Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/c686f937-000a-490a-846c-e2773b637b26.roa
File:                     c686f937-000a-490a-846c-e2773b637b26.roa (raw, json)
Hash identifier:          oScw+GgAU4UtlEZz10x+Y5M83utGa6L0NC0W+M7S2f4=
Subject key identifier:   FD:B9:06:7D:45:30:8B:45:E9:C1:66:FD:97:65:2A:64:72:7A:84:DD
Certificate issuer:       /CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
Certificate serial:       23558533C94EC87F5D8B6DA6060FA19C1017FEEB
Authority key identifier: 1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/c686f937-000a-490a-846c-e2773b637b26.roa
Signing time:             Wed 06 Mar 2024 00:00:00 +0000
ROA not before:           Wed 06 Mar 2024 00:00:00 +0000
ROA not after:            Wed 10 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2606:f40::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 07:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:55:85:33:c9:4e:c8:7f:5d:8b:6d:a6:06:0f:a1:9c:10:17:fe:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
        Validity
            Not Before: Mar  6 00:00:00 2024 GMT
            Not After : Apr 10 23:59:59 2024 GMT
        Subject: serialNumber=294ad1b2bf0f0151c2bbae2dbe6e4a764d1b6d203c3bfc0ce34724fc5fa25216, CN=8f95e4d1-f14f-4d61-ae00-67e047d2f102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:4b:72:b0:da:e2:a1:ca:dc:c2:0e:b0:98:e4:
                    2f:0e:da:34:f3:e5:d8:3d:f5:81:3a:17:35:d4:94:
                    ae:3d:b2:db:05:a4:d6:ca:9b:50:4e:4f:18:d1:19:
                    4d:85:d2:0b:ee:06:5a:3c:d0:a7:22:82:4f:95:3d:
                    d2:23:13:9b:a9:30:62:a5:1d:74:e6:bf:e8:f9:22:
                    0a:46:6d:0d:be:07:11:8b:10:f4:66:6c:0e:93:fa:
                    13:67:dc:66:5c:a8:a7:51:da:6e:7d:95:5c:7f:5b:
                    ac:82:b6:6e:64:83:96:75:e0:b9:74:20:de:a2:55:
                    ee:bf:48:83:60:27:e4:51:27:d2:8e:a4:19:5a:aa:
                    00:14:94:b3:b8:65:41:2f:de:7d:f7:67:bc:7d:70:
                    2a:0c:06:2c:54:60:00:ce:69:ab:dc:83:16:7b:5a:
                    be:c8:ea:4f:d6:17:a4:57:48:24:1a:ca:0a:16:c6:
                    73:13:68:13:0c:98:10:3f:e8:a6:8c:1f:73:85:43:
                    e0:45:a5:db:8e:f2:0a:02:d8:1c:ee:ad:8f:e0:8e:
                    53:b0:f4:59:e9:c9:6a:4b:85:76:63:88:94:bd:78:
                    86:bf:dd:b5:23:f5:2b:03:d0:19:c6:a2:71:69:1e:
                    e5:74:96:c9:61:c8:a8:07:13:68:21:fe:7e:99:c2:
                    b1:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:B9:06:7D:45:30:8B:45:E9:C1:66:FD:97:65:2A:64:72:7A:84:DD
            X509v3 Authority Key Identifier:
                keyid:1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/c686f937-000a-490a-846c-e2773b637b26.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2606:f40::/32

    Signature Algorithm: sha256WithRSAEncryption
         38:48:84:5e:3d:e2:d1:ac:5f:fd:91:58:d3:88:36:0c:3e:90:
