Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ecb777e6-e596-438b-aa6c-8dc3055af2de.roa
File:                     ecb777e6-e596-438b-aa6c-8dc3055af2de.roa (raw, json)
Hash identifier:          Yj8HsUPYB2nqBrKO80vnZieTG66Gg5K/lXhnNERMuWI=
Subject key identifier:   19:3E:BC:CA:92:88:8A:FB:9B:95:D8:CC:D1:D7:9E:07:CF:14:41:5B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       AC8BB66C352F542A9652D41A4D3B96631A01E8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ecb777e6-e596-438b-aa6c-8dc3055af2de.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ff7:4000::/39 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            ac:8b:b6:6c:35:2f:54:2a:96:52:d4:1a:4d:3b:96:63:1a:01:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=e800a7f1f2f0c0a1a7d705d1552eb7ee7aa9a8d4f421457c9340b4ec923b9e7f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:00:02:10:12:57:0a:da:55:1a:4a:31:54:db:
                    23:73:fa:01:67:d6:1b:5e:81:04:ce:c8:fe:f2:20:
                    a4:78:f0:93:5d:b8:6e:43:e2:82:61:92:59:30:2a:
                    21:67:33:5d:f0:7f:dd:29:63:e7:0a:2b:78:f1:c8:
                    7b:12:28:1e:8a:a2:18:f0:d4:89:b7:58:f2:e3:3a:
                    42:45:e3:4b:23:5c:7f:dd:0f:4b:e3:09:18:d4:69:
                    54:f6:02:a4:11:69:4e:3c:21:f1:bd:c9:6d:94:83:
                    8e:c7:9f:ae:5b:64:50:d9:52:e5:ef:78:07:a3:c4:
                    f0:90:e1:e5:58:95:ab:91:2d:7d:92:f5:ac:18:c0:
                    1c:4f:1b:c4:47:cc:a5:9d:6d:e9:57:cf:f4:c1:e9:
                    6d:d3:ff:23:94:9f:fd:aa:7e:bb:53:ea:ca:f2:6e:
                    42:7a:03:32:e9:d0:c9:85:a7:95:fe:6a:15:fd:f2:
                    8a:d5:e2:1c:c6:2c:26:09:01:e4:4c:9c:93:09:51:
                    29:b1:78:ce:bc:91:2e:a4:aa:09:b6:09:1a:06:9f:
                    ab:23:63:50:6c:68:d1:ef:70:1d:86:25:4c:50:f4:
                    07:04:40:ee:28:0d:d0:c3:46:70:3d:fd:44:90:c8:
                    a9:22:2d:4a:39:fc:47:ce:f4:a7:47:51:37:4b:0a:
                    6a:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:3E:BC:CA:92:88:8A:FB:9B:95:D8:CC:D1:D7:9E:07:CF:14:41:5B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ecb777e6-e596-438b-aa6c-8dc3055af2de.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff7:4000::/39

    Signature Algorithm: sha256WithRSAEncryption
         31:f8:95:52:81:17:75:b0:e3:36:f8:a0:5b:10:d5:65:47:a9:
         b7:2a:6d:7c:ce:10:3e:89:b2:41:8c:f7:14:41:fc:73:d5:3b:
         c0:e2:3b:04:42:b1:8c:0c:7b:d0:6c:a3:cc:12:4e:07:53:40:
         34:7a:b3:05:e3:1f:c1:78:77:f2:b7:cc:90:b1:75:82:f5:62:
         b7:41:d8:6e:bf:a5:3d:3a:59:ec:fb:89:85:b9:a2:b0:0e:28:
         4d:46:83:f3:c6:99:6a:7c:a8:32:1e:49:2d:33:d2:12:30:cb:
         c1:e7:17:c6:37:10:2a:2c:22:55:d9:74:77:4f:d2:53:37:38:
         f0:d4:0b:09:4e:1d:56:64:3c:8f:72:c7:84:0d:7a:7f:63:3d:
         91:51:af:d5:6c:73:61:04:88:0f:ef:59:79:49:38:0b:75:d1:
         47:da:67:3a:af:37:db:ab:1b:f1:f1:96:e3:38:3f:71:03:01:
         5c:29:80:e4:3f:ed:bf:e5:f2:9a:98:1d:74:2d:74:a5:8e:29:
         7b:c9:3f:1d:4e:7d:cc:f4:f6:06:26:85:c8:7c:54:60:fa:e4:
         a0:60:30:e5:ca:34:9a:84:19:ff:42:a5:05:b8:85:54:77:8c:
         d4:a9:fc:97:42:20:ae:e8:f9:3d:1a:71:c8:99:7f:b2:99:c7:
         6f:13:9d:02
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUAKyLtmw1L1QqllLUGk07lmMaAegwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BlODAwYTdmMWYyZjBjMGExYTdkNzA1ZDE1NTJlYjdlZTdh
YTlhOGQ0ZjQyMTQ1N2M5MzQwYjRlYzkyM2I5ZTdmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFAAIQElcK2lUaSjFU2yNz+gFn1htegQTOyP7yIKR48JNd
uG5D4oJhklkwKiFnM13wf90pY+cKK3jxyHsSKB6Kohjw1Im3WPLjOkJF40sjXH/d
D0vjCRjUaVT2AqQRaU48IfG9yW2Ug47Hn65bZFDZUuXveAejxPCQ4eVYlauRLX2S
9awYwBxPG8RHzKWdbelXz/TB6W3T/yOUn/2qfrtT6srybkJ6AzLp0MmFp5X+ahX9
8orV4hzGLCYJAeRMnJMJUSmxeM68kS6kqgm2CRoGn6sjY1BsaNHvcB2GJUxQ9AcE
QO4oDdDDRnA9/USQyKkiLUo5/EfO9KdHUTdLCmr3AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUGT68ypKIivubldjM0deeB88UQVswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2VjYjc3N2U2LWU1OTYtNDM4Yi1hYTZjLThkYzMwNTVhZjJkZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmAB/3QDANBgkqhkiG9w0BAQsFAAOCAQEAMfiVUoEXdbDjNvigWxDVZUep
typtfM4QPomyQYz3FEH8c9U7wOI7BEKxjAx70GyjzBJOB1NANHqzBeMfwXh38rfM
kLF1gvVit0HYbr+lPTpZ7PuJhbmisA4oTUaD88aZanyoMh5JLTPSEjDLwecXxjcQ
KiwiVdl0d0/SUzc48NQLCU4dVmQ8j3LHhA16f2M9kVGv1WxzYQSID+9ZeUk4C3XR
R9pnOq8326sb8fGW4zg/cQMBXCmA5D/tv+XympgddC10pY4pe8k/HU59zPT2BiaF
yHxUYPrkoGAw5co0moQZ/0KlBbiFVHeM1Kn8l0Igruj5PRpxyJl/spnHbxOdAg==
-----END CERTIFICATE-----
Generated at Thu Mar 28 01:00:34 2024 by rpki-client on console-fra.rpki-client.org