Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ecb777e6-e596-438b-aa6c-8dc3055af2de.roa
File:                     ecb777e6-e596-438b-aa6c-8dc3055af2de.roa (raw, json)
Hash identifier:          +06qCqRO2o1oePhy97fTdI5XLvLI4qSSzed5GFLpPEc=
Subject key identifier:   11:95:7D:10:3F:59:32:2A:39:F7:02:ED:3E:68:35:70:A9:73:F4:58
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4D0F5796F84CD34C57FE0FB87B3CB2D49E5E570E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ecb777e6-e596-438b-aa6c-8dc3055af2de.roa
Signing time:             Mon 02 Dec 2024 00:00:00 +0000
ROA not before:           Mon 02 Dec 2024 00:00:00 +0000
ROA not after:            Mon 06 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ff7:4000::/39 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 13 Dec 2024 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:0f:57:96:f8:4c:d3:4c:57:fe:0f:b8:7b:3c:b2:d4:9e:5e:57:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec  2 00:00:00 2024 GMT
            Not After : Jan  6 23:59:59 2025 GMT
        Subject: serialNumber=a2b386117ebb9b4ea325aca927943b1c38da6d662d5d2d22886b88f925fcc89f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:1e:d4:51:10:14:a2:7e:8f:40:5d:0d:6b:66:
                    b4:3b:20:f4:1a:c4:f1:cf:64:b8:5d:4f:a3:12:25:
                    3a:01:ed:83:a6:22:66:f1:81:f9:fd:82:69:f3:0a:
                    81:bb:26:78:4f:3a:df:20:5e:4c:72:d8:58:1c:32:
                    b6:24:21:ee:52:aa:b1:5e:f7:1d:b1:ca:eb:00:48:
                    de:7f:5f:fa:de:95:b2:15:3f:c9:f2:a4:28:a3:51:
                    91:a7:dc:8a:78:18:17:84:0c:b2:42:ab:2c:a7:30:
                    af:2a:3a:e1:3c:24:8b:39:25:39:31:e1:f8:03:12:
                    0b:8b:31:e3:b9:93:70:38:16:d6:4d:9c:ba:05:57:
                    46:6a:e6:a5:72:3c:1c:3d:bb:4f:86:8a:91:c7:0e:
                    57:3c:b2:50:48:35:7f:89:0f:9d:24:6d:60:3d:3a:
                    1b:e2:55:6b:6f:96:52:9d:eb:0a:a0:5d:2c:4b:3d:
                    cf:dd:de:22:a3:47:f4:e0:a8:d4:44:4e:ba:f9:f7:
                    e5:30:dd:be:6a:d3:77:46:df:13:21:ed:d1:23:27:
                    28:d1:e6:c1:f0:4f:64:d2:83:33:a1:d2:33:a6:d0:
                    7b:18:cc:f2:a5:b8:19:30:50:34:b8:14:31:f8:93:
                    7e:f8:cf:db:00:3a:7d:7b:72:34:7c:26:3a:1f:ce:
                    b0:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:95:7D:10:3F:59:32:2A:39:F7:02:ED:3E:68:35:70:A9:73:F4:58
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ecb777e6-e596-438b-aa6c-8dc3055af2de.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff7:4000::/39

    Signature Algorithm: sha256WithRSAEncryption
         5d:69:d3:0c:58:4e:2d:55:28:ff:c1:c3:46:f7:29:e3:ee:53:
         fd:97:f2:2c:d1:54:2e:dd:73:e0:38:f8:1e:e0:fc:e4:a4:9e:
         cb:b9:ce:71:4f:fb:25:ba:ac:3c:51:0a:e7:c6:ce:ca:ce:16:
         82:5f:17:b3:57:03:2f:9f:2f:4f:04:bc:32:95:11:3a:0f:3f:
         80:e9:bb:fd:1f:24:33:e4:91:57:9f:2f:0a:83:fe:07:c9:4c:
         70:5e:e9:1a:ef:56:1c:b7:2b:af:b3:06:80:0a:74:27:6d:8d:
         a2:ed:be:f1:66:bd:03:6e:32:00:fb:3e:ed:9a:24:5e:89:14:
         f2:e2:4e:5b:b5:1f:36:b8:80:49:9f:d1:f9:fd:bd:65:08:30:
         59:a9:64:66:50:c0:47:f7:0b:3d:64:79:c0:fe:90:db:b8:ec:
         88:31:48:ce:28:ad:1c:ea:a5:0d:20:ee:92:a6:08:05:64:f1:
         de:f4:64:89:bf:d2:1c:44:cf:57:42:b0:17:bd:35:d0:b6:5d:
         91:f9:c1:a7:26:ca:24:e0:50:57:be:6f:a0:a7:d3:5b:9d:a1:
         52:5e:f8:4e:e2:81:56:6b:56:8b:79:10:22:90:f1:86:fb:3f:
         3e:24:d4:69:02:76:ab:4d:b3:2e:3c:e3:b5:1d:61:fd:29:24:
         1a:c8:bd:3f
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUTQ9XlvhM00xX/g+4ezyy1J5eVw4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAyMDAwMDAwWhcNMjUwMTA2MjM1OTU5
WjB6MUkwRwYDVQQFE0BhMmIzODYxMTdlYmI5YjRlYTMyNWFjYTkyNzk0M2IxYzM4
ZGE2ZDY2MmQ1ZDJkMjI4ODZiODhmOTI1ZmNjODlmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4HtRREBSifo9AXQ1rZrQ7IPQaxPHPZLhdT6MSJToB7YOm
Imbxgfn9gmnzCoG7JnhPOt8gXkxy2FgcMrYkIe5SqrFe9x2xyusASN5/X/relbIV
P8nypCijUZGn3Ip4GBeEDLJCqyynMK8qOuE8JIs5JTkx4fgDEguLMeO5k3A4FtZN
nLoFV0Zq5qVyPBw9u0+GipHHDlc8slBINX+JD50kbWA9OhviVWtvllKd6wqgXSxL
Pc/d3iKjR/TgqNRETrr59+Uw3b5q03dG3xMh7dEjJyjR5sHwT2TSgzOh0jOm0HsY
zPKluBkwUDS4FDH4k374z9sAOn17cjR8JjofzrD7AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUEZV9ED9ZMio59wLtPmg1cKlz9FgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2VjYjc3N2U2LWU1OTYtNDM4Yi1hYTZjLThkYzMwNTVhZjJkZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmAB/3QDANBgkqhkiG9w0BAQsFAAOCAQEAXWnTDFhOLVUo/8HDRvcp4+5T
/ZfyLNFULt1z4Dj4HuD85KSey7nOcU/7JbqsPFEK58bOys4Wgl8Xs1cDL58vTwS8
MpUROg8/gOm7/R8kM+SRV58vCoP+B8lMcF7pGu9WHLcrr7MGgAp0J22Nou2+8Wa9
A24yAPs+7ZokXokU8uJOW7UfNriASZ/R+f29ZQgwWalkZlDAR/cLPWR5wP6Q27js
iDFIziitHOqlDSDukqYIBWTx3vRkib/SHETPV0KwF7010LZdkfnBpybKJOBQV75v
oKfTW52hUl74TuKBVmtWi3kQIpDxhvs/PiTUaQJ2q02zLjzjtR1h/SkkGsi9Pw==
-----END CERTIFICATE-----
Generated at Wed Dec 11 21:56:36 2024 by rpki-client on console-fra.rpki-client.org