Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a65dc579-55d0-4640-8ee5-6bd70e3dd724.roa
File:                     a65dc579-55d0-4640-8ee5-6bd70e3dd724.roa (raw, json)
Hash identifier:          mfEoYvuJoQqfjVrpeK6x0CnXXrNnGWRJKe/h6/mTym4=
Subject key identifier:   95:B9:BF:8B:02:84:6C:79:1B:C0:94:94:3A:4D:F9:D6:3B:11:1C:63
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       7C4ACD5A359A9B6C688A864318AD13403AE7CFDE
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a65dc579-55d0-4640-8ee5-6bd70e3dd724.roa
Signing time:             Mon 06 Jan 2025 00:00:00 +0000
ROA not before:           Mon 06 Jan 2025 00:00:00 +0000
ROA not after:            Mon 10 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:551c::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Jan 2025 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:4a:cd:5a:35:9a:9b:6c:68:8a:86:43:18:ad:13:40:3a:e7:cf:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jan  6 00:00:00 2025 GMT
            Not After : Feb 10 23:59:59 2025 GMT
        Subject: serialNumber=d9acf76a3384314aa5e24f93af3dc0b8be1bfc823e0a2bb7b9e3b4b8fe1bc730, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:57:63:d0:a0:c9:f5:32:c3:f8:b0:86:10:36:
                    08:ab:66:d3:71:d2:04:12:4b:35:c4:15:96:70:f6:
                    78:d6:0b:20:e3:2a:1d:30:95:b8:01:d7:48:21:21:
                    22:9d:79:a5:0c:15:2d:05:12:fe:6b:9e:04:38:fc:
                    fd:58:6d:2c:34:05:aa:8e:87:be:f4:5c:86:8e:38:
                    a3:d3:af:5d:9b:aa:7e:49:e0:06:c9:eb:40:16:0a:
                    f9:e1:a1:1d:7e:2f:f7:0c:27:ef:42:32:ad:43:1a:
                    78:fa:50:bd:70:05:38:fe:7e:d1:39:b6:f5:3b:53:
                    e3:08:37:0d:0f:be:ef:68:cc:37:65:af:f0:6b:40:
                    59:cb:25:a6:17:25:0e:f7:1a:de:25:42:f6:13:4e:
                    24:ca:a0:2d:9f:23:24:5d:d0:8c:16:35:37:e6:c8:
                    34:26:db:4d:2c:2c:aa:df:29:63:3d:51:a5:84:2a:
                    bd:bc:51:2a:83:c1:dc:08:f1:59:21:4f:57:af:a6:
                    d5:81:42:a4:76:5d:07:e4:c9:bb:6c:bb:ca:97:b8:
                    30:48:84:f2:4d:7d:fa:78:0b:06:9a:2b:b8:33:af:
                    92:e1:c9:28:03:bb:71:a5:0f:ae:6f:89:42:ce:de:
                    ad:d0:a8:cc:ff:dc:86:d1:ee:90:d2:c2:2c:63:62:
                    f8:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:B9:BF:8B:02:84:6C:79:1B:C0:94:94:3A:4D:F9:D6:3B:11:1C:63
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a65dc579-55d0-4640-8ee5-6bd70e3dd724.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:551c::/48

    Signature Algorithm: sha256WithRSAEncryption
         5d:d4:9d:4d:db:0a:e3:a5:88:c7:6e:99:e5:59:c7:ed:ad:b3:
         cd:c0:4c:7a:09:e1:de:90:c1:a2:f2:e4:b3:56:ba:6e:75:d9:
         60:9c:7d:49:01:c2:ce:d2:cc:06:3f:8c:a4:0d:ad:b1:78:66:
         43:6a:e1:d2:8c:bf:91:52:6d:35:c6:37:15:6a:04:f2:a9:95:
         de:c2:62:85:b3:7c:3c:62:34:32:29:da:0f:6b:46:b7:89:f0:
         1d:77:d4:a9:d7:8d:24:b4:b1:94:79:53:12:5d:48:5b:81:cc:
         fc:e4:90:be:8b:61:da:35:0b:13:32:88:4b:c3:cd:51:14:75:
         d2:f7:15:79:32:46:ce:f7:fe:f6:22:0f:aa:3d:53:fb:07:03:
         0b:40:a5:a0:e6:3d:c6:01:74:fe:b9:2f:85:ab:8d:c0:28:a3:
         a2:ec:fc:6e:94:09:1b:c0:3a:fe:23:66:f9:fa:13:42:56:46:
         b8:98:2e:9a:04:91:5f:aa:29:64:b0:58:1d:38:f0:a0:14:71:
         86:21:38:20:b3:54:11:64:44:2b:4e:ef:8e:9f:33:ec:5b:75:
         9b:d9:08:ad:9f:17:5c:3b:d3:5c:61:d9:e6:36:93:bc:b8:f6:
         06:44:fc:02:e2:63:7e:59:9d:b9:6c:24:95:b9:83:bc:5d:7b:
         e1:a3:68:b7
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUfErNWjWam2xoioZDGK0TQDrnz94wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTA2MDAwMDAwWhcNMjUwMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BkOWFjZjc2YTMzODQzMTRhYTVlMjRmOTNhZjNkYzBiOGJl
MWJmYzgyM2UwYTJiYjdiOWUzYjRiOGZlMWJjNzMwMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCfV2PQoMn1MsP4sIYQNgirZtNx0gQSSzXEFZZw9njWCyDj
Kh0wlbgB10ghISKdeaUMFS0FEv5rngQ4/P1YbSw0BaqOh770XIaOOKPTr12bqn5J
4AbJ60AWCvnhoR1+L/cMJ+9CMq1DGnj6UL1wBTj+ftE5tvU7U+MINw0Pvu9ozDdl
r/BrQFnLJaYXJQ73Gt4lQvYTTiTKoC2fIyRd0IwWNTfmyDQm200sLKrfKWM9UaWE
Kr28USqDwdwI8VkhT1evptWBQqR2XQfkybtsu8qXuDBIhPJNffp4CwaaK7gzr5Lh
ySgDu3GlD65viULO3q3QqMz/3IbR7pDSwixjYvh/AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUlbm/iwKEbHkbwJSUOk351jsRHGMwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2E2NWRjNTc5LTU1ZDAtNDY0MC04ZWU1LTZiZDcwZTNkZDcyNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVRwwDQYJKoZIhvcNAQELBQADggEBAF3UnU3bCuOliMdumeVZx+2t
s83ATHoJ4d6QwaLy5LNWum512WCcfUkBws7SzAY/jKQNrbF4ZkNq4dKMv5FSbTXG
NxVqBPKpld7CYoWzfDxiNDIp2g9rRreJ8B131KnXjSS0sZR5UxJdSFuBzPzkkL6L
Ydo1CxMyiEvDzVEUddL3FXkyRs73/vYiD6o9U/sHAwtApaDmPcYBdP65L4WrjcAo
o6Ls/G6UCRvAOv4jZvn6E0JWRriYLpoEkV+qKWSwWB048KAUcYYhOCCzVBFkRCtO
746fM+xbdZvZCK2fF1w701xh2eY2k7y49gZE/ALiY35ZnblsJJW5g7xde+GjaLc=
-----END CERTIFICATE-----
Generated at Sat Jan 18 04:39:47 2025 by rpki-client on console-ams.rpki-client.org