Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/7b42a858-c151-4232-9c6a-fac95474a828.roa
File:                     7b42a858-c151-4232-9c6a-fac95474a828.roa (raw, json)
Hash identifier:          yeqmzEMVdTutiTSKb5H3tmLnCIiiEpAyT9zlLxKy6Sw=
Subject key identifier:   60:70:6F:66:00:2D:65:57:AA:05:B6:C1:E6:C5:4E:91:44:C8:0C:98
Certificate issuer:       /CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
Certificate serial:       4C0C01002E0369123A65919060327585A085EFD1
Authority key identifier: 1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/7b42a858-c151-4232-9c6a-fac95474a828.roa
Signing time:             Mon 04 Mar 2024 00:00:00 +0000
ROA not before:           Mon 04 Mar 2024 00:00:00 +0000
ROA not after:            Mon 08 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2606:f40:ffff::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:03:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:0c:01:00:2e:03:69:12:3a:65:91:90:60:32:75:85:a0:85:ef:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
        Validity
            Not Before: Mar  4 00:00:00 2024 GMT
            Not After : Apr  8 23:59:59 2024 GMT
        Subject: serialNumber=74dad6068fd7f2232fc6820a2d36f5a712b728c7be6df62724537f689939c2b7, CN=8f95e4d1-f14f-4d61-ae00-67e047d2f102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:a9:e4:ad:ab:8d:a8:16:28:6c:4e:d1:e5:fb:
                    5c:24:e6:03:e1:26:c9:6c:fe:cf:13:9b:c7:8d:47:
                    21:97:26:b0:18:7f:4e:e8:f8:59:e7:62:86:76:ba:
                    f3:39:77:ce:6f:af:76:0b:27:f1:ba:29:b4:7d:c9:
                    7d:e2:45:1b:85:15:64:54:b0:bd:d1:e1:62:01:37:
                    11:47:1e:4b:06:b5:f7:e8:f0:44:ec:eb:02:0a:c4:
                    ec:e1:f6:1f:d8:3c:27:9a:fe:fe:86:dc:f4:a6:5d:
                    eb:08:2c:68:6c:82:6c:85:7c:c2:e1:f1:fb:cf:c4:
                    97:ee:81:f1:a9:62:22:41:91:fe:7b:d8:8a:39:02:
                    78:26:57:90:50:fc:31:c2:62:60:ad:ed:78:10:a9:
                    38:56:fd:04:93:32:a4:8d:66:53:9f:07:07:b8:63:
                    2b:d9:31:e5:3a:00:3e:8f:e5:bc:c9:f1:b4:f3:03:
                    0b:90:4e:b9:b3:d8:27:f9:67:c4:c3:86:98:fd:97:
                    91:56:ea:d5:8b:f6:4c:d6:10:0d:76:a0:00:08:86:
                    f5:ac:7e:11:3e:85:c1:7c:ce:2e:40:ba:42:d1:73:
                    36:68:a9:4c:e7:07:02:3d:73:4e:9a:d6:bd:78:6c:
                    cf:2e:5c:7d:f7:e0:46:43:4f:8d:7e:58:fe:5a:c6:
                    9a:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:70:6F:66:00:2D:65:57:AA:05:B6:C1:E6:C5:4E:91:44:C8:0C:98
            X509v3 Authority Key Identifier:
                keyid:1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/7b42a858-c151-4232-9c6a-fac95474a828.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2606:f40:ffff::/48

    Signature Algorithm: sha256WithRSAEncryption
         5b:2f:39:2c:63:c3:65:c8:bd:74:18:3a:98:b6:1c:c6:19:c7:
