Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/03b59a1e-6268-4607-a6c1-69e6de80cf4a.roa
File:                     03b59a1e-6268-4607-a6c1-69e6de80cf4a.roa (raw, json)
Hash identifier:          o9z0Xft9BPnDB83qhK4cuTcZTyJqVP6NX3yd/++MhK4=
Subject key identifier:   09:A9:CA:F2:BC:DB:76:A7:70:C3:1A:8C:1E:EE:36:8B:A6:68:66:62
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       6D560176C2C7488585AD68671A09DF977D36A988
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/03b59a1e-6268-4607-a6c1-69e6de80cf4a.roa
Signing time:             Mon 06 Jan 2025 00:00:00 +0000
ROA not before:           Mon 06 Jan 2025 00:00:00 +0000
ROA not after:            Mon 10 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:551d::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Jan 2025 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:56:01:76:c2:c7:48:85:85:ad:68:67:1a:09:df:97:7d:36:a9:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jan  6 00:00:00 2025 GMT
            Not After : Feb 10 23:59:59 2025 GMT
        Subject: serialNumber=98603037013f3bc2586270c7dc9dcdcf8178c9b0e04b39e17009263f93bef3aa, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:f3:67:e4:93:af:32:2f:5c:14:31:08:93:5e:
                    81:bd:23:e9:4a:b3:f9:69:e2:f8:d5:c2:57:0a:cb:
                    e1:d8:69:1c:1c:91:f0:87:90:1c:77:ce:b0:2a:7b:
                    42:d8:12:2c:0e:73:c2:d4:87:9a:04:b7:47:bf:e0:
                    82:d8:01:bc:18:e8:79:fd:05:f0:ea:42:a7:84:ce:
                    3d:ab:76:59:6f:86:58:c6:28:00:79:9d:03:f4:20:
                    04:b8:c6:ad:40:ef:cb:e0:1e:9d:4a:0c:90:c3:43:
                    d7:a4:3a:00:49:ba:64:9a:32:fc:5a:2e:6d:79:bf:
                    ed:e8:81:50:69:0f:be:3e:2b:f2:12:57:e7:0a:b3:
                    11:4b:62:4b:07:48:3a:0d:c4:27:91:97:d3:f8:b1:
                    b0:8e:d6:67:9e:9c:01:ed:c4:f7:97:80:67:e9:0e:
                    df:19:5a:9c:46:8b:86:bd:8b:3a:e6:52:cc:29:44:
                    79:39:3c:da:bd:cc:ca:43:7c:d6:fe:ee:22:69:57:
                    e7:10:24:dd:2b:d7:5e:e1:a0:ec:dd:b7:09:76:e7:
                    c1:5e:a8:60:71:3b:b4:e3:5b:19:b3:79:9c:bb:06:
                    a7:e9:4a:50:47:ad:ea:72:52:22:bb:71:b8:55:de:
                    78:ba:ee:de:15:a7:b9:f2:4a:d0:09:46:db:4b:b1:
                    cb:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:A9:CA:F2:BC:DB:76:A7:70:C3:1A:8C:1E:EE:36:8B:A6:68:66:62
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/03b59a1e-6268-4607-a6c1-69e6de80cf4a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:551d::/48

    Signature Algorithm: sha256WithRSAEncryption
         03:ae:a3:19:19:53:05:42:f8:8f:27:66:ae:25:09:4b:d7:ff:
         ec:22:93:ac:4d:65:03:97:07:07:a5:e2:37:23:68:3e:52:a7:
         84:96:af:15:65:a3:21:92:04:9f:65:28:c7:3a:1b:db:5e:70:
         aa:37:e2:01:ba:84:98:83:f2:1d:32:0b:3f:8e:6b:e1:5d:e8:
         9e:2e:0f:a8:3c:5a:d1:8e:c7:5e:61:71:35:99:16:c1:e9:d0:
         2d:c9:d1:3e:2a:71:e5:fa:b7:cf:78:4c:b3:c8:5f:dd:34:78:
         2a:d4:df:3a:e7:d8:e2:20:cb:f8:fb:f2:28:0c:a7:e1:00:6f:
         88:4f:4a:45:41:a8:22:bc:60:cb:e7:c8:03:44:d4:ec:9a:32:
         c7:c2:71:d2:37:b8:d8:9f:12:7d:5d:4a:e0:30:0b:9f:de:c2:
         f5:c3:87:06:93:d5:95:57:d5:74:e4:d4:09:f3:96:db:ac:68:
         97:5b:d9:86:a2:f8:30:93:a1:3d:00:eb:01:f1:09:40:9a:5b:
         85:eb:42:c5:16:2d:fd:74:4b:3c:eb:43:53:65:9d:cb:d4:08:
         09:74:1e:57:81:f9:d3:6c:f1:d6:50:87:a3:ba:df:71:c4:ad:
         c1:20:2c:2c:32:ae:54:24:46:e4:2d:1b:1d:bf:7e:27:8f:8e:
         d8:80:30:50
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUbVYBdsLHSIWFrWhnGgnfl302qYgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTA2MDAwMDAwWhcNMjUwMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A5ODYwMzAzNzAxM2YzYmMyNTg2MjcwYzdkYzlkY2RjZjgx
NzhjOWIwZTA0YjM5ZTE3MDA5MjYzZjkzYmVmM2FhMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDb82fkk68yL1wUMQiTXoG9I+lKs/lp4vjVwlcKy+HYaRwc
kfCHkBx3zrAqe0LYEiwOc8LUh5oEt0e/4ILYAbwY6Hn9BfDqQqeEzj2rdllvhljG
KAB5nQP0IAS4xq1A78vgHp1KDJDDQ9ekOgBJumSaMvxaLm15v+3ogVBpD74+K/IS
V+cKsxFLYksHSDoNxCeRl9P4sbCO1meenAHtxPeXgGfpDt8ZWpxGi4a9izrmUswp
RHk5PNq9zMpDfNb+7iJpV+cQJN0r117hoOzdtwl258FeqGBxO7TjWxmzeZy7Bqfp
SlBHrepyUiK7cbhV3ni67t4Vp7nyStAJRttLsctPAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUCanK8rzbdqdwwxqMHu42i6ZoZmIwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzAzYjU5YTFlLTYyNjgtNDYwNy1hNmMxLTY5ZTZkZTgwY2Y0YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVR0wDQYJKoZIhvcNAQELBQADggEBAAOuoxkZUwVC+I8nZq4lCUvX
/+wik6xNZQOXBwel4jcjaD5Sp4SWrxVloyGSBJ9lKMc6G9tecKo34gG6hJiD8h0y
Cz+Oa+Fd6J4uD6g8WtGOx15hcTWZFsHp0C3J0T4qceX6t894TLPIX900eCrU3zrn
2OIgy/j78igMp+EAb4hPSkVBqCK8YMvnyANE1OyaMsfCcdI3uNifEn1dSuAwC5/e
wvXDhwaT1ZVX1XTk1AnzltusaJdb2Yai+DCToT0A6wHxCUCaW4XrQsUWLf10Szzr
Q1NlncvUCAl0HleB+dNs8dZQh6O633HErcEgLCwyrlQkRuQtGx2/fiePjtiAMFA=
-----END CERTIFICATE-----
Generated at Sat Jan 18 02:06:47 2025 by rpki-client on console-fra.rpki-client.org