Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c88bc903-16fc-4d37-9398-665b5419307e.roa
File:                     c88bc903-16fc-4d37-9398-665b5419307e.roa (raw, json)
Hash identifier:          jYPBGgqzOhn4iSbXcY+pu4/iUJACHbPHl4hdNWiOIQ8=
Subject key identifier:   19:C4:26:A8:A8:7C:16:4B:EA:14:D0:77:CA:10:E1:A4:61:4C:83:9D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       10645A0B245B1B36121166A57FE1B4D614FB7852
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c88bc903-16fc-4d37-9398-665b5419307e.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f68:4000::/39 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:64:5a:0b:24:5b:1b:36:12:11:66:a5:7f:e1:b4:d6:14:fb:78:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=b14efee33906cb691f74e78e5fb47e3dc0ea50f4b9c6008165f88f311babe5f0, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:e0:56:e1:e1:25:c3:9a:4f:ac:dc:c7:2d:90:
                    51:68:dc:39:4d:38:52:eb:86:79:78:e7:7e:16:a6:
                    f4:1b:b6:fb:1a:aa:c6:ed:6d:15:87:ea:59:76:02:
                    c1:0e:fe:6e:14:94:ed:04:e8:38:2e:51:e3:74:0b:
                    35:9a:bd:c6:8d:eb:8e:0e:0a:0b:8e:da:62:ae:d9:
                    7d:e8:6a:6d:66:29:e0:51:d3:3f:14:2f:1d:1e:17:
                    bc:c5:92:74:4d:ab:04:da:36:ec:74:d9:17:f5:09:
                    87:a7:ab:8a:c1:de:62:af:16:8d:9a:3e:db:ca:24:
                    22:61:29:e2:4b:a1:ee:30:85:11:10:b0:f6:23:2f:
                    aa:87:83:fc:1b:25:70:aa:6a:d1:50:d8:2e:cc:d4:
                    72:a2:23:1f:6c:21:01:c0:24:1a:7b:9f:7b:e5:88:
                    17:91:72:33:18:15:a8:d8:74:e5:d5:e8:68:d6:fa:
                    6c:66:70:71:dd:b6:64:b9:a5:16:f9:78:ff:aa:d2:
                    24:bb:9a:51:cd:3b:5c:16:6c:be:e6:2c:67:6c:e0:
                    11:fa:66:b2:c1:77:1c:41:ba:68:7c:fc:0a:40:88:
                    81:3d:f5:be:a3:5c:6f:cd:a7:88:7b:b1:29:da:2b:
                    33:3d:fa:37:11:5d:1b:75:98:38:85:89:43:7a:de:
                    05:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:C4:26:A8:A8:7C:16:4B:EA:14:D0:77:CA:10:E1:A4:61:4C:83:9D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c88bc903-16fc-4d37-9398-665b5419307e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f68:4000::/39

    Signature Algorithm: sha256WithRSAEncryption
         36:5a:26:c6:23:31:36:26:e1:de:27:5f:15:8e:ea:15:ae:dd:
         c2:32:56:45:5a:ea:67:3b:7b:9f:b0:d7:4e:b3:f0:c6:ec:b8:
         1e:04:44:2d:d3:12:9c:9e:ed:26:eb:bd:88:0d:a2:3f:86:b3:
         1e:37:24:df:64:41:3e:ef:aa:aa:d1:f2:1d:26:e3:76:b9:b1:
         fe:8c:c2:de:71:4c:c6:36:05:39:2c:38:7a:3e:d7:a0:6d:85:
         6e:93:b8:09:4b:06:52:10:cb:02:86:7d:37:a7:97:53:b8:98:
         b6:06:2a:fd:ca:87:fc:54:ad:56:1f:d5:1f:a2:92:12:0f:a3:
         06:68:26:f5:14:0e:53:21:79:4f:7a:8e:89:cc:79:0b:d6:02:
         e8:54:a6:b1:30:5e:eb:d4:4c:03:3d:3b:cb:40:76:f3:c1:44:
         a2:c4:58:c0:2c:30:01:ac:4c:b0:ff:7d:98:5d:b9:e0:1b:6d:
         80:87:55:a4:d4:91:30:56:24:12:9c:7d:ad:42:48:63:16:cc:
         dd:ac:91:4b:7a:2f:73:17:2f:7f:be:f4:bf:52:9c:67:f2:df:
         ea:ca:f9:04:a6:da:fb:98:cc:0e:97:27:56:fe:d2:42:a7:f6:
         e0:49:5e:74:ff:b5:c4:84:e0:94:05:6f:5e:bd:24:ea:6b:46:
         4f:d1:f2:5a
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUEGRaCyRbGzYSEWalf+G01hT7eFIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BiMTRlZmVlMzM5MDZjYjY5MWY3NGU3OGU1ZmI0N2UzZGMw
ZWE1MGY0YjljNjAwODE2NWY4OGYzMTFiYWJlNWYwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCY4Fbh4SXDmk+s3MctkFFo3DlNOFLrhnl4534WpvQbtvsa
qsbtbRWH6ll2AsEO/m4UlO0E6DguUeN0CzWavcaN644OCguO2mKu2X3oam1mKeBR
0z8ULx0eF7zFknRNqwTaNux02Rf1CYenq4rB3mKvFo2aPtvKJCJhKeJLoe4whREQ
sPYjL6qHg/wbJXCqatFQ2C7M1HKiIx9sIQHAJBp7n3vliBeRcjMYFajYdOXV6GjW
+mxmcHHdtmS5pRb5eP+q0iS7mlHNO1wWbL7mLGds4BH6ZrLBdxxBumh8/ApAiIE9
9b6jXG/Np4h7sSnaKzM9+jcRXRt1mDiFiUN63gXpAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUGcQmqKh8FkvqFNB3yhDhpGFMg50wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M4OGJjOTAzLTE2ZmMtNGQzNy05Mzk4LTY2NWI1NDE5MzA3ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmAB9oQDANBgkqhkiG9w0BAQsFAAOCAQEANlomxiMxNibh3idfFY7qFa7d
wjJWRVrqZzt7n7DXTrPwxuy4HgRELdMSnJ7tJuu9iA2iP4azHjck32RBPu+qqtHy
HSbjdrmx/ozC3nFMxjYFOSw4ej7XoG2FbpO4CUsGUhDLAoZ9N6eXU7iYtgYq/cqH
/FStVh/VH6KSEg+jBmgm9RQOUyF5T3qOicx5C9YC6FSmsTBe69RMAz07y0B288FE
osRYwCwwAaxMsP99mF254BttgIdVpNSRMFYkEpx9rUJIYxbM3ayRS3ovcxcvf770
v1KcZ/Lf6sr5BKba+5jMDpcnVv7SQqf24EledP+1xITglAVvXr0k6mtGT9HyWg==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:17:35 2024 by rpki-client on console-ams.rpki-client.org