         35:36:83:15:51:ae:a5:71:8d:f0:57:0c:72:a3:bb:2d:d1:0b:
         23:42:cf:a1:2f:84:fb:90:3d:29:89:fd:9c:59:c2:a4:66:b2:
         78:3b:26:d7:c0:c7:83:31:29:00:38:ba:15:98:98:72:07:52:
         f0:b1:37:4c:31:47:2c:08:b1:23:5c:cc:f0:21:43:2d:cd:41:
         07:16:64:b8:72:1c:76:24:9f:0c:47:78:b7:85:63:46:ea:86:
         3b:6a:f8:9d:57:55:a8:f2:6f:20:f2:4c:c2:71:78:65:0c:b5:
         2e:ab:20:fe:f6:d2:d2:60:85:4f:c3:d7:28:79:69:c5:bf:ce:
         48:85:ee:8d:00:05:13:ab:3f:5b:da:25:7f:e1:a3:c7:f2:55:
         a3:93:b6:1d:fa:12:01:fe:85:ce:8d:b3:63:10:dd:b7:3c:af:
         64:bd:3d:ef:01:db:d6:53:25:6d:1a:cf:6f:c9:93:78:69:a9:
         ce:b1:87:2c:77:90:99:38:68:bf:10:85:e0:23:b6:d2:5e:13:
         f8:8e:72:11:6e:8a:60:cc:01:11:98:c8:37:7c:40:71:17:f2:
         bf:0c:cd:eb:ab:ab:51:67:85:6d:0f:3b:8c:f9:57:d7:e6:73:
         bd:b3:14:57
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUTAwBAC4DaRI6ZZGQYDJ1haCF79EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzE2N2E4YjNhMDFmMDY3MTdkMmFmNjJlMzgwOTA3MjA4
NGMzYWY4ZjQ4OTQ4ZTQwZTIwHhcNMjQwMzA0MDAwMDAwWhcNMjQwNDA4MjM1OTU5
WjB6MUkwRwYDVQQFE0A3NGRhZDYwNjhmZDdmMjIzMmZjNjgyMGEyZDM2ZjVhNzEy
YjcyOGM3YmU2ZGY2MjcyNDUzN2Y2ODk5MzljMmI3MS0wKwYDVQQDEyQ4Zjk1ZTRk
MS1mMTRmLTRkNjEtYWUwMC02N2UwNDdkMmYxMDIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCeqeStq42oFihsTtHl+1wk5gPhJsls/s8Tm8eNRyGXJrAY
f07o+FnnYoZ2uvM5d85vr3YLJ/G6KbR9yX3iRRuFFWRUsL3R4WIBNxFHHksGtffo
8ETs6wIKxOzh9h/YPCea/v6G3PSmXesILGhsgmyFfMLh8fvPxJfugfGpYiJBkf57
2Io5AngmV5BQ/DHCYmCt7XgQqThW/QSTMqSNZlOfBwe4YyvZMeU6AD6P5bzJ8bTz
AwuQTrmz2Cf5Z8TDhpj9l5FW6tWL9kzWEA12oAAIhvWsfhE+hcF8zi5AukLRczZo
qUznBwI9c06a1r14bM8uXH334EZDT41+WP5axpopAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUYHBvZgAtZVeqBbbB5sVOkUTIDJgwHwYDVR0jBBgwFoAUHl8tYvha0oTU
0Ykla4hp6OkRKDgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
Lzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS8wYTNkYjRmZi05
Y2Q4LTRkMDItYTAyNy02ZmE5MDQ5NGEzYTEvYzE2N2E4YjNhMDFmMDY3MTdkMmFm
NjJlMzgwOTA3MjA4NGMzYWY4ZjQ4OTQ4ZTQwZTIuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmYwNTlhMjEtZDQxYi00ODQ2LWI3YWUtN2Vh
MzhjMzJmZDRjLzdiNDJhODU4LWMxNTEtNDIzMi05YzZhLWZhYzk1NDc0YTgyOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJmMDU5YTIxLWQ0MWItNDg0Ni1iN2Fl
LTdlYTM4YzMyZmQ0Yy9Id1p4ZlNyMkxqZ0pCeUNFdzYtUFNKU09RT0kuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBg9A//8wDQYJKoZIhvcNAQELBQADggEBAFsvOSxjw2XIvXQYOpi2HMYZ
xzU2gxVRrqVxjfBXDHKjuy3RCyNCz6EvhPuQPSmJ/ZxZwqRmsng7JtfAx4MxKQA4
uhWYmHIHUvCxN0wxRywIsSNczPAhQy3NQQcWZLhyHHYknwxHeLeFY0bqhjtq+J1X
VajybyDyTMJxeGUMtS6rIP720tJghU/D1yh5acW/zkiF7o0ABROrP1vaJX/ho8fy
VaOTth36EgH+hc6Ns2MQ3bc8r2S9Pe8B29ZTJW0az2/Jk3hpqc6xhyx3kJk4aL8Q
heAjttJeE/iOchFuimDMARGYyDd8QHEX8r8Mzeurq1FnhW0PO4z5V9fmc72zFFc=
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:05:59 2024 by rpki-client on console-ams.rpki-client.org