Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/14518d87-9a80-47da-80c6-efeb62f0643b.roa
File:                     14518d87-9a80-47da-80c6-efeb62f0643b.roa (raw, json)
Hash identifier:          eajK+YsnEtRMHJ0uYSXRXTm6Me9W3kV8zHZYDrCk31M=
Subject key identifier:   49:E8:63:3D:2A:C1:CA:E9:39:83:E9:EC:00:FB:29:28:55:B2:29:7C
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       5DF92B7546B1557B48106E0A96F1B64AE71A3399
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/14518d87-9a80-47da-80c6-efeb62f0643b.roa
Signing time:             Mon 06 Jan 2025 00:00:00 +0000
ROA not before:           Mon 06 Jan 2025 00:00:00 +0000
ROA not after:            Mon 10 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:3::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Jan 2025 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:f9:2b:75:46:b1:55:7b:48:10:6e:0a:96:f1:b6:4a:e7:1a:33:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jan  6 00:00:00 2025 GMT
            Not After : Feb 10 23:59:59 2025 GMT
        Subject: serialNumber=b47a454d8625ef69e72db25de48bf249072617e26732c02cbce1b4e14624d28f, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:f8:c9:d4:80:84:79:e5:00:8e:d3:cc:ed:f6:
                    34:95:39:34:0b:36:cf:07:2e:d9:7f:1e:e2:93:d0:
                    1d:07:82:a8:b5:9c:07:7c:d2:62:93:84:75:fd:48:
                    30:5b:41:13:98:23:54:8c:3e:54:a4:1e:e2:23:91:
                    70:a1:78:47:8c:9c:80:16:aa:e9:37:75:f6:f8:da:
                    02:71:d9:c4:dd:62:ab:c9:e3:a0:b2:57:fb:88:51:
                    14:30:b5:1b:79:dc:9c:ce:4a:47:ef:04:1b:72:4c:
                    96:2c:fe:2d:7e:54:5e:bf:9d:ea:0b:8e:9e:29:be:
                    3b:d5:a5:05:ba:59:f1:1d:4b:52:e4:74:a0:fa:14:
                    9e:1c:c8:60:e9:bd:f5:3c:8f:e4:e3:dc:e4:f5:09:
                    ab:a7:ef:cd:a8:fc:0a:10:53:00:82:fa:1f:7c:d9:
                    43:91:bb:a7:5d:3e:61:27:91:90:e7:bf:f5:9f:c0:
                    e7:8e:43:1d:c3:5e:67:73:99:f2:3c:f8:ac:63:6a:
                    01:80:73:6f:ec:4d:3e:10:bc:42:0d:23:d5:fe:9b:
                    a8:ca:93:b6:83:75:35:f4:cb:b8:fb:95:ce:47:43:
                    4b:e7:0f:d3:d7:9c:dc:7e:f0:04:1f:53:0d:b4:95:
                    b1:fc:1e:60:fe:4b:c4:6c:35:fa:bd:d5:f7:b3:4a:
                    ca:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:E8:63:3D:2A:C1:CA:E9:39:83:E9:EC:00:FB:29:28:55:B2:29:7C
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/14518d87-9a80-47da-80c6-efeb62f0643b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:3::/48

    Signature Algorithm: sha256WithRSAEncryption
         77:cb:a7:bf:10:73:c5:c7:ac:77:ee:0d:9b:db:f7:d0:3f:a6:
         f4:db:21:19:68:80:6b:36:2b:c9:6c:bb:c3:61:44:b0:b0:fd:
         06:f0:21:07:96:b8:73:c0:f8:4a:52:66:5c:74:d6:4c:9b:52:
         ee:4d:15:ba:2c:8b:b6:0d:fb:81:51:2b:55:9e:72:b1:36:b5:
         27:79:15:5c:c6:dd:25:01:7c:b8:4b:f9:2c:2d:6b:75:f0:67:
         c7:97:f5:77:c0:10:bf:6b:06:a0:cb:06:34:f6:f3:7c:b6:bc:
         e3:86:3e:68:6d:60:29:ee:ae:e6:54:3d:f1:3d:2c:99:41:c3:
         a8:5a:22:72:94:79:a5:73:9c:41:b1:bf:bb:53:26:1e:4d:5c:
         d3:21:f9:d0:78:f1:59:71:f4:2e:85:13:12:f8:f3:90:b0:f1:
         79:69:be:e6:2e:a6:53:9f:02:3c:f5:23:9f:ea:6a:ec:5b:d9:
         a0:be:0f:41:a6:c6:e2:2d:46:fd:e3:16:72:0b:40:dc:46:b5:
         67:1a:f0:af:0d:88:a2:f3:67:ff:79:2a:4d:68:dd:c8:50:27:
         a1:1d:e2:66:ef:2e:91:da:c6:4b:e6:b6:51:36:6d:e4:35:22:
         fc:0c:f5:86:23:af:e9:07:ea:f4:ec:b9:20:85:db:89:3f:e3:
         ac:fa:86:12
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUXfkrdUaxVXtIEG4KlvG2SucaM5kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTA2MDAwMDAwWhcNMjUwMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BiNDdhNDU0ZDg2MjVlZjY5ZTcyZGIyNWRlNDhiZjI0OTA3
MjYxN2UyNjczMmMwMmNiY2UxYjRlMTQ2MjRkMjhmMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCo+MnUgIR55QCO08zt9jSVOTQLNs8HLtl/HuKT0B0Hgqi1
nAd80mKThHX9SDBbQROYI1SMPlSkHuIjkXCheEeMnIAWquk3dfb42gJx2cTdYqvJ
46CyV/uIURQwtRt53JzOSkfvBBtyTJYs/i1+VF6/neoLjp4pvjvVpQW6WfEdS1Lk
dKD6FJ4cyGDpvfU8j+Tj3OT1Caun782o/AoQUwCC+h982UORu6ddPmEnkZDnv/Wf
wOeOQx3DXmdzmfI8+KxjagGAc2/sTT4QvEINI9X+m6jKk7aDdTX0y7j7lc5HQ0vn
D9PXnNx+8AQfUw20lbH8HmD+S8RsNfq91fezSsrpAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUSehjPSrByuk5g+nsAPspKFWyKXwwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzE0NTE4ZDg3LTlhODAtNDdkYS04MGM2LWVmZWI2MmYwNjQzYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwAAMwDQYJKoZIhvcNAQELBQADggEBAHfLp78Qc8XHrHfuDZvb99A/
pvTbIRlogGs2K8lsu8NhRLCw/QbwIQeWuHPA+EpSZlx01kybUu5NFbosi7YN+4FR
K1WecrE2tSd5FVzG3SUBfLhL+Swta3XwZ8eX9XfAEL9rBqDLBjT283y2vOOGPmht
YCnuruZUPfE9LJlBw6haInKUeaVznEGxv7tTJh5NXNMh+dB48Vlx9C6FExL485Cw
8XlpvuYuplOfAjz1I5/qauxb2aC+D0GmxuItRv3jFnILQNxGtWca8K8NiKLzZ/95
Kk1o3chQJ6Ed4mbvLpHaxkvmtlE2beQ1IvwM9YYjr+kH6vTsuSCF24k/46z6hhI=
-----END CERTIFICATE-----
Generated at Sat Jan 18 04:39:47 2025 by rpki-client on console-ams.rpki-client.org