Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/ca3b7905-fc3e-488b-9f36-5fa382bf07c6.roa
File:                     ca3b7905-fc3e-488b-9f36-5fa382bf07c6.roa (raw, json)
Hash identifier:          q8+NOcJCyClDTn40XH6THjhHzPMMYJb2Tap0E+JM5FU=
Subject key identifier:   C8:D0:21:C6:A3:41:60:B5:18:60:B0:5A:1C:B0:FE:69:16:19:71:6E
Certificate issuer:       /CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
Certificate serial:       0397E281BB8D0C26B6B4A09A5CF86A3E76EFDCE0
Authority key identifier: 1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/ca3b7905-fc3e-488b-9f36-5fa382bf07c6.roa
Signing time:             Mon 04 Mar 2024 00:00:00 +0000
ROA not before:           Mon 04 Mar 2024 00:00:00 +0000
ROA not after:            Mon 08 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2606:f40:fffd::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:03:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:97:e2:81:bb:8d:0c:26:b6:b4:a0:9a:5c:f8:6a:3e:76:ef:dc:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
        Validity
            Not Before: Mar  4 00:00:00 2024 GMT
            Not After : Apr  8 23:59:59 2024 GMT
        Subject: serialNumber=cf3318a0eeeaca3f38b8e6f165a8136d3903bf7ed050dc9bed6ccbfd2e254e7f, CN=8f95e4d1-f14f-4d61-ae00-67e047d2f102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:73:64:23:d4:e7:cd:fb:a6:e8:a4:3c:b1:fb:
                    d9:d3:a0:48:ce:4d:b7:7e:74:a1:26:1f:d4:fa:21:
                    b1:e5:7e:4e:07:10:3a:36:19:c5:1b:38:cd:38:49:
                    8f:42:5d:e2:94:c4:1c:4f:55:a1:38:0d:59:7d:86:
                    65:c4:7d:42:00:ed:cd:b0:b7:93:9e:6e:ce:3e:69:
                    4e:6c:86:2a:4b:44:39:f5:b0:49:8d:92:fd:0b:2b:
                    98:ea:b3:52:43:43:48:09:13:0e:7c:99:2c:18:ef:
                    6c:7a:54:7a:f0:1c:3c:90:a6:c8:a0:49:fd:2f:ec:
                    1b:47:42:9d:bd:90:7c:8a:0b:d7:12:42:43:ce:6d:
                    90:a5:8e:c7:00:4b:3c:e4:64:50:3d:ca:14:36:11:
                    df:a6:7a:f9:0c:ed:7c:70:eb:f0:19:cf:df:7e:04:
                    78:07:93:99:80:66:6b:18:7d:b3:39:00:c7:2d:28:
                    ea:4b:da:e5:59:26:14:83:b7:f7:01:12:45:62:dc:
                    a7:62:2d:b8:e6:e6:b5:21:77:97:72:34:33:67:89:
                    26:6f:2d:fb:ca:43:5b:ea:b9:d5:72:7d:ee:b6:d7:
                    22:ce:e8:23:54:ea:44:56:4f:8e:97:19:7b:44:7d:
                    57:7e:88:7f:c0:e8:d8:35:1f:e1:4f:c2:2b:f7:d2:
                    6c:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:D0:21:C6:A3:41:60:B5:18:60:B0:5A:1C:B0:FE:69:16:19:71:6E
            X509v3 Authority Key Identifier:
                keyid:1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/ca3b7905-fc3e-488b-9f36-5fa382bf07c6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2606:f40:fffd::/48

    Signature Algorithm: sha256WithRSAEncryption
         d6:ed:1b:1f:4a:ae:bb:f8:bc:02:50:71:0a:5c:83:06:1d:0b:
