Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4d9d9efe-6bc4-4ce7-91fb-8b1e032d4ed4.roa
File:                     4d9d9efe-6bc4-4ce7-91fb-8b1e032d4ed4.roa (raw, json)
Hash identifier:          zgA7cJCutVfEn3gL0/peOQARIGMUUA1YmKLp0+iSTjE=
Subject key identifier:   1B:53:03:43:1E:66:7A:F9:ED:DB:35:39:2E:68:50:EF:94:70:6C:BF
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2BED57D1DB100617648D9FFCB27DF69AE8708810
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4d9d9efe-6bc4-4ce7-91fb-8b1e032d4ed4.roa
Signing time:             Tue 05 Nov 2024 00:00:00 +0000
ROA not before:           Tue 05 Nov 2024 00:00:00 +0000
ROA not after:            Tue 10 Dec 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f16:8000::/36 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 08 Nov 2024 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:ed:57:d1:db:10:06:17:64:8d:9f:fc:b2:7d:f6:9a:e8:70:88:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  5 00:00:00 2024 GMT
            Not After : Dec 10 23:59:59 2024 GMT
        Subject: serialNumber=56d2958874e803c3fc8c19256f99040206cec016c2d30ace137f9d5562160369, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:99:c5:a1:7e:a1:e2:73:7b:b3:af:db:3c:a6:
                    4a:91:b7:ac:4b:b6:c7:e1:2a:85:0b:b4:9c:69:36:
                    32:39:43:89:28:69:ce:25:16:84:32:38:9c:96:a0:
                    83:ab:93:12:e3:40:61:ad:8c:50:54:41:f0:d1:07:
                    09:4e:b6:7b:81:27:29:cc:00:be:87:16:28:46:0b:
                    77:3b:19:f6:51:a5:31:60:47:9e:b1:4f:2e:86:72:
                    42:ad:19:f7:b9:8a:ac:8a:3e:1a:5e:c1:d8:d6:38:
                    28:1c:0c:22:01:52:ba:7e:73:9c:bb:59:c8:1e:e2:
                    35:86:04:1f:b7:75:ca:44:02:0f:8d:52:e1:1f:c1:
                    b1:6a:8b:fb:96:7f:37:35:f7:a8:dd:2d:c8:24:24:
                    20:c2:5e:50:e3:35:a6:15:f0:22:7f:1f:37:13:38:
                    bf:02:22:55:b7:e4:b5:f5:67:22:9c:e3:68:21:32:
                    cb:1c:27:f4:52:35:a2:b6:98:3f:41:80:8b:7b:8e:
                    6d:24:87:e7:6b:43:85:de:ab:86:e3:2b:cd:c8:27:
                    4d:55:33:ae:c2:fb:3e:eb:a5:19:7a:3a:da:9b:46:
                    c2:05:65:e2:a9:d3:c6:05:ba:80:5f:68:ba:54:a3:
                    ea:2e:86:1e:01:26:e8:4a:df:fd:e3:c6:4c:fe:ca:
                    f1:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:53:03:43:1E:66:7A:F9:ED:DB:35:39:2E:68:50:EF:94:70:6C:BF
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4d9d9efe-6bc4-4ce7-91fb-8b1e032d4ed4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f16:8000::/36

    Signature Algorithm: sha256WithRSAEncryption
         11:be:b4:ac:4e:29:57:86:2d:12:d3:5b:9b:fa:fa:c9:4f:a9:
         9e:69:87:d8:77:fb:28:5e:d7:86:b1:1c:c3:58:ed:de:31:46:
         f7:e6:ee:b4:40:65:08:84:74:76:2a:00:73:59:fb:88:e2:b6:
         d4:fc:c9:be:78:27:bf:a5:5a:d9:3f:0f:b0:4f:fe:e7:ec:22:
         4c:da:bf:eb:10:97:1d:11:74:5a:5f:fa:37:9e:af:0e:a4:43:
         35:ca:68:2b:64:90:bd:b0:2c:1e:72:ff:c0:61:8d:5a:dc:5e:
         38:36:f2:50:5b:58:32:33:65:48:3a:1a:11:a7:d6:11:ba:59:
         b3:80:23:34:11:b7:c6:b6:69:9a:87:9e:99:99:7f:0e:f2:34:
         49:18:85:91:41:38:38:27:12:a2:91:3c:b0:8a:c9:c8:b0:52:
         fa:d8:d6:1b:45:ee:13:23:8d:32:c2:8f:22:b5:ca:6e:24:a0:
         0c:d5:58:34:10:9a:0e:16:9a:5c:16:0a:d5:40:68:3a:38:f6:
         0a:3d:ca:65:5a:f3:da:97:34:74:8d:37:40:ee:b0:56:e2:03:
         ac:e4:73:fb:2e:88:d0:30:3d:49:b2:81:98:9b:52:ba:df:13:
         cf:9d:f7:43:8a:70:4d:8c:df:9b:48:65:03:fb:0a:2d:1a:21:
         f2:6a:2d:4e
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUK+1X0dsQBhdkjZ/8sn32muhwiBAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMTA1MDAwMDAwWhcNMjQxMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A1NmQyOTU4ODc0ZTgwM2MzZmM4YzE5MjU2Zjk5MDQwMjA2
Y2VjMDE2YzJkMzBhY2UxMzdmOWQ1NTYyMTYwMzY5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDNmcWhfqHic3uzr9s8pkqRt6xLtsfhKoULtJxpNjI5Q4ko
ac4lFoQyOJyWoIOrkxLjQGGtjFBUQfDRBwlOtnuBJynMAL6HFihGC3c7GfZRpTFg
R56xTy6GckKtGfe5iqyKPhpewdjWOCgcDCIBUrp+c5y7Wcge4jWGBB+3dcpEAg+N
UuEfwbFqi/uWfzc196jdLcgkJCDCXlDjNaYV8CJ/HzcTOL8CIlW35LX1ZyKc42gh
MsscJ/RSNaK2mD9BgIt7jm0kh+drQ4Xeq4bjK83IJ01VM67C+z7rpRl6OtqbRsIF
ZeKp08YFuoBfaLpUo+ouhh4BJuhK3/3jxkz+yvENAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUG1MDQx5mevnt2zU5LmhQ75RwbL8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRkOWQ5ZWZlLTZiYzQtNGNlNy05MWZiLThiMWUwMzJkNGVkNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8WgDANBgkqhkiG9w0BAQsFAAOCAQEAEb60rE4pV4YtEtNbm/r6yU+p
nmmH2Hf7KF7XhrEcw1jt3jFG9+butEBlCIR0dioAc1n7iOK21PzJvngnv6Va2T8P
sE/+5+wiTNq/6xCXHRF0Wl/6N56vDqRDNcpoK2SQvbAsHnL/wGGNWtxeODbyUFtY
MjNlSDoaEafWEbpZs4AjNBG3xrZpmoeemZl/DvI0SRiFkUE4OCcSopE8sIrJyLBS
+tjWG0XuEyONMsKPIrXKbiSgDNVYNBCaDhaaXBYK1UBoOjj2Cj3KZVrz2pc0dI03
QO6wVuIDrORz+y6I0DA9SbKBmJtSut8Tz533Q4pwTYzfm0hlA/sKLRoh8motTg==
-----END CERTIFICATE-----
Generated at Thu Nov 7 01:57:29 2024 by rpki-client on console-fra.rpki-client.org