Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8ea3c173-2d90-428b-8f3d-aef2bc267266.roa
File:                     8ea3c173-2d90-428b-8f3d-aef2bc267266.roa (raw, json)
Hash identifier:          OMSwsXTa6jVUpEWC+wTwnBF+LQ+V6ayYyvP7DtmA+EY=
Subject key identifier:   B6:B7:FC:CB:20:4F:8D:8F:FF:AF:EF:63:A1:13:D1:45:47:0C:10:2B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6F5AADE2EE658CE12F5BC931398439F57173B5B1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8ea3c173-2d90-428b-8f3d-aef2bc267266.roa
Signing time:             Tue 03 Dec 2024 00:00:00 +0000
ROA not before:           Tue 03 Dec 2024 00:00:00 +0000
ROA not after:            Tue 07 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ffd:833b::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 12 Dec 2024 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6f:5a:ad:e2:ee:65:8c:e1:2f:5b:c9:31:39:84:39:f5:71:73:b5:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec  3 00:00:00 2024 GMT
            Not After : Jan  7 23:59:59 2025 GMT
        Subject: serialNumber=ac38d0a2f89f39dbf8294aac5dfcb2a2e4aa15cc01d662d5479609a8659842a4, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:4d:e2:c0:a1:93:cf:42:df:c8:f2:1c:9e:6a:
                    5a:c4:7b:7d:f8:1f:02:8c:e4:69:7a:9e:56:15:27:
                    f7:4a:d5:07:65:81:2d:f2:a8:c6:d1:14:a6:92:41:
                    9e:74:4a:d2:b7:0f:3e:dd:33:12:92:eb:29:82:07:
                    da:49:c0:a3:93:22:74:a6:3a:0e:99:5e:02:ec:15:
                    e0:98:91:e1:e8:6d:b7:29:72:ad:05:ee:f9:0c:91:
                    6c:17:32:8a:6b:52:72:3b:3f:08:d8:05:c2:de:cd:
                    61:0a:37:f6:d1:01:de:5d:02:83:a6:5f:4a:95:ba:
                    1b:f1:7a:1c:46:88:0e:13:8e:23:a4:10:ee:85:62:
                    d0:f1:e3:cd:40:c9:1c:9e:e3:bc:d0:d3:c6:a8:0b:
                    21:b3:2c:bc:3c:0f:d0:db:1e:20:8b:35:8b:f3:60:
                    c4:4a:a0:bd:b1:52:55:b7:e5:d3:39:83:9c:bb:fd:
                    35:8d:06:ae:a2:19:50:8c:da:1c:87:cb:41:c3:fa:
                    92:b4:96:0f:ff:1c:8f:63:e6:2a:db:c2:72:e6:58:
                    ec:94:77:c8:1d:a7:aa:97:f3:1b:0b:1c:34:92:66:
                    1b:6a:28:24:e7:82:b8:2b:92:9e:71:67:1d:91:b5:
                    24:9b:a5:db:ed:7d:67:b7:5c:12:34:8a:36:f8:27:
                    89:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:B7:FC:CB:20:4F:8D:8F:FF:AF:EF:63:A1:13:D1:45:47:0C:10:2B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8ea3c173-2d90-428b-8f3d-aef2bc267266.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ffd:833b::/48

    Signature Algorithm: sha256WithRSAEncryption
         7c:87:ac:b4:11:6a:9a:ef:48:67:4f:b0:df:38:af:e3:b0:b1:
         53:d5:0b:f6:88:44:22:c3:a7:a3:8f:4d:01:9b:f1:c5:72:3d:
         f2:46:40:71:b0:95:7a:c9:2f:46:f9:e9:ac:15:50:d0:c6:e2:
         46:3e:1f:c8:46:0b:13:4f:97:d0:0c:8b:b2:39:ed:7c:e5:89:
         84:77:26:12:6a:f7:0c:76:54:56:17:29:a9:a3:b7:9f:66:e8:
         21:79:fb:0c:e1:9a:96:ac:18:61:c0:66:55:75:1e:d1:f7:c8:
         9f:64:50:dc:21:73:5a:dc:2a:35:12:19:c0:38:a5:5a:70:59:
         f8:05:62:2a:c5:9d:ef:5f:9f:ad:84:4c:ff:62:ec:f2:c3:e2:
         d7:ae:3f:f3:95:b9:6f:67:8e:90:9c:d5:a3:9f:b4:0f:bb:ed:
         77:75:85:61:d7:8d:67:29:56:66:d0:ba:87:3a:53:85:38:21:
         33:e2:93:d6:51:1e:95:60:f8:f5:47:6c:28:e6:90:d2:7e:b4:
         a0:1c:ec:fe:40:4e:f0:26:73:68:19:57:8c:f0:9b:a8:1b:64:
         29:c4:e6:24:05:bc:ad:85:4c:91:cd:f5:84:72:bc:00:44:bd:
         9b:bf:76:d2:e4:66:42:d1:02:47:f0:17:07:2d:55:28:90:2a:
         ec:6d:4d:c6
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUb1qt4u5ljOEvW8kxOYQ59XFztbEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAzMDAwMDAwWhcNMjUwMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BhYzM4ZDBhMmY4OWYzOWRiZjgyOTRhYWM1ZGZjYjJhMmU0
YWExNWNjMDFkNjYyZDU0Nzk2MDlhODY1OTg0MmE0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCjTeLAoZPPQt/I8hyealrEe334HwKM5Gl6nlYVJ/dK1Qdl
gS3yqMbRFKaSQZ50StK3Dz7dMxKS6ymCB9pJwKOTInSmOg6ZXgLsFeCYkeHobbcp
cq0F7vkMkWwXMoprUnI7PwjYBcLezWEKN/bRAd5dAoOmX0qVuhvxehxGiA4TjiOk
EO6FYtDx481AyRye47zQ08aoCyGzLLw8D9DbHiCLNYvzYMRKoL2xUlW35dM5g5y7
/TWNBq6iGVCM2hyHy0HD+pK0lg//HI9j5irbwnLmWOyUd8gdp6qX8xsLHDSSZhtq
KCTngrgrkp5xZx2RtSSbpdvtfWe3XBI0ijb4J4kfAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUtrf8yyBPjY//r+9joRPRRUcMECswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhlYTNjMTczLTJkOTAtNDI4Yi04ZjNkLWFlZjJiYzI2NzI2Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB/9gzswDQYJKoZIhvcNAQELBQADggEBAHyHrLQRaprvSGdPsN84r+Ow
sVPVC/aIRCLDp6OPTQGb8cVyPfJGQHGwlXrJL0b56awVUNDG4kY+H8hGCxNPl9AM
i7I57XzliYR3JhJq9wx2VFYXKamjt59m6CF5+wzhmpasGGHAZlV1HtH3yJ9kUNwh
c1rcKjUSGcA4pVpwWfgFYirFne9fn62ETP9i7PLD4teuP/OVuW9njpCc1aOftA+7
7Xd1hWHXjWcpVmbQuoc6U4U4ITPik9ZRHpVg+PVHbCjmkNJ+tKAc7P5ATvAmc2gZ
V4zwm6gbZCnE5iQFvK2FTJHN9YRyvABEvZu/dtLkZkLRAkfwFwctVSiQKuxtTcY=
-----END CERTIFICATE-----
Generated at Wed Dec 11 00:54:36 2024 by rpki-client on console-ams.rpki-client.org