Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/57b9b652-a6e0-4d50-b4a8-bf9ea2724802.roa
File:                     57b9b652-a6e0-4d50-b4a8-bf9ea2724802.roa (raw, json)
Hash identifier:          gWchv7IaICCtg5TLhpWPYRVwh2JvvMik10pWiieq0n4=
Subject key identifier:   81:04:1D:CE:D5:82:1B:BB:64:26:63:29:21:E2:41:90:F4:D8:B0:A3
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       560B6C86188A375D73CB36A4EEABE7E7563C43E1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/57b9b652-a6e0-4d50-b4a8-bf9ea2724802.roa
Signing time:             Tue 05 Nov 2024 00:00:00 +0000
ROA not before:           Tue 05 Nov 2024 00:00:00 +0000
ROA not after:            Tue 10 Dec 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f68:5000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Dec 2024 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:0b:6c:86:18:8a:37:5d:73:cb:36:a4:ee:ab:e7:e7:56:3c:43:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  5 00:00:00 2024 GMT
            Not After : Dec 10 23:59:59 2024 GMT
        Subject: serialNumber=564c7e957c696a591aad5096a226f44dea3186bda9b1268d853ecab5237d5c15, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:c8:2d:49:f1:ae:7f:4c:bc:b9:28:79:4f:f6:
                    e7:66:a5:c9:89:db:30:c8:41:4b:db:74:a8:a2:d2:
                    1e:19:8f:cc:3a:15:2a:c4:83:09:a1:64:77:86:4f:
                    1d:2d:17:ed:73:2c:54:3e:16:2e:7a:10:a1:55:e0:
                    9a:6f:49:4c:80:1a:fc:4b:67:02:29:e9:a1:87:7c:
                    c7:f6:ad:24:cf:4d:b3:64:6a:cd:7d:cc:84:4e:29:
                    88:81:f9:51:ca:1c:2d:f3:cf:4d:75:8b:25:02:b8:
                    fd:be:81:27:82:26:0d:a3:0c:b9:8f:f5:a4:84:3e:
                    06:72:e6:19:17:cd:43:16:68:a3:21:2a:e3:1b:c9:
                    c8:d1:49:5c:24:8e:df:77:0f:c7:98:39:4c:db:01:
                    2d:c0:4f:f1:d0:84:4f:34:e0:a9:e4:ec:ec:9d:52:
                    44:01:6a:2c:0d:97:d2:f1:75:a6:81:3a:b4:c9:dd:
                    de:bb:1f:05:ba:e1:8d:38:0f:17:58:ef:a0:9c:df:
                    45:00:1c:4f:8a:03:e5:2a:ec:b5:ec:21:3f:24:db:
                    a3:c8:91:cd:29:ec:9d:03:32:be:64:8f:99:86:fc:
                    a1:f1:b3:d9:ff:16:a6:91:81:0c:7f:a2:29:5f:76:
                    81:fe:cf:ca:ee:00:ef:a3:fe:d6:bb:a2:10:b9:a8:
                    c7:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:04:1D:CE:D5:82:1B:BB:64:26:63:29:21:E2:41:90:F4:D8:B0:A3
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/57b9b652-a6e0-4d50-b4a8-bf9ea2724802.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f68:5000::/40

    Signature Algorithm: sha256WithRSAEncryption
         91:82:34:46:7c:f1:7d:50:ad:33:32:70:ac:8d:7d:b6:8c:56:
         e7:17:66:d7:ff:23:7d:c0:73:66:7d:31:38:e7:55:6b:d5:ea:
         58:3b:52:1c:e4:b8:d5:16:72:c3:2e:ae:44:53:26:87:f2:3b:
         5b:37:37:a9:85:98:a5:72:5f:00:b9:59:07:78:c8:cd:d3:71:
         04:2b:76:72:44:e7:7e:48:8b:da:d2:d4:9b:1a:bf:29:d5:03:
         f1:ba:40:e7:76:f9:fe:f2:19:c0:0d:0e:13:12:49:95:92:7f:
         c2:5c:59:f1:f1:d5:2c:59:1e:04:cd:fc:73:34:af:d0:f4:fe:
         9c:ec:9c:87:d4:6c:b2:cc:c1:26:c4:be:2a:7b:b6:5d:5c:83:
         37:ae:ef:4d:b7:2c:f7:3f:6c:d6:1b:9f:43:d7:c7:8f:f8:97:
         7a:1d:aa:1c:e4:ff:31:9d:aa:69:2e:82:8a:e5:a3:b6:1d:ed:
         46:c9:ab:d6:64:29:5f:7d:84:b2:ce:ce:77:d2:3d:0d:8a:52:
         f5:50:5b:48:a2:1b:a8:56:f4:5a:60:2e:05:f0:31:4e:15:f4:
         23:27:ba:26:47:ed:41:f6:b1:47:9c:a8:40:71:25:88:6c:51:
         b5:53:0d:a1:4d:19:a5:9a:17:35:d1:ca:88:42:19:44:b3:05:
         7c:ac:9b:96
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUVgtshhiKN11zyzak7qvn51Y8Q+EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMTA1MDAwMDAwWhcNMjQxMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A1NjRjN2U5NTdjNjk2YTU5MWFhZDUwOTZhMjI2ZjQ0ZGVh
MzE4NmJkYTliMTI2OGQ4NTNlY2FiNTIzN2Q1YzE1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDKyC1J8a5/TLy5KHlP9udmpcmJ2zDIQUvbdKii0h4Zj8w6
FSrEgwmhZHeGTx0tF+1zLFQ+Fi56EKFV4JpvSUyAGvxLZwIp6aGHfMf2rSTPTbNk
as19zIROKYiB+VHKHC3zz011iyUCuP2+gSeCJg2jDLmP9aSEPgZy5hkXzUMWaKMh
KuMbycjRSVwkjt93D8eYOUzbAS3AT/HQhE804Knk7OydUkQBaiwNl9LxdaaBOrTJ
3d67HwW64Y04DxdY76Cc30UAHE+KA+Uq7LXsIT8k26PIkc0p7J0DMr5kj5mG/KHx
s9n/FqaRgQx/oilfdoH+z8ruAO+j/ta7ohC5qMdZAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUgQQdztWCG7tkJmMpIeJBkPTYsKMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzU3YjliNjUyLWE2ZTAtNGQ1MC1iNGE4LWJmOWVhMjcyNDgwMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB9oUDANBgkqhkiG9w0BAQsFAAOCAQEAkYI0RnzxfVCtMzJwrI19toxW
5xdm1/8jfcBzZn0xOOdVa9XqWDtSHOS41RZywy6uRFMmh/I7Wzc3qYWYpXJfALlZ
B3jIzdNxBCt2ckTnfkiL2tLUmxq/KdUD8bpA53b5/vIZwA0OExJJlZJ/wlxZ8fHV
LFkeBM38czSv0PT+nOych9RssszBJsS+Knu2XVyDN67vTbcs9z9s1hufQ9fHj/iX
eh2qHOT/MZ2qaS6CiuWjth3tRsmr1mQpX32Ess7Od9I9DYpS9VBbSKIbqFb0WmAu
BfAxThX0Iye6JkftQfaxR5yoQHEliGxRtVMNoU0ZpZoXNdHKiEIZRLMFfKyblg==
-----END CERTIFICATE-----
Generated at Sun Dec 1 03:30:14 2024 by rpki-client on console-ams.rpki-client.org