Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/488625e7-82e0-43fa-a938-c5fece8e9f2a.roa
File:                     488625e7-82e0-43fa-a938-c5fece8e9f2a.roa (raw, json)
Hash identifier:          CfjiAGSn9iCHvCvV9OKl3wgbOZOzx4prmpP1ooSEPu4=
Subject key identifier:   5E:1B:4A:F5:FC:E4:DE:B0:F6:BC:A8:9A:45:6A:52:96:2B:D9:C8:8F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7B450AB3ED24094AF99F97D8ABF12D7396E3BDFB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/488625e7-82e0-43fa-a938-c5fece8e9f2a.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f1c:4000::/36 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:45:0a:b3:ed:24:09:4a:f9:9f:97:d8:ab:f1:2d:73:96:e3:bd:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=d117516e4f17db23d05c75c114fc94ccaee2f5201c8d006eb67fdb25d101c907, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:65:1d:6f:7e:14:96:9e:f2:3c:71:88:75:de:
                    e4:b0:ac:64:56:55:b9:02:b1:6c:33:4b:dc:4f:b7:
                    6e:79:a3:ce:94:4a:b4:00:7e:a4:bb:65:25:8c:bb:
                    0a:35:a5:5a:3c:35:e6:c0:8e:40:39:48:01:59:99:
                    c0:f2:6e:89:fe:a6:6b:97:c2:5d:39:bc:00:e6:7e:
                    b3:4f:41:2d:e5:ea:9b:db:35:95:70:e2:3f:09:a0:
                    80:e5:a3:45:9b:f5:57:31:ba:68:0b:04:df:f9:72:
                    f2:23:b5:ae:22:8a:8b:d6:e3:9c:b7:30:e3:29:a1:
                    be:f3:a3:fa:41:07:07:90:5a:27:5c:88:46:1c:00:
                    e1:0f:b5:b4:a6:d1:6e:e0:a1:ed:c9:3e:66:c3:6f:
                    7c:f2:3b:65:eb:de:4a:7a:e4:78:fa:ac:99:bd:07:
                    d9:8c:9e:b6:fe:95:e2:bf:fa:62:70:92:7e:64:f2:
                    c5:5a:6e:2b:a8:9c:c7:53:3d:93:ec:39:07:88:d6:
                    20:f7:0b:92:59:32:7a:43:81:30:e5:87:29:75:e8:
                    7c:8e:8c:f9:ea:43:2b:ed:15:15:5a:6a:f5:82:f1:
                    88:2e:62:39:d1:38:10:b5:6d:7e:63:71:9a:6f:ae:
                    28:fa:d7:a7:b2:88:73:7e:8c:1b:de:06:77:a9:26:
                    62:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:1B:4A:F5:FC:E4:DE:B0:F6:BC:A8:9A:45:6A:52:96:2B:D9:C8:8F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/488625e7-82e0-43fa-a938-c5fece8e9f2a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f1c:4000::/36

    Signature Algorithm: sha256WithRSAEncryption
         5e:92:6a:7d:8a:c4:9d:4b:8d:05:f4:3b:50:b6:77:e6:fb:ab:
         13:6a:4c:5c:e2:a3:a1:a6:4c:b9:3d:74:6e:fb:ad:33:b8:79:
         6d:30:2c:cb:1e:19:1b:3a:10:69:b0:3a:84:64:64:07:97:c1:
         96:9a:fd:61:71:65:72:ca:d5:f6:53:bc:52:9b:20:54:a8:78:
         a4:2c:22:27:ee:25:5d:68:36:54:12:2e:b0:e9:a2:bb:5b:28:
         dd:1f:28:ca:46:85:3f:48:2d:83:58:fc:a7:6a:25:84:f8:f8:
         cb:4a:7f:cf:01:a7:a8:f4:57:58:fa:4c:31:6e:7f:a2:fb:a3:
         2e:2f:d5:6b:a6:82:cf:74:5c:26:fc:73:b0:8e:81:b4:28:bb:
         ad:d3:ef:83:ce:7e:24:ef:d8:c5:49:22:d2:38:ee:00:e5:ca:
         50:be:5a:c4:cb:d4:72:2e:17:5e:b4:08:91:de:b9:e6:07:eb:
         09:65:2b:f5:ae:28:07:9c:7c:4b:1b:eb:1d:f1:e1:00:57:12:
         d6:2f:bd:9d:a4:ea:32:80:c4:75:43:0d:f4:14:4b:1a:e0:5d:
         39:30:55:4c:8d:9d:22:aa:b2:0d:fa:55:f4:e3:cf:29:8f:ef:
         29:01:a0:eb:97:ea:f6:a1:be:d4:a3:6e:f8:b1:e3:e5:85:20:
         a9:5c:b4:1e
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUe0UKs+0kCUr5n5fYq/Etc5bjvfswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BkMTE3NTE2ZTRmMTdkYjIzZDA1Yzc1YzExNGZjOTRjY2Fl
ZTJmNTIwMWM4ZDAwNmViNjdmZGIyNWQxMDFjOTA3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCcZR1vfhSWnvI8cYh13uSwrGRWVbkCsWwzS9xPt255o86U
SrQAfqS7ZSWMuwo1pVo8NebAjkA5SAFZmcDybon+pmuXwl05vADmfrNPQS3l6pvb
NZVw4j8JoIDlo0Wb9VcxumgLBN/5cvIjta4iiovW45y3MOMpob7zo/pBBweQWidc
iEYcAOEPtbSm0W7goe3JPmbDb3zyO2Xr3kp65Hj6rJm9B9mMnrb+leK/+mJwkn5k
8sVabiuonMdTPZPsOQeI1iD3C5JZMnpDgTDlhyl16HyOjPnqQyvtFRVaavWC8Ygu
YjnROBC1bX5jcZpvrij616eyiHN+jBveBnepJmILAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUXhtK9fzk3rD2vKiaRWpSlivZyI8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQ4ODYyNWU3LTgyZTAtNDNmYS1hOTM4LWM1ZmVjZThlOWYyYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8cQDANBgkqhkiG9w0BAQsFAAOCAQEAXpJqfYrEnUuNBfQ7ULZ35vur
E2pMXOKjoaZMuT10bvutM7h5bTAsyx4ZGzoQabA6hGRkB5fBlpr9YXFlcsrV9lO8
UpsgVKh4pCwiJ+4lXWg2VBIusOmiu1so3R8oykaFP0gtg1j8p2olhPj4y0p/zwGn
qPRXWPpMMW5/ovujLi/Va6aCz3RcJvxzsI6BtCi7rdPvg85+JO/YxUki0jjuAOXK
UL5axMvUci4XXrQIkd655gfrCWUr9a4oB5x8SxvrHfHhAFcS1i+9naTqMoDEdUMN
9BRLGuBdOTBVTI2dIqqyDfpV9OPPKY/vKQGg65fq9qG+1KNu+LHj5YUgqVy0Hg==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:17:08 2024 by rpki-client on console-ams.rpki-client.org