Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/7fef00dc-1a9a-497c-b857-792da38e532f.roa
File:                     7fef00dc-1a9a-497c-b857-792da38e532f.roa (raw, json)
Hash identifier:          /7WwPyNJ4PQ+Gmq6+xjHirwqP8gDodWr737UlUudVsU=
Subject key identifier:   52:2F:AC:C0:1E:12:F6:40:8E:51:C7:6A:F9:69:CC:8F:1D:F1:6A:14
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       73D7ED3FA0E391B34C25156C6E2B1D83D70F903A
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/7fef00dc-1a9a-497c-b857-792da38e532f.roa
Signing time:             Sat 18 Jan 2025 00:00:00 +0000
ROA not before:           Sat 18 Jan 2025 00:00:00 +0000
ROA not after:            Sat 22 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:5500::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Jan 2025 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:d7:ed:3f:a0:e3:91:b3:4c:25:15:6c:6e:2b:1d:83:d7:0f:90:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jan 18 00:00:00 2025 GMT
            Not After : Feb 22 23:59:59 2025 GMT
        Subject: serialNumber=8f3fbf3ebe6032a9b37bdfd77f06ec5b1d881b2c7c1c9a29b3c0770eb395cb8e, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:f7:5a:6d:18:18:dc:98:0b:9f:07:44:c1:5f:
                    94:31:8a:b5:92:c5:30:23:f1:ef:bf:d2:8d:9a:83:
                    e0:89:70:09:6e:31:97:1c:d8:55:b7:f7:98:7c:59:
                    a4:59:71:d1:23:9d:37:b5:00:c1:5e:b3:2f:ee:11:
                    be:5e:20:b8:62:37:c8:10:b3:64:4a:82:6b:42:0f:
                    3b:90:bd:d6:bc:a5:5e:73:a4:30:85:47:20:84:15:
                    6a:d3:25:8f:44:be:09:1b:77:47:85:47:93:d1:1f:
                    ed:eb:1f:45:59:c0:2b:b4:74:d0:f9:f8:1c:cf:e6:
                    d8:53:d8:42:36:a9:42:61:69:d4:1d:7a:dc:8d:8e:
                    25:a6:10:a7:53:09:40:0a:d3:53:a4:76:25:3d:0e:
                    f4:88:79:61:ca:4a:a7:04:23:23:84:bb:0a:8e:6f:
                    2b:82:5d:c6:6e:91:ff:ec:d2:a7:55:a5:78:11:f1:
                    bb:de:61:02:3f:ab:ec:0f:3b:6f:98:80:86:f6:d9:
                    3f:b3:a8:8a:3f:03:24:b9:1f:a8:f8:87:df:90:98:
                    b4:44:0b:fd:da:81:6b:5e:33:9e:ee:97:fe:bb:89:
                    2d:df:7f:26:e7:6b:3c:6e:52:9d:7b:70:4d:9b:5f:
                    26:c6:6d:b6:f2:10:ad:9b:21:1d:5e:b9:dd:cf:0c:
                    8c:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:2F:AC:C0:1E:12:F6:40:8E:51:C7:6A:F9:69:CC:8F:1D:F1:6A:14
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/7fef00dc-1a9a-497c-b857-792da38e532f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:5500::/48

    Signature Algorithm: sha256WithRSAEncryption
         52:64:1f:59:56:41:54:5e:83:e3:b0:73:f3:17:0a:69:0f:05:
         9d:61:9c:7e:71:e9:43:11:2d:1a:1d:a5:26:21:0d:a8:c5:67:
         e4:9c:e6:05:6d:6e:8f:c9:a1:3d:12:7e:17:6f:14:87:bb:0b:
         b1:c3:01:70:2d:37:84:a1:85:0c:88:64:ab:f9:1c:cd:83:1b:
         52:72:e8:2e:c5:2a:2b:b5:5e:9d:90:8a:8f:f7:71:bc:70:0e:
         7d:e7:0e:13:3b:3f:fa:bc:59:d0:2e:65:49:fe:6e:99:d1:12:
         10:65:b0:4f:75:df:34:af:fe:01:9d:06:df:bf:d9:0c:b2:68:
         1e:ff:e7:d5:16:08:3d:23:ca:1a:3e:cf:81:8b:5c:5a:00:e6:
         64:a4:d1:9e:4d:50:2c:6f:a4:3b:0b:35:93:62:b1:20:c4:23:
         f3:d3:11:e2:27:f8:63:7a:75:f7:a5:c2:4d:a9:ac:b6:52:3c:
         b8:81:20:e8:79:77:57:c1:f5:13:70:81:23:34:b5:4b:5e:e2:
         c2:1c:59:07:86:39:ff:7d:d7:d7:d6:cd:be:f1:69:75:a3:93:
         1b:53:c2:a6:18:9e:8f:79:bb:bc:18:82:14:bc:48:8c:d5:d3:
         da:91:f3:c1:92:91:f8:e1:66:fa:c5:41:d7:2e:1d:2b:44:73:
         8c:79:8b:8d
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUc9ftP6DjkbNMJRVsbisdg9cPkDowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTE4MDAwMDAwWhcNMjUwMjIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A4ZjNmYmYzZWJlNjAzMmE5YjM3YmRmZDc3ZjA2ZWM1YjFk
ODgxYjJjN2MxYzlhMjliM2MwNzcwZWIzOTVjYjhlMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCY91ptGBjcmAufB0TBX5QxirWSxTAj8e+/0o2ag+CJcAlu
MZcc2FW395h8WaRZcdEjnTe1AMFesy/uEb5eILhiN8gQs2RKgmtCDzuQvda8pV5z
pDCFRyCEFWrTJY9Evgkbd0eFR5PRH+3rH0VZwCu0dND5+BzP5thT2EI2qUJhadQd
etyNjiWmEKdTCUAK01OkdiU9DvSIeWHKSqcEIyOEuwqObyuCXcZukf/s0qdVpXgR
8bveYQI/q+wPO2+YgIb22T+zqIo/AyS5H6j4h9+QmLREC/3agWteM57ul/67iS3f
fybnazxuUp17cE2bXybGbbbyEK2bIR1eud3PDIxpAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUUi+swB4S9kCOUcdq+WnMjx3xahQwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzdmZWYwMGRjLTFhOWEtNDk3Yy1iODU3LTc5MmRhMzhlNTMyZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVQAwDQYJKoZIhvcNAQELBQADggEBAFJkH1lWQVReg+Owc/MXCmkP
BZ1hnH5x6UMRLRodpSYhDajFZ+Sc5gVtbo/JoT0SfhdvFIe7C7HDAXAtN4ShhQyI
ZKv5HM2DG1Jy6C7FKiu1Xp2Qio/3cbxwDn3nDhM7P/q8WdAuZUn+bpnREhBlsE91
3zSv/gGdBt+/2QyyaB7/59UWCD0jyho+z4GLXFoA5mSk0Z5NUCxvpDsLNZNisSDE
I/PTEeIn+GN6dfelwk2prLZSPLiBIOh5d1fB9RNwgSM0tUte4sIcWQeGOf9919fW
zb7xaXWjkxtTwqYYno95u7wYghS8SIzV09qR88GSkfjhZvrFQdcuHStEc4x5i40=
-----END CERTIFICATE-----
Generated at Sat Jan 18 04:39:47 2025 by rpki-client on console-ams.rpki-client.org