Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8ea3c173-2d90-428b-8f3d-aef2bc267266.roa
File:                     8ea3c173-2d90-428b-8f3d-aef2bc267266.roa (raw, json)
Hash identifier:          bsody0dHi5W1FEaMHhllZsekKjKbzoAranQfdth5MWo=
Subject key identifier:   48:E4:21:59:3A:6A:2F:5D:86:3A:3F:92:E5:63:3F:38:41:A7:75:D5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       129F6EE1E061A0C253C7C312D373A71B7727CA03
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8ea3c173-2d90-428b-8f3d-aef2bc267266.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ffd:833b::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:9f:6e:e1:e0:61:a0:c2:53:c7:c3:12:d3:73:a7:1b:77:27:ca:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=ea09a3da9a731d5a267f07ee696ba73ea70168c0353885a06b0161e1a61cc0c2, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:7a:9c:a1:03:2a:0d:89:78:b4:24:14:a8:5f:
                    0e:66:f1:b7:fe:70:b0:e5:e0:7a:50:f1:ba:e3:05:
                    48:b3:8a:01:8e:85:0e:6f:98:c4:a3:08:0b:ef:84:
                    35:2f:7f:39:17:ed:03:0e:6f:05:b7:87:ba:0f:74:
                    1b:3c:2b:c8:8f:f6:a2:f6:52:39:f8:a7:29:7a:d6:
                    22:18:30:c3:b9:aa:17:e4:97:61:39:88:b7:b6:f0:
                    58:0d:22:fc:33:4b:2f:8c:fe:63:5a:0d:99:e9:d4:
                    76:7e:00:bc:a3:3a:d0:0e:31:34:66:54:bf:68:15:
                    f6:d2:b5:e4:f7:c4:7d:ed:3f:81:e9:ae:e3:f0:17:
                    b2:26:f0:d3:16:95:1c:3a:89:50:12:cd:a4:20:72:
                    f9:1b:58:25:15:4d:36:93:ee:e7:c5:33:3a:41:7b:
                    76:8e:51:af:d6:bc:96:61:f7:c2:c0:f8:72:2c:25:
                    2b:61:5f:d2:49:36:af:5b:8f:81:2a:66:de:7c:30:
                    ee:3c:41:1a:16:26:4f:ec:97:c5:c3:4f:52:41:1e:
                    ef:20:e5:96:b7:03:51:6c:2e:4e:08:3c:d4:09:bc:
                    5c:88:b9:31:e2:5e:82:a1:e3:36:de:7d:4f:25:6e:
                    5a:0f:73:12:53:db:28:88:68:26:b1:32:df:e1:3d:
                    a9:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:E4:21:59:3A:6A:2F:5D:86:3A:3F:92:E5:63:3F:38:41:A7:75:D5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8ea3c173-2d90-428b-8f3d-aef2bc267266.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ffd:833b::/48

    Signature Algorithm: sha256WithRSAEncryption
         7c:c9:33:ea:eb:37:7e:98:16:6a:b5:81:0a:b9:96:65:44:f0:
         08:d4:ce:ac:8c:54:ba:31:cd:3c:a1:a5:fb:71:5e:90:e1:c4:
         cf:6b:43:34:69:f5:ad:3a:37:5d:0b:c4:de:77:82:15:3c:60:
         ca:bc:35:77:60:9d:5e:f6:f3:8f:a1:e1:a9:79:ac:a2:26:1d:
         49:46:59:d8:c9:6b:9a:89:ce:4d:b6:fc:cb:29:8d:72:d2:3e:
         27:16:68:f4:6f:56:17:78:69:1f:b0:ac:ae:8c:a7:f6:4b:56:
         a3:39:a7:9f:ce:76:69:ed:bf:b9:d8:61:77:36:54:ba:c3:cf:
         07:59:bd:e0:44:a4:af:ff:90:99:05:d6:06:b4:5a:6a:94:65:
         08:09:07:34:1f:36:a7:ef:97:26:42:05:11:b8:39:ec:67:f9:
         56:4b:8c:03:1b:aa:36:62:95:53:e1:7c:90:1d:8a:a4:bc:58:
         5b:c4:aa:f6:f7:cc:fe:e4:b2:7f:20:dc:ef:b4:33:84:ad:2a:
         30:68:0f:24:c4:ee:16:54:96:8b:4a:8a:09:1d:20:a5:e6:38:
         13:a2:c9:0e:1f:ed:bf:f2:01:e2:f4:59:b2:71:3d:2d:50:25:
         4d:62:5a:f9:33:ed:c8:51:65:09:bf:a0:5f:b4:3f:3e:d3:9a:
         2f:bb:2a:ce
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUEp9u4eBhoMJTx8MS03OnG3cnygMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BlYTA5YTNkYTlhNzMxZDVhMjY3ZjA3ZWU2OTZiYTczZWE3
MDE2OGMwMzUzODg1YTA2YjAxNjFlMWE2MWNjMGMyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDWepyhAyoNiXi0JBSoXw5m8bf+cLDl4HpQ8brjBUizigGO
hQ5vmMSjCAvvhDUvfzkX7QMObwW3h7oPdBs8K8iP9qL2Ujn4pyl61iIYMMO5qhfk
l2E5iLe28FgNIvwzSy+M/mNaDZnp1HZ+ALyjOtAOMTRmVL9oFfbSteT3xH3tP4Hp
ruPwF7Im8NMWlRw6iVASzaQgcvkbWCUVTTaT7ufFMzpBe3aOUa/WvJZh98LA+HIs
JSthX9JJNq9bj4EqZt58MO48QRoWJk/sl8XDT1JBHu8g5Za3A1FsLk4IPNQJvFyI
uTHiXoKh4zbefU8lbloPcxJT2yiIaCaxMt/hPamRAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUSOQhWTpqL12GOj+S5WM/OEGnddUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhlYTNjMTczLTJkOTAtNDI4Yi04ZjNkLWFlZjJiYzI2NzI2Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB/9gzswDQYJKoZIhvcNAQELBQADggEBAHzJM+rrN36YFmq1gQq5lmVE
8AjUzqyMVLoxzTyhpftxXpDhxM9rQzRp9a06N10LxN53ghU8YMq8NXdgnV7284+h
4al5rKImHUlGWdjJa5qJzk22/MspjXLSPicWaPRvVhd4aR+wrK6Mp/ZLVqM5p5/O
dmntv7nYYXc2VLrDzwdZveBEpK//kJkF1ga0WmqUZQgJBzQfNqfvlyZCBRG4Oexn
+VZLjAMbqjZilVPhfJAdiqS8WFvEqvb3zP7ksn8g3O+0M4StKjBoDyTE7hZUlotK
igkdIKXmOBOiyQ4f7b/yAeL0WbJxPS1QJU1iWvkz7chRZQm/oF+0Pz7Tmi+7Ks4=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:17:23 2024 by rpki-client on console-ams.rpki-client.org