Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e6b153cf-e279-4391-b2b5-396bbbb05179.roa
File:                     e6b153cf-e279-4391-b2b5-396bbbb05179.roa (raw, json)
Hash identifier:          +GEa2PWFg4XxvbLiaFKkp5Nn0LoUW/8vYq0/17j2QpM=
Subject key identifier:   D8:22:0C:08:C2:8D:2C:51:06:82:95:05:6B:D6:F0:FB:6D:0B:7A:C6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0A5EA09EB663A1924A5E0D86EF64A6CC57D9E72A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e6b153cf-e279-4391-b2b5-396bbbb05179.roa
Signing time:             Tue 03 Dec 2024 00:00:00 +0000
ROA not before:           Tue 03 Dec 2024 00:00:00 +0000
ROA not after:            Tue 07 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f2e:4000::/36 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 11 Dec 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:5e:a0:9e:b6:63:a1:92:4a:5e:0d:86:ef:64:a6:cc:57:d9:e7:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec  3 00:00:00 2024 GMT
            Not After : Jan  7 23:59:59 2025 GMT
        Subject: serialNumber=029688cd075ecfd3fdf7521ee28105d29f569a6bb7306a36f58dccfe59ca7fe6, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:e9:3d:14:61:9c:37:10:8a:76:df:ad:25:b8:
                    7c:2e:c4:d3:55:53:27:99:34:3e:77:51:68:7a:56:
                    24:6a:96:b2:71:f6:71:cb:e5:7a:76:b6:35:8f:a2:
                    95:36:14:28:23:07:d6:b7:91:03:57:d9:4f:80:31:
                    ea:de:d5:cb:15:99:d9:37:48:da:44:5d:bd:f4:4e:
                    4b:6a:9d:1c:1e:86:26:f6:8a:71:3b:80:47:56:13:
                    c8:09:b6:d6:ee:ea:62:e4:06:aa:5a:ab:a6:3b:77:
                    11:27:59:fb:46:87:76:55:b1:6c:5d:0f:3e:78:87:
                    6a:ea:8a:44:11:e2:27:c4:47:22:a0:83:50:5a:2a:
                    fc:a1:37:f5:21:dc:24:7e:e5:81:5c:0a:80:df:d2:
                    bc:38:f2:d0:60:10:86:34:c3:fd:ae:26:5d:18:5d:
                    a6:36:d7:ab:84:d2:3f:a1:63:5d:75:a9:5f:f4:5f:
                    c3:ee:d7:75:34:7d:0e:b1:43:5c:3d:2e:60:6f:cd:
                    70:92:ab:fe:5d:de:95:bf:34:da:7b:19:43:d1:dc:
                    77:40:61:e5:02:9d:ad:5a:8c:fa:3e:e3:b8:a8:20:
                    03:95:29:a1:9f:77:5f:fd:cb:7f:08:48:76:03:0b:
                    f2:f6:b5:df:df:a1:b8:29:f6:3a:70:2e:79:b4:28:
                    62:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:22:0C:08:C2:8D:2C:51:06:82:95:05:6B:D6:F0:FB:6D:0B:7A:C6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e6b153cf-e279-4391-b2b5-396bbbb05179.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f2e:4000::/36

    Signature Algorithm: sha256WithRSAEncryption
         c8:72:49:89:87:10:da:e1:b7:01:a3:54:cb:d7:fe:77:ae:6b:
         6d:1c:cd:ab:b4:02:4f:70:43:54:93:a8:cf:1a:ca:3f:60:3b:
         47:f9:c1:93:73:2c:19:bb:a9:31:5c:40:5c:a0:41:40:24:35:
         c0:e7:e6:f5:2f:f6:85:88:7b:08:e5:da:cf:2c:a1:be:9b:8a:
         50:d6:0a:87:3d:f4:c7:8f:16:9d:34:f6:9f:eb:ce:e9:b2:c7:
         02:e1:29:73:4a:38:20:e8:f1:f5:4b:47:53:d4:6e:5b:e9:48:
         3e:ea:55:7f:bc:c2:98:34:9b:94:22:7f:20:04:5e:c3:ed:ae:
         e5:67:b4:03:86:37:dc:f5:77:7c:20:fc:c5:89:6b:9b:9d:d5:
         b1:f9:4f:9f:ec:fc:61:2b:28:e5:75:6d:e1:3f:47:00:d9:6b:
         62:29:c5:65:1c:13:7d:dc:57:04:9d:d1:2c:46:45:82:f8:46:
         25:6c:11:1c:ea:41:0c:a8:e8:f6:b7:c8:a0:b9:88:cf:86:a0:
         75:3a:28:a2:c6:78:d6:b8:1d:3b:18:2b:ad:98:68:8e:de:74:
         0b:65:83:9d:a8:70:8a:c7:d6:f9:99:5d:aa:7a:f0:59:b2:a5:
         40:83:68:30:43:af:41:85:9c:f0:f8:b4:d8:db:78:cd:88:75:
         b5:8e:ef:41
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUCl6gnrZjoZJKXg2G72SmzFfZ5yowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAzMDAwMDAwWhcNMjUwMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0AwMjk2ODhjZDA3NWVjZmQzZmRmNzUyMWVlMjgxMDVkMjlm
NTY5YTZiYjczMDZhMzZmNThkY2NmZTU5Y2E3ZmU2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCE6T0UYZw3EIp2360luHwuxNNVUyeZND53UWh6ViRqlrJx
9nHL5Xp2tjWPopU2FCgjB9a3kQNX2U+AMere1csVmdk3SNpEXb30TktqnRwehib2
inE7gEdWE8gJttbu6mLkBqpaq6Y7dxEnWftGh3ZVsWxdDz54h2rqikQR4ifERyKg
g1BaKvyhN/Uh3CR+5YFcCoDf0rw48tBgEIY0w/2uJl0YXaY216uE0j+hY111qV/0
X8Pu13U0fQ6xQ1w9LmBvzXCSq/5d3pW/NNp7GUPR3HdAYeUCna1ajPo+47ioIAOV
KaGfd1/9y38ISHYDC/L2td/fobgp9jpwLnm0KGL1AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU2CIMCMKNLFEGgpUFa9bw+20LesYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U2YjE1M2NmLWUyNzktNDM5MS1iMmI1LTM5NmJiYmIwNTE3OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8uQDANBgkqhkiG9w0BAQsFAAOCAQEAyHJJiYcQ2uG3AaNUy9f+d65r
bRzNq7QCT3BDVJOozxrKP2A7R/nBk3MsGbupMVxAXKBBQCQ1wOfm9S/2hYh7COXa
zyyhvpuKUNYKhz30x48WnTT2n+vO6bLHAuEpc0o4IOjx9UtHU9RuW+lIPupVf7zC
mDSblCJ/IARew+2u5We0A4Y33PV3fCD8xYlrm53VsflPn+z8YSso5XVt4T9HANlr
YinFZRwTfdxXBJ3RLEZFgvhGJWwRHOpBDKjo9rfIoLmIz4agdTooosZ41rgdOxgr
rZhojt50C2WDnahwisfW+ZldqnrwWbKlQINoMEOvQYWc8Pi02Nt4zYh1tY7vQQ==
-----END CERTIFICATE-----
Generated at Tue Dec 10 06:56:38 2024 by rpki-client on console-fra.rpki-client.org