:5c:d2:63:2f:52:68:ab:eb:53:d7:e0:33:59:66:57:7a:
         b6:b2:a4:69:6e:30:99:0f:53:a1:16:61:fd:17:ee:e6:7c:63:
         26:97:5c:5a:68:a4:76:75:da:2b:2a:f9:54:e5:e1:2b:01:22:
         0e:71:2e:1b:c8:ba:97:bc:62:18:b8:d5:8e:4b:0b:34:09:88:
         75:d3:b1:b1:40:4b:a6:57:94:dd:c2:18:8b:4e:96:fd:74:c8:
         27:5e:d5:ab:18:dc:42:b7:2b:06:d2:77:96:9a:15:f2:21:16:
         f6:da:42:da:30:c9:9c:4c:38:9f:05:90:dc:8a:c4:1e:48:25:
         16:98:6b:f9:07:68:5b:82:95:de:92:ab:5a:34:e8:81:cc:91:
         32:e5:26:33:e6:a7:b1:3c:8c:30:4b:9e:af:f9:8e:16:c9:71:
         02:9d:84:92:e1:dd:5a:8a:15:75:c8:82:7b:5f:47:dc:66:5e:
         8d:59:66:3d:ae:4b:3b:1f:32:30:0b:75:34:19:62:cc:63:e4:
         77:de:88:2a
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUYm59eaPdnPofc3yTnYrS/9CB55gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A3MzM5NzAwZDI0Yzk2MzEzZWVhZDNhMGI5NjM2NzBjMmNk
MWNmNTkxOTdkNjI1ZTUxOWYxMWNjZDg2MzlhMGE4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+gF+TC8jnP6kEZmdlS0K4/Otxpy9XAG1HyxnZZXlAD+OA
/eOJBDw/B4FIeBeSfPRAnvHJtAkb4j23RKZNKXu0XfNcUrw/Tpz4lUY69A0ORYUW
DV5F55L018IBUJlUdGsi71hfjqWFUUYvSzRHi2v2MUGoh4aV2Fuv8jLpdTuU6dwk
AITS72lG817TPFRZjePaWUeAxa87XuHhRtcqyVEbTu5SzJV8yDzH3DiST7hwHxPa
q+MhQkjbmWVr5AHdLOf3jzDL4B8RXzgEEysgs6sE6yKJDd1ql8MNEbl6uvEduFoN
RgJ3932JhsgoDl9k7GkQqSvqPm7qyzCd1uvXbB2VAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUsaQSiMo0i2yx7zMvX8OrBbPblDowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNiOTA3MzEwLTU1NTQtNGUxOC1iNmQ5LTNkNGIzM2Y2YzAzMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/6YDANBgkqhkiG9w0BAQsFAAOCAQEAJm5ey7p8f8QGypO8/EZMY2bJ
Ey3LBRJAtuQJbG+67VGBdtJVMqJcALgLYIzadDLfzliwpxVWqx5c0mMvUmir61PX
4DNZZld6trKkaW4wmQ9ToRZh/Rfu5nxjJpdcWmikdnXaKyr5VOXhKwEiDnEuG8i6
l7xiGLjVjksLNAmIddOxsUBLpleU3cIYi06W/XTIJ17VqxjcQrcrBtJ3lpoV8iEW
9tpC2jDJnEw4nwWQ3IrEHkglFphr+QdoW4KV3pKrWjTogcyRMuUmM+ansTyMMEue
r/mOFslxAp2EkuHdWooVdciCe19H3GZejVlmPa5LOx8yMAt1NBlizGPkd96IKg==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:17:05 2024 by rpki-client on console-ams.rpki-client.org