         22:1b:ba:24:b7:13:12:50:f5:25:e5:fe:6b:38:52:77:3b:6e:
         30:62:8d:43:e4:04:7d:e0:05:b3:7a:83:b6:af:d5:4c:80:fc:
         06:91:fc:2a:9c:95:07:a3:ea:4b:ca:51:46:94:f0:a3:b4:1e:
         a5:ec:a3:5f:36:b1:ee:6f:3f:5c:a3:99:7d:34:b4:44:34:1b:
         1f:8e:a7:1a:e9:f7:c6:f0:a4:32:94:56:47:e2:38:13:8d:65:
         2c:3b:ca:a0:9e:6e:91:ec:f8:b5:3c:3a:fb:23:83:8e:65:7b:
         49:6d:92:e5:77:1c:99:80:19:b7:61:5a:ee:9b:3a:bd:fa:2d:
         8a:b8:86:ca:22:5c:42:62:79:8f:a8:d7:c2:c4:ae:8b:4e:86:
         7f:ad:bf:26:fd:9c:c2:f1:12:dc:24:3f:12:ab:b3:01:f2:9f:
         d9:76:38:fe:be:06:7e:32:ee:e8:1e:d8:0f:6d:a6:64:3c:3d:
         9e:9b:96:f0:6f:a7:9d:97:1d:ef:b1:e8:a5:e7:c9:e5:45:e1:
         1c:ba:e6:24:4d:21:e7:70:57:f7:fb:ed:66:31:75:7f:55:4e:
         79:65:d7:cc:9b:99:0e:a2:e0:32:9c:b8:9d:9f:b2:27:56:87:
         15:fc:8e:0e
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIUI1WFM8lOyH9di22mBg+hnBAX/uswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzE2N2E4YjNhMDFmMDY3MTdkMmFmNjJlMzgwOTA3MjA4
NGMzYWY4ZjQ4OTQ4ZTQwZTIwHhcNMjQwMzA2MDAwMDAwWhcNMjQwNDEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AyOTRhZDFiMmJmMGYwMTUxYzJiYmFlMmRiZTZlNGE3NjRk
MWI2ZDIwM2MzYmZjMGNlMzQ3MjRmYzVmYTI1MjE2MS0wKwYDVQQDEyQ4Zjk1ZTRk
MS1mMTRmLTRkNjEtYWUwMC02N2UwNDdkMmYxMDIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC8S3Kw2uKhytzCDrCY5C8O2jTz5dg99YE6FzXUlK49stsF
pNbKm1BOTxjRGU2F0gvuBlo80Kcigk+VPdIjE5upMGKlHXTmv+j5IgpGbQ2+BxGL
EPRmbA6T+hNn3GZcqKdR2m59lVx/W6yCtm5kg5Z14Ll0IN6iVe6/SINgJ+RRJ9KO
pBlaqgAUlLO4ZUEv3n33Z7x9cCoMBixUYADOaavcgxZ7Wr7I6k/WF6RXSCQaygoW
xnMTaBMMmBA/6KaMH3OFQ+BFpduO8goC2BzurY/gjlOw9FnpyWpLhXZjiJS9eIa/
3bUj9SsD0BnGonFpHuV0lslhyKgHE2gh/n6ZwrFLAgMBAAGjggKyMIICrjAdBgNV
HQ4EFgQU/bkGfUUwi0XpwWb9l2UqZHJ6hN0wHwYDVR0jBBgwFoAUHl8tYvha0oTU
0Ykla4hp6OkRKDgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
Lzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS8wYTNkYjRmZi05
Y2Q4LTRkMDItYTAyNy02ZmE5MDQ5NGEzYTEvYzE2N2E4YjNhMDFmMDY3MTdkMmFm
NjJlMzgwOTA3MjA4NGMzYWY4ZjQ4OTQ4ZTQwZTIuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmYwNTlhMjEtZDQxYi00ODQ2LWI3YWUtN2Vh
MzhjMzJmZDRjL2M2ODZmOTM3LTAwMGEtNDkwYS04NDZjLWUyNzczYjYzN2IyNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJmMDU5YTIxLWQ0MWItNDg0Ni1iN2Fl
LTdlYTM4YzMyZmQ0Yy9Id1p4ZlNyMkxqZ0pCeUNFdzYtUFNKU09RT0kuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC
MAcDBQAmBg9AMA0GCSqGSIb3DQEBCwUAA4IBAQA4SIRePeLRrF/9kVjTiDYMPpAi
G7oktxMSUPUl5f5rOFJ3O24wYo1D5AR94AWzeoO2r9VMgPwGkfwqnJUHo+pLylFG
lPCjtB6l7KNfNrHubz9co5l9NLRENBsfjqca6ffG8KQylFZH4jgTjWUsO8qgnm6R
7Pi1PDr7I4OOZXtJbZLldxyZgBm3YVrumzq9+i2KuIbKIlxCYnmPqNfCxK6LToZ/
rb8m/ZzC8RLcJD8Sq7MB8p/Zdjj+vgZ+Mu7oHtgPbaZkPD2em5bwb6edlx3vseil
58nlReEcuuYkTSHncFf3++1mMXV/VU55ZdfMm5kOouAynLidn7InVocV/I4O
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:37:35 2024 by rpki-client on console-fra.rpki-client.org