Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9b5c9a22-1899-402f-bd9a-ace762a1037b.roa
File:                     9b5c9a22-1899-402f-bd9a-ace762a1037b.roa (raw, json)
Hash identifier:          BaN1dCVP6JytqMxn6CcCaEFwN3ryjYdV1J8snxfyh7Y=
Subject key identifier:   82:B2:24:9A:93:44:7A:2D:9F:A5:F2:BE:D1:9B:ED:93:4C:BC:5F:65
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1752597F6CFCB965B26B795D34EE12FF4FB70D04
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9b5c9a22-1899-402f-bd9a-ace762a1037b.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ff8:6000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            17:52:59:7f:6c:fc:b9:65:b2:6b:79:5d:34:ee:12:ff:4f:b7:0d:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=2d4aff8c92493bf962b6a03be76938ea175a7d69c824c3594b64456564f382cf, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:ee:e0:27:9d:26:29:97:42:48:e1:c3:34:63:
                    e0:01:75:17:a9:e7:90:c9:47:95:76:99:70:8f:c0:
                    6d:25:3d:30:52:5e:97:e0:7a:2e:1f:9b:29:39:84:
                    ed:b1:27:2a:69:8b:aa:01:ad:ef:12:8e:6d:8f:1e:
                    e7:c7:99:5b:9d:ca:8c:e1:a5:b1:ec:db:ba:48:59:
                    2c:e4:df:65:22:70:2b:b6:c7:ae:c0:5f:3d:a3:94:
                    ae:9e:f4:64:2c:65:97:21:6f:b3:8e:87:a7:91:f9:
                    4a:e9:c7:8c:19:ba:0a:d7:89:7d:1f:0f:ad:61:81:
                    70:d4:62:c0:de:0a:06:68:06:84:0b:4e:ee:1e:b2:
                    67:e3:99:d5:df:44:47:9e:46:07:79:2a:f6:42:82:
                    97:04:f4:f1:34:ee:16:91:f1:4c:bc:3f:b2:8c:12:
                    92:75:ed:9f:c1:70:b6:42:a6:31:16:03:70:b0:52:
                    44:01:91:be:74:22:d8:e7:7d:a7:56:ca:fd:14:c2:
                    74:29:11:f9:de:27:b8:19:74:a3:24:e5:4f:dd:a9:
                    0b:fe:e6:a5:2f:1b:d2:b9:dd:50:c6:23:1a:bb:fe:
                    eb:ce:16:05:57:ba:de:90:ef:4a:1e:90:e1:fc:40:
                    5d:cd:75:3d:ba:ca:4a:8f:7f:d8:06:bf:0f:6e:3b:
                    30:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:B2:24:9A:93:44:7A:2D:9F:A5:F2:BE:D1:9B:ED:93:4C:BC:5F:65
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9b5c9a22-1899-402f-bd9a-ace762a1037b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff8:6000::/40

    Signature Algorithm: sha256WithRSAEncryption
         06:0f:31:a6:5d:c0:42:3a:d4:0d:34:f1:21:83:9b:1b:b1:6b:
         7c:e0:e3:b8:d6:5f:8f:a0:40:a9:4b:c0:e9:1a:06:87:88:a8:
         0c:5a:ad:9b:47:81:47:bb:77:bd:41:91:5a:fd:5f:5b:7f:ab:
         f8:8f:72:8e:c8:2e:69:a4:69:f9:ca:a2:a9:3e:1e:aa:4a:0a:
         5e:35:0c:8a:d5:c3:0f:36:d5:ab:b7:53:a6:d4:e9:c3:12:57:
         06:c0:3a:6a:2e:92:66:03:c8:4c:66:e8:3e:11:6c:6b:a7:bd:
         38:36:d0:68:97:22:9b:82:07:82:a1:79:df:f6:41:82:9a:f3:
         d5:b7:45:c6:d1:9d:6d:6e:e3:b3:54:64:55:4e:e8:73:ac:65:
         9f:4d:c7:6e:a6:23:5c:d8:4b:69:9f:16:f8:d5:f0:2f:9a:99:
         9b:a2:3e:84:4e:46:c4:a5:ea:5f:89:88:dd:0d:43:44:1f:08:
         e5:c4:67:f4:a0:05:f6:0f:5e:db:5f:21:bb:bf:e3:78:99:58:
         77:46:b4:e1:00:45:9d:93:ea:fe:72:ec:0e:86:f4:aa:4e:af:
         07:80:69:71:c9:85:ce:58:7d:6b:f9:cd:18:85:1c:e9:f1:27:
         a7:c1:89:10:2b:53:23:73:26:b9:c7:8d:98:a1:6e:78:4f:73:
         16:25:43:22
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUF1JZf2z8uWWya3ldNO4S/0+3DQQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0AyZDRhZmY4YzkyNDkzYmY5NjJiNmEwM2JlNzY5MzhlYTE3
NWE3ZDY5YzgyNGMzNTk0YjY0NDU2NTY0ZjM4MmNmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC47uAnnSYpl0JI4cM0Y+ABdRep55DJR5V2mXCPwG0lPTBS
Xpfgei4fmyk5hO2xJyppi6oBre8Sjm2PHufHmVudyozhpbHs27pIWSzk32UicCu2
x67AXz2jlK6e9GQsZZchb7OOh6eR+Urpx4wZugrXiX0fD61hgXDUYsDeCgZoBoQL
Tu4esmfjmdXfREeeRgd5KvZCgpcE9PE07haR8Uy8P7KMEpJ17Z/BcLZCpjEWA3Cw
UkQBkb50ItjnfadWyv0UwnQpEfneJ7gZdKMk5U/dqQv+5qUvG9K53VDGIxq7/uvO
FgVXut6Q70oekOH8QF3NdT26ykqPf9gGvw9uOzAjAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUgrIkmpNEei2fpfK+0Zvtk0y8X2UwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzliNWM5YTIyLTE4OTktNDAyZi1iZDlhLWFjZTc2MmExMDM3Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/4YDANBgkqhkiG9w0BAQsFAAOCAQEABg8xpl3AQjrUDTTxIYObG7Fr
fODjuNZfj6BAqUvA6RoGh4ioDFqtm0eBR7t3vUGRWv1fW3+r+I9yjsguaaRp+cqi
qT4eqkoKXjUMitXDDzbVq7dTptTpwxJXBsA6ai6SZgPITGboPhFsa6e9ODbQaJci
m4IHgqF53/ZBgprz1bdFxtGdbW7js1RkVU7oc6xln03HbqYjXNhLaZ8W+NXwL5qZ
m6I+hE5GxKXqX4mI3Q1DRB8I5cRn9KAF9g9e218hu7/jeJlYd0a04QBFnZPq/nLs
Dob0qk6vB4BpccmFzlh9a/nNGIUc6fEnp8GJECtTI3MmuceNmKFueE9zFiVDIg==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:17:26 2024 by rpki-client on console-ams.rpki-client.org