Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/5ae357e1-ef95-4f5f-a6c3-8ad4f4fa3014.roa
File:                     5ae357e1-ef95-4f5f-a6c3-8ad4f4fa3014.roa (raw, json)
Hash identifier:          wVuTL68hV3fNxSJt71vXUtcBShJhcMoNICKSGqUnT7o=
Subject key identifier:   27:03:FC:34:C1:1F:24:B4:D0:6D:0F:9D:1A:04:0A:DC:02:3A:55:16
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       4A4044112755CF902253B2AEDB39036DB2C64A12
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/5ae357e1-ef95-4f5f-a6c3-8ad4f4fa3014.roa
Signing time:             Mon 06 Jan 2025 00:00:00 +0000
ROA not before:           Mon 06 Jan 2025 00:00:00 +0000
ROA not after:            Mon 10 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:551a::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Jan 2025 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:40:44:11:27:55:cf:90:22:53:b2:ae:db:39:03:6d:b2:c6:4a:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jan  6 00:00:00 2025 GMT
            Not After : Feb 10 23:59:59 2025 GMT
        Subject: serialNumber=675ae33c97a67d084ab7461b8bf24fda5cb720ca8313a00b5e236ad9f08ca3f8, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:11:99:a4:f5:f2:7e:bc:af:1a:6d:1b:24:83:
                    72:92:f6:07:8d:fa:09:b6:6c:3c:8d:cb:77:38:6b:
                    55:84:c8:5d:80:32:1c:11:36:fc:33:3c:59:ec:c3:
                    ed:4b:d5:61:60:69:0f:2f:cc:61:97:62:f2:6d:53:
                    9d:ef:1b:1f:18:79:b2:5c:c7:26:70:41:98:5b:cb:
                    3a:a8:05:8f:ca:54:4c:af:5e:6c:f5:76:2f:bd:d3:
                    9b:e9:2c:84:21:a1:35:f6:98:fb:7a:f9:84:2d:9b:
                    9f:62:1c:e6:33:45:d0:63:87:e5:98:a3:be:d4:6d:
                    32:d4:22:92:d3:d6:56:1e:36:38:f8:a5:d2:9a:91:
                    c8:39:7c:2e:82:a6:ed:91:9c:ef:0e:3c:e5:71:e2:
                    ea:f5:ca:68:dc:9b:bd:88:d2:65:b4:6f:23:09:e2:
                    27:42:21:80:10:e1:a2:36:b3:96:e8:3f:6d:eb:ad:
                    6f:fc:56:31:87:ca:b3:59:5c:c3:90:41:cd:78:f2:
                    d1:56:df:26:52:0b:b6:6f:94:d3:21:ec:41:6d:c9:
                    dd:ed:22:a1:9a:e7:65:2c:84:1d:d9:00:73:8d:0f:
                    81:c2:ca:09:06:99:c3:8d:27:de:5b:58:b9:2a:2f:
                    d0:8c:fa:30:d7:3a:08:f7:51:7a:35:84:c4:61:7f:
                    e4:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:03:FC:34:C1:1F:24:B4:D0:6D:0F:9D:1A:04:0A:DC:02:3A:55:16
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/5ae357e1-ef95-4f5f-a6c3-8ad4f4fa3014.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:551a::/48

    Signature Algorithm: sha256WithRSAEncryption
         5f:2c:64:c3:7a:23:27:2d:e9:26:fc:ef:10:e7:11:05:e5:23:
         1d:1e:8f:d2:78:ac:5b:b8:08:c3:51:f4:43:2a:65:67:f3:4e:
         12:33:81:09:95:43:b1:0b:9b:ef:75:aa:a0:31:0d:cf:ae:62:
         89:99:c0:8f:14:d2:50:96:a3:65:3d:f9:c2:73:2d:32:2d:42:
         e1:5d:95:51:27:ed:c8:80:cb:85:36:43:9f:88:cd:df:e3:f2:
         d7:46:e0:98:e9:86:15:01:18:3f:41:5e:19:1d:e0:e4:c0:b1:
         ed:c6:a5:34:f0:7d:be:2e:ab:4d:eb:2d:57:d7:5a:6d:b9:4f:
         12:91:a2:14:6e:f4:65:c4:78:fe:33:47:fa:cd:23:79:30:20:
         30:ad:db:c6:e4:69:1a:fa:cc:23:36:13:de:c8:2b:70:07:12:
         7b:96:3f:50:1e:63:a2:53:eb:df:84:e3:24:00:08:89:7f:ac:
         e4:9e:e2:25:b5:76:62:f8:58:03:18:10:5a:f0:b8:3c:09:8f:
         e3:03:e6:2d:ff:18:cd:7c:dd:fe:e1:7d:57:e1:e6:5d:c4:83:
         31:23:c8:b7:88:60:75:e1:c3:24:8b:87:38:62:92:fb:b9:d9:
         d7:76:70:9c:c7:c6:16:16:48:61:f6:93:d9:c4:54:0d:d1:57:
         ff:51:b8:cd
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUSkBEESdVz5AiU7Ku2zkDbbLGShIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTA2MDAwMDAwWhcNMjUwMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A2NzVhZTMzYzk3YTY3ZDA4NGFiNzQ2MWI4YmYyNGZkYTVj
YjcyMGNhODMxM2EwMGI1ZTIzNmFkOWYwOGNhM2Y4MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDMEZmk9fJ+vK8abRskg3KS9geN+gm2bDyNy3c4a1WEyF2A
MhwRNvwzPFnsw+1L1WFgaQ8vzGGXYvJtU53vGx8YebJcxyZwQZhbyzqoBY/KVEyv
Xmz1di+905vpLIQhoTX2mPt6+YQtm59iHOYzRdBjh+WYo77UbTLUIpLT1lYeNjj4
pdKakcg5fC6Cpu2RnO8OPOVx4ur1ymjcm72I0mW0byMJ4idCIYAQ4aI2s5boP23r
rW/8VjGHyrNZXMOQQc148tFW3yZSC7ZvlNMh7EFtyd3tIqGa52UshB3ZAHOND4HC
ygkGmcONJ95bWLkqL9CM+jDXOgj3UXo1hMRhf+QHAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUJwP8NMEfJLTQbQ+dGgQK3AI6VRYwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzVhZTM1N2UxLWVmOTUtNGY1Zi1hNmMzLThhZDRmNGZhMzAxNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVRowDQYJKoZIhvcNAQELBQADggEBAF8sZMN6Iyct6Sb87xDnEQXl
Ix0ej9J4rFu4CMNR9EMqZWfzThIzgQmVQ7ELm+91qqAxDc+uYomZwI8U0lCWo2U9
+cJzLTItQuFdlVEn7ciAy4U2Q5+Izd/j8tdG4JjphhUBGD9BXhkd4OTAse3GpTTw
fb4uq03rLVfXWm25TxKRohRu9GXEeP4zR/rNI3kwIDCt28bkaRr6zCM2E97IK3AH
EnuWP1AeY6JT69+E4yQACIl/rOSe4iW1dmL4WAMYEFrwuDwJj+MD5i3/GM183f7h
fVfh5l3EgzEjyLeIYHXhwySLhzhikvu52dd2cJzHxhYWSGH2k9nEVA3RV/9RuM0=
-----END CERTIFICATE-----
Generated at Sat Jan 18 04:39:47 2025 by rpki-client on console-ams.rpki-client.org