Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/100ca166-7317-4d78-8102-ea1dfe26d0e3.roa
File:                     100ca166-7317-4d78-8102-ea1dfe26d0e3.roa (raw, json)
Hash identifier:          S41okASCntOkEP3dUEPFtDnkseJKPgGDtPzf4b/L3WU=
Subject key identifier:   F0:55:41:AF:D0:C6:B6:31:27:F3:E0:9E:FF:A0:12:F9:EB:66:B1:09
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       3C7F72E12FC369EFC4B70EE174524753CAFD78CB
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/100ca166-7317-4d78-8102-ea1dfe26d0e3.roa
Signing time:             Mon 06 Jan 2025 00:00:00 +0000
ROA not before:           Mon 06 Jan 2025 00:00:00 +0000
ROA not after:            Mon 10 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0f0:551a::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Jan 2025 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:7f:72:e1:2f:c3:69:ef:c4:b7:0e:e1:74:52:47:53:ca:fd:78:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jan  6 00:00:00 2025 GMT
            Not After : Feb 10 23:59:59 2025 GMT
        Subject: serialNumber=161c836bec31e7e8dfdb82df2d82ac7a7d2902bd44a20efa905be333dcae6906, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:bd:73:47:81:48:a8:62:08:b1:7f:8e:01:f5:
                    7e:ad:5c:88:ca:4b:d7:48:9a:12:ba:09:de:dc:11:
                    0e:e0:9f:7d:bf:6b:52:54:0f:6c:73:8e:d0:7c:fc:
                    f2:fe:d9:39:91:f5:52:3c:8e:64:ea:67:42:31:a8:
                    8d:52:c7:cc:b3:0a:a5:24:91:13:8e:5d:84:50:db:
                    2c:75:68:44:ab:c5:fd:d3:dc:22:a2:23:c1:c7:71:
                    ec:73:b2:6a:7a:46:68:c2:d6:2a:4a:b1:ea:c7:f7:
                    ea:ae:3f:fa:5d:65:fd:6d:dc:e1:c0:56:ea:2e:f9:
                    17:f1:3a:8f:87:a4:5a:ab:e2:46:0d:05:0e:7f:36:
                    92:5d:1a:be:f3:70:7f:ea:50:75:22:43:dc:8e:63:
                    33:fd:1f:fc:1e:cb:5f:97:bd:8c:87:7b:a6:31:7d:
                    79:12:b6:cb:f8:23:c9:4b:e2:11:63:60:f5:be:5a:
                    b0:19:ce:e3:32:93:5f:45:f6:f5:a7:9f:d8:05:5a:
                    ab:9d:af:a9:fa:14:eb:9f:0d:67:3f:72:20:1f:64:
                    5d:07:5e:e5:d8:81:2f:5e:30:65:36:bf:74:14:e3:
                    26:b6:bb:83:46:a6:8f:10:42:f2:e8:4b:5f:ca:f8:
                    f0:24:90:a2:8d:05:f9:31:0d:19:9b:44:16:3a:22:
                    8a:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:55:41:AF:D0:C6:B6:31:27:F3:E0:9E:FF:A0:12:F9:EB:66:B1:09
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/100ca166-7317-4d78-8102-ea1dfe26d0e3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:551a::/48

    Signature Algorithm: sha256WithRSAEncryption
         8e:28:2f:89:5b:72:74:3b:20:27:f1:6c:49:5b:62:8e:da:3b:
         73:35:31:7c:8d:ef:f8:61:cd:d5:b8:86:d3:3e:7f:18:fa:fe:
         85:9d:8a:ee:d2:17:58:85:05:ec:5d:66:a9:d7:27:d5:d3:a6:
         c0:9d:ba:4c:77:b9:60:e7:d4:d7:9f:65:44:3e:88:5d:45:a3:
         74:60:e1:cc:52:d2:00:1e:95:6e:e4:57:d0:2c:88:4c:c0:e2:
         13:8c:64:7c:7a:62:87:e1:b3:fa:65:2b:b1:8b:e2:6a:30:71:
         42:69:d2:c4:07:43:c8:57:18:68:db:7e:bb:91:bd:5b:78:11:
         c4:be:29:94:31:16:af:32:b8:f5:43:8e:1a:8c:f7:d7:6d:d0:
         af:40:9d:52:3b:dd:37:8d:e8:29:3e:bb:09:f2:9b:50:00:98:
         47:a0:4e:50:32:6a:2e:6e:d3:0a:27:05:82:67:cb:a8:20:e5:
         fd:74:03:d3:74:0a:88:06:50:08:b0:5e:97:0e:07:32:27:a0:
         99:3b:db:f4:b3:e3:20:b4:e2:d2:54:5e:42:89:a3:86:41:f1:
         97:ee:34:d6:e2:44:5c:aa:39:0f:12:39:53:d5:14:a8:83:05:
         15:ba:0c:36:d1:4e:57:31:a1:fb:5e:0a:83:6b:4a:bf:eb:32:
         64:46:c2:b6
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUPH9y4S/Dae/Etw7hdFJHU8r9eMswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTA2MDAwMDAwWhcNMjUwMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AxNjFjODM2YmVjMzFlN2U4ZGZkYjgyZGYyZDgyYWM3YTdk
MjkwMmJkNDRhMjBlZmE5MDViZTMzM2RjYWU2OTA2MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDDvXNHgUioYgixf44B9X6tXIjKS9dImhK6Cd7cEQ7gn32/
a1JUD2xzjtB8/PL+2TmR9VI8jmTqZ0IxqI1Sx8yzCqUkkROOXYRQ2yx1aESrxf3T
3CKiI8HHcexzsmp6RmjC1ipKserH9+quP/pdZf1t3OHAVuou+RfxOo+HpFqr4kYN
BQ5/NpJdGr7zcH/qUHUiQ9yOYzP9H/wey1+XvYyHe6YxfXkStsv4I8lL4hFjYPW+
WrAZzuMyk19F9vWnn9gFWqudr6n6FOufDWc/ciAfZF0HXuXYgS9eMGU2v3QU4ya2
u4NGpo8QQvLoS1/K+PAkkKKNBfkxDRmbRBY6IophAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU8FVBr9DGtjEn8+Ce/6AS+etmsQkwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzEwMGNhMTY2LTczMTctNGQ3OC04MTAyLWVhMWRmZTI2ZDBlMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVRowDQYJKoZIhvcNAQELBQADggEBAI4oL4lbcnQ7ICfxbElbYo7a
O3M1MXyN7/hhzdW4htM+fxj6/oWdiu7SF1iFBexdZqnXJ9XTpsCdukx3uWDn1Nef
ZUQ+iF1Fo3Rg4cxS0gAelW7kV9AsiEzA4hOMZHx6Yofhs/plK7GL4mowcUJp0sQH
Q8hXGGjbfruRvVt4EcS+KZQxFq8yuPVDjhqM99dt0K9AnVI73TeN6Ck+uwnym1AA
mEegTlAyai5u0wonBYJny6gg5f10A9N0CogGUAiwXpcOBzInoJk72/Sz4yC04tJU
XkKJo4ZB8ZfuNNbiRFyqOQ8SOVPVFKiDBRW6DDbRTlcxofteCoNrSr/rMmRGwrY=
-----END CERTIFICATE-----
Generated at Fri Jan 17 21:21:57 2025 by rpki-client on console-ams.rpki-client.org