Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/1ad26571-c674-4a73-b205-77cb32fe83bd.roa
File:                     1ad26571-c674-4a73-b205-77cb32fe83bd.roa (raw, json)
Hash identifier:          2w7c2Mux6FDO64grYhzoWB8AhUBKcc0SI8nrLUZ2dd0=
Subject key identifier:   85:36:5A:0D:54:D1:6C:5D:C9:71:F5:64:38:A2:E4:15:38:8B:3F:81
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       7CD634D7D77AB52B330D6C926396E5B6F00691B1
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/1ad26571-c674-4a73-b205-77cb32fe83bd.roa
Signing time:             Mon 06 Jan 2025 00:00:00 +0000
ROA not before:           Mon 06 Jan 2025 00:00:00 +0000
ROA not after:            Mon 10 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:10::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Jan 2025 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:d6:34:d7:d7:7a:b5:2b:33:0d:6c:92:63:96:e5:b6:f0:06:91:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jan  6 00:00:00 2025 GMT
            Not After : Feb 10 23:59:59 2025 GMT
        Subject: serialNumber=21c10918fbb5504ccede4d28aacbc668dc5bd737a1a51e57d8f673897e8b1d1b, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:d5:af:ca:6a:ac:e7:42:e6:b2:c4:ac:58:0e:
                    92:39:88:30:eb:27:50:9d:1a:c0:28:12:a0:f7:96:
                    1a:03:73:4e:5f:a7:9f:d9:bf:a0:34:dc:96:4c:75:
                    42:67:f8:22:49:6d:17:b8:dd:e2:23:27:09:d5:e3:
                    4f:72:0f:7f:21:3a:91:63:51:bc:ec:36:24:e6:b8:
                    42:7d:ac:d7:c8:36:bb:71:76:b8:27:3e:df:78:05:
                    79:6f:c0:c1:e8:d5:82:da:4d:f5:c7:df:30:ea:21:
                    38:39:7d:58:98:23:8a:1a:03:76:b4:9a:e6:ae:b8:
                    a0:df:8e:9c:bd:f1:19:81:45:f7:7f:d7:d5:8d:ca:
                    12:ff:b8:44:ea:01:43:e0:c2:a4:00:72:d8:e7:3a:
                    43:3d:56:78:2e:a5:fb:f6:68:94:92:ce:d6:7a:20:
                    ae:d8:00:ab:72:38:ed:ff:0b:41:32:f6:d8:b4:b9:
                    1e:74:11:90:63:6e:c5:e3:08:a7:bd:73:ea:e0:61:
                    23:68:ec:7f:3a:46:52:cd:1d:eb:3b:ad:7f:23:40:
                    a7:d8:ad:08:4e:1b:80:00:cd:9d:f7:4d:ad:ca:6c:
                    98:52:4e:6e:81:0d:f3:5b:5c:15:88:7c:e0:8a:c7:
                    e5:df:ff:12:c2:34:8a:84:f7:f9:1e:01:d8:f1:ed:
                    fb:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:36:5A:0D:54:D1:6C:5D:C9:71:F5:64:38:A2:E4:15:38:8B:3F:81
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/1ad26571-c674-4a73-b205-77cb32fe83bd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:10::/48

    Signature Algorithm: sha256WithRSAEncryption
         30:9c:a9:14:79:f3:b1:3b:25:33:dc:d7:aa:5b:e4:49:80:da:
         5c:45:1d:d9:b5:bd:91:6f:03:a6:a9:ac:29:b4:e6:78:3c:dc:
         80:f8:7d:51:c2:c8:50:ca:11:fc:43:86:14:82:63:d9:69:39:
         e0:f4:0a:02:6a:aa:19:77:5a:c9:82:9e:d5:5f:9b:76:34:b9:
         10:8a:5a:e2:87:e6:b3:27:57:55:66:fd:c7:78:ff:26:ec:73:
         88:2d:9a:80:3a:71:7c:6c:9a:60:b0:05:c6:cc:f7:9b:00:be:
         82:f3:f3:b9:0e:f7:ee:c0:07:fb:d8:18:7c:24:e6:ce:2a:ec:
         71:b6:c0:27:85:1d:96:ee:4a:d8:0d:28:d4:a3:95:f9:2d:21:
         15:f4:d2:87:55:ef:20:4f:c3:2c:7d:29:fc:76:9d:76:25:f3:
         03:73:62:c0:b7:6b:d6:61:5f:90:02:0c:12:34:85:cb:46:0b:
         35:9b:81:f0:b9:fc:ba:97:18:a4:8c:f4:e6:33:ac:1b:50:37:
         fe:54:ec:9b:98:92:fd:9d:d9:46:a7:f7:49:77:26:a3:2d:09:
         5e:8d:39:ec:9e:75:34:72:06:0e:15:d1:e1:c1:dc:7a:ec:27:
         8d:43:e9:91:4b:6f:4e:b7:7c:1a:d7:c8:78:d1:bf:4c:f9:b0:
         4f:d8:86:ca
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUfNY019d6tSszDWySY5bltvAGkbEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTA2MDAwMDAwWhcNMjUwMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AyMWMxMDkxOGZiYjU1MDRjY2VkZTRkMjhhYWNiYzY2OGRj
NWJkNzM3YTFhNTFlNTdkOGY2NzM4OTdlOGIxZDFiMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCk1a/KaqznQuayxKxYDpI5iDDrJ1CdGsAoEqD3lhoDc05f
p5/Zv6A03JZMdUJn+CJJbRe43eIjJwnV409yD38hOpFjUbzsNiTmuEJ9rNfINrtx
drgnPt94BXlvwMHo1YLaTfXH3zDqITg5fViYI4oaA3a0muauuKDfjpy98RmBRfd/
19WNyhL/uETqAUPgwqQActjnOkM9Vngupfv2aJSSztZ6IK7YAKtyOO3/C0Ey9ti0
uR50EZBjbsXjCKe9c+rgYSNo7H86RlLNHes7rX8jQKfYrQhOG4AAzZ33Ta3KbJhS
Tm6BDfNbXBWIfOCKx+Xf/xLCNIqE9/keAdjx7ftnAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUhTZaDVTRbF3JcfVkOKLkFTiLP4EwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzFhZDI2NTcxLWM2NzQtNGE3My1iMjA1LTc3Y2IzMmZlODNiZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwABAwDQYJKoZIhvcNAQELBQADggEBADCcqRR587E7JTPc16pb5EmA
2lxFHdm1vZFvA6aprCm05ng83ID4fVHCyFDKEfxDhhSCY9lpOeD0CgJqqhl3WsmC
ntVfm3Y0uRCKWuKH5rMnV1Vm/cd4/ybsc4gtmoA6cXxsmmCwBcbM95sAvoLz87kO
9+7AB/vYGHwk5s4q7HG2wCeFHZbuStgNKNSjlfktIRX00odV7yBPwyx9Kfx2nXYl
8wNzYsC3a9ZhX5ACDBI0hctGCzWbgfC5/LqXGKSM9OYzrBtQN/5U7JuYkv2d2Uan
90l3JqMtCV6NOeyedTRyBg4V0eHB3HrsJ41D6ZFLb063fBrXyHjRv0z5sE/Yhso=
-----END CERTIFICATE-----
Generated at Sat Jan 18 02:06:47 2025 by rpki-client on console-fra.rpki-client.org