         2c:0c:9e:94:03:27:3b:c3:e1:a0:84:52:dc:bd:d5:b8:29:ba:
         fb:48:2e:bf:23:2e:ce:37:1d:12:69:8b:e8:13:d3:93:0f:96:
         62:bb:25:51:c8:62:85:1c:fe:de:9c:a8:3c:8f:a4:68:73:c0:
         84:10:ec:d7:67:98:2f:bc:e1:47:18:19:b3:1e:5d:7f:a5:2c:
         dc:19:90:2b:84:bf:5e:c2:04:b5:24:1e:f9:ac:39:c2:8a:cd:
         2d:69:23:95:d2:b7:8b:20:13:3c:cb:45:c0:9d:62:3b:9d:b7:
         49:63:30:e2:8b:45:f2:39:22:f5:29:cc:a4:de:be:f2:5d:2c:
         a0:ea:9a:7a:56:8c:b1:5f:94:71:d8:ad:b2:2b:f4:94:bf:2d:
         e5:64:6e:c5:02:e8:d0:f3:8d:e6:7c:7f:86:83:17:4d:d5:89:
         06:38:bd:85:5c:76:85:06:28:1b:f8:57:fa:d1:05:ee:79:55:
         75:1f:b9:f4:64:ce:b2:05:f8:9e:c5:81:03:5f:61:98:0d:58:
         6d:83:93:2f:2d:15:8b:af:b9:60:8e:33:8a:76:6e:90:60:5f:
         27:d4:76:f6:a8:00:9e:5c:9d:98:fd:69:9d:49:08:e3:f5:3f:
         7b:5e:ad:1a
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUA5figbuNDCa2tKCaXPhqPnbv3OAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzE2N2E4YjNhMDFmMDY3MTdkMmFmNjJlMzgwOTA3MjA4
NGMzYWY4ZjQ4OTQ4ZTQwZTIwHhcNMjQwMzA0MDAwMDAwWhcNMjQwNDA4MjM1OTU5
WjB6MUkwRwYDVQQFE0BjZjMzMThhMGVlZWFjYTNmMzhiOGU2ZjE2NWE4MTM2ZDM5
MDNiZjdlZDA1MGRjOWJlZDZjY2JmZDJlMjU0ZTdmMS0wKwYDVQQDEyQ4Zjk1ZTRk
MS1mMTRmLTRkNjEtYWUwMC02N2UwNDdkMmYxMDIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDPc2Qj1OfN+6bopDyx+9nToEjOTbd+dKEmH9T6IbHlfk4H
EDo2GcUbOM04SY9CXeKUxBxPVaE4DVl9hmXEfUIA7c2wt5Oebs4+aU5shipLRDn1
sEmNkv0LK5jqs1JDQ0gJEw58mSwY72x6VHrwHDyQpsigSf0v7BtHQp29kHyKC9cS
QkPObZCljscASzzkZFA9yhQ2Ed+mevkM7Xxw6/AZz99+BHgHk5mAZmsYfbM5AMct
KOpL2uVZJhSDt/cBEkVi3KdiLbjm5rUhd5dyNDNniSZvLfvKQ1vqudVyfe621yLO
6CNU6kRWT46XGXtEfVd+iH/A6Ng1H+FPwiv30myZAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUyNAhxqNBYLUYYLBaHLD+aRYZcW4wHwYDVR0jBBgwFoAUHl8tYvha0oTU
0Ykla4hp6OkRKDgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
Lzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS8wYTNkYjRmZi05
Y2Q4LTRkMDItYTAyNy02ZmE5MDQ5NGEzYTEvYzE2N2E4YjNhMDFmMDY3MTdkMmFm
NjJlMzgwOTA3MjA4NGMzYWY4ZjQ4OTQ4ZTQwZTIuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmYwNTlhMjEtZDQxYi00ODQ2LWI3YWUtN2Vh
MzhjMzJmZDRjL2NhM2I3OTA1LWZjM2UtNDg4Yi05ZjM2LTVmYTM4MmJmMDdjNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJmMDU5YTIxLWQ0MWItNDg0Ni1iN2Fl
LTdlYTM4YzMyZmQ0Yy9Id1p4ZlNyMkxqZ0pCeUNFdzYtUFNKU09RT0kuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBg9A//0wDQYJKoZIhvcNAQELBQADggEBANbtGx9Krrv4vAJQcQpcgwYd
CywMnpQDJzvD4aCEUty91bgpuvtILr8jLs43HRJpi+gT05MPlmK7JVHIYoUc/t6c
qDyPpGhzwIQQ7NdnmC+84UcYGbMeXX+lLNwZkCuEv17CBLUkHvmsOcKKzS1pI5XS
t4sgEzzLRcCdYjudt0ljMOKLRfI5IvUpzKTevvJdLKDqmnpWjLFflHHYrbIr9JS/
LeVkbsUC6NDzjeZ8f4aDF03ViQY4vYVcdoUGKBv4V/rRBe55VXUfufRkzrIF+J7F
gQNfYZgNWG2Dky8tFYuvuWCOM4p2bpBgXyfUdvaoAJ5cnZj9aZ1JCOP1P3terRo=
-----END CERTIFICATE-----
Generated at Thu Mar 28 01:00:38 2024 by rpki-client on console-fra.rpki-client.org