Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7d02e54b-0acf-4c3b-9e5e-14842df8e352.roa
File:                     7d02e54b-0acf-4c3b-9e5e-14842df8e352.roa (raw, json)
Hash identifier:          tNNOFE7O0QeQ8An0nWaEsksebgQ0/caGeQu4OcPTMAI=
Subject key identifier:   03:1C:F9:BE:44:CA:F3:3B:17:02:3E:9C:5C:F2:A1:46:A0:F7:12:6F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       60E44A4DAB331821B80D9D966827C95D2AED4485
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7d02e54b-0acf-4c3b-9e5e-14842df8e352.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ffd:80f0::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:e4:4a:4d:ab:33:18:21:b8:0d:9d:96:68:27:c9:5d:2a:ed:44:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=616713dcbc90dd358fdd684cd78dca74ac187d3b851a62cf998c06b74a95c38a, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:bf:51:c4:01:9a:ce:ae:fc:f1:13:d5:de:cd:
                    cb:e3:82:37:b1:4d:68:16:7d:31:19:b2:2b:76:4c:
                    90:a7:aa:4b:4e:31:91:3b:eb:05:4f:26:0a:ff:f1:
                    22:89:a4:38:28:a1:e6:c8:a7:87:e9:b0:bd:69:a7:
                    44:89:aa:40:1b:ae:08:a5:a5:2b:a2:82:24:36:37:
                    d4:0f:b3:86:38:ad:7d:d7:bb:67:b8:29:b7:0f:04:
                    23:97:d3:f7:d0:7f:65:6b:b1:7b:47:c9:64:b2:be:
                    dc:83:bb:bc:8f:03:b7:4f:48:8e:3a:98:83:8e:c4:
                    1e:5a:4d:c3:1b:47:44:1a:41:a8:b1:2b:6a:76:82:
                    a6:ed:86:fe:96:a6:0c:95:cb:86:29:93:80:57:b5:
                    f7:dc:19:4c:2f:00:bf:c3:fe:d8:6a:ba:f3:c7:46:
                    05:2f:85:f4:01:db:b8:69:35:5a:c6:9f:34:32:1c:
                    79:6c:a9:cd:43:b1:c9:96:89:65:45:36:10:11:8c:
                    14:f7:b3:de:64:5f:f2:6a:85:45:2a:eb:d3:f9:1d:
                    3c:30:73:09:d8:91:18:18:cc:1b:3d:a9:1e:fe:d9:
                    84:a5:09:ee:f5:eb:df:ec:c4:44:7d:5b:1b:bb:cc:
                    c0:68:76:3b:e8:0d:fe:fa:be:71:68:05:3d:5f:84:
                    af:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:1C:F9:BE:44:CA:F3:3B:17:02:3E:9C:5C:F2:A1:46:A0:F7:12:6F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7d02e54b-0acf-4c3b-9e5e-14842df8e352.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ffd:80f0::/48

    Signature Algorithm: sha256WithRSAEncryption
         03:76:e9:ea:4d:81:50:6a:67:04:f5:db:9c:2c:92:f0:c6:58:
         15:c9:b6:5e:2b:a2:48:87:18:c7:5e:58:7f:82:11:a4:33:76:
         db:4a:8a:44:20:03:2d:d7:e9:9d:a6:aa:bb:aa:02:62:4c:98:
         89:6f:60:09:3f:1a:80:b2:2d:07:07:23:f5:2b:6c:45:7b:09:
         8b:97:c9:dd:ef:60:69:54:5e:6f:6e:b4:3e:e3:be:96:87:0f:
         f3:fc:74:5a:79:0c:00:1a:9c:af:d5:4e:96:fa:20:36:25:05:
         3d:83:b3:7d:63:60:8c:e2:df:f9:13:8d:b1:4e:5e:5d:45:69:
         1b:3b:67:56:b4:44:f3:91:e5:89:c3:57:46:86:22:ea:3f:df:
         2e:84:97:7c:27:33:62:41:69:35:61:de:77:1c:5d:73:0b:66:
         2c:21:e3:12:fe:d4:74:77:50:43:ad:f1:fa:68:bc:a9:84:3a:
         40:2c:b7:33:b0:96:b5:df:53:16:d3:87:7e:b9:c1:9b:91:96:
         e2:62:84:f5:6b:02:ea:e5:97:b9:35:9e:6d:cc:94:49:92:cc:
         78:5a:b7:3f:28:04:5c:ac:b6:bb:81:89:76:e5:1a:13:1f:a6:
         22:58:b8:35:76:51:ed:71:ff:1e:9c:93:bc:87:af:66:3f:e2:
         0b:99:1e:f3
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUYORKTaszGCG4DZ2WaCfJXSrtRIUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A2MTY3MTNkY2JjOTBkZDM1OGZkZDY4NGNkNzhkY2E3NGFj
MTg3ZDNiODUxYTYyY2Y5OThjMDZiNzRhOTVjMzhhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCfv1HEAZrOrvzxE9XezcvjgjexTWgWfTEZsit2TJCnqktO
MZE76wVPJgr/8SKJpDgooebIp4fpsL1pp0SJqkAbrgilpSuigiQ2N9QPs4Y4rX3X
u2e4KbcPBCOX0/fQf2VrsXtHyWSyvtyDu7yPA7dPSI46mIOOxB5aTcMbR0QaQaix
K2p2gqbthv6WpgyVy4Ypk4BXtffcGUwvAL/D/thquvPHRgUvhfQB27hpNVrGnzQy
HHlsqc1DscmWiWVFNhARjBT3s95kX/JqhUUq69P5HTwwcwnYkRgYzBs9qR7+2YSl
Ce7169/sxER9Wxu7zMBodjvoDf76vnFoBT1fhK89AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUAxz5vkTK8zsXAj6cXPKhRqD3Em8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdkMDJlNTRiLTBhY2YtNGMzYi05ZTVlLTE0ODQyZGY4ZTM1Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB/9gPAwDQYJKoZIhvcNAQELBQADggEBAAN26epNgVBqZwT125wskvDG
WBXJtl4rokiHGMdeWH+CEaQzdttKikQgAy3X6Z2mqruqAmJMmIlvYAk/GoCyLQcH
I/UrbEV7CYuXyd3vYGlUXm9utD7jvpaHD/P8dFp5DAAanK/VTpb6IDYlBT2Ds31j
YIzi3/kTjbFOXl1FaRs7Z1a0RPOR5YnDV0aGIuo/3y6El3wnM2JBaTVh3nccXXML
Ziwh4xL+1HR3UEOt8fpovKmEOkAstzOwlrXfUxbTh365wZuRluJihPVrAurll7k1
nm3MlEmSzHhatz8oBFystruBiXblGhMfpiJYuDV2Ue1x/x6ck7yHr2Y/4guZHvM=
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:05:32 2024 by rpki-client on console-ams.rpki-client.org