Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a84b381b-bc70-4b19-91a5-fa66fa80011e.roa
File:                     a84b381b-bc70-4b19-91a5-fa66fa80011e.roa (raw, json)
Hash identifier:          XhFF1X5Lt+9imoDA5IBCWq4irGrbc+valKLEu2lVevg=
Subject key identifier:   62:5D:43:51:A5:67:86:A3:DC:6F:26:B7:51:E2:3A:A3:0F:CF:50:12
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       341E6D5170AC04872D37BFE9DB338E46ED9215D5
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a84b381b-bc70-4b19-91a5-fa66fa80011e.roa
Signing time:             Tue 24 Dec 2024 00:00:00 +0000
ROA not before:           Tue 24 Dec 2024 00:00:00 +0000
ROA not after:            Tue 28 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f2:7000::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Jan 2025 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            34:1e:6d:51:70:ac:04:87:2d:37:bf:e9:db:33:8e:46:ed:92:15:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Dec 24 00:00:00 2024 GMT
            Not After : Jan 28 23:59:59 2025 GMT
        Subject: serialNumber=dfded6e52eeb3fb21912cb8de5101fad796ab2527e000a61a99181b66c7bc4a3, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:fd:d7:fd:e3:b9:a0:5d:b3:41:22:19:59:2f:
                    f7:4e:8a:a4:6f:66:96:10:40:49:cd:b8:5d:1f:af:
                    e7:03:f5:8b:cf:43:74:71:70:04:8a:68:4c:0c:0c:
                    00:53:c0:08:32:6a:d1:f0:f2:bf:a9:f0:66:65:7f:
                    f5:02:86:25:8f:31:15:04:48:f6:0e:0e:0a:48:a3:
                    b1:fc:12:a0:3d:5c:90:0e:9c:97:e8:b5:4e:36:00:
                    e6:2e:d2:e5:4e:fd:b4:ec:db:6b:4e:d7:94:45:88:
                    a1:11:8f:80:74:20:dc:ca:4d:11:af:de:bf:19:98:
                    fd:28:41:0c:54:fe:cc:0e:c8:9a:ed:84:fd:1a:20:
                    3f:8c:71:db:90:8a:79:1e:c8:27:cb:60:87:8d:6b:
                    fb:fc:00:2e:9a:7f:44:ea:da:34:59:37:c3:06:47:
                    e0:23:f2:c3:a3:f8:1f:41:97:02:8b:62:aa:b3:1c:
                    1d:7c:fe:b6:3e:39:15:9f:a5:e5:f8:e5:5c:e5:b8:
                    26:82:40:47:2c:0c:c9:1c:60:a5:e2:31:81:49:64:
                    69:8f:42:21:23:65:7c:7a:ad:1c:33:bd:11:53:69:
                    41:bf:62:72:58:a3:45:de:e7:3e:9e:1b:0f:23:d9:
                    17:02:a4:95:ed:7c:7c:f6:89:47:77:05:f3:44:5c:
                    ac:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:5D:43:51:A5:67:86:A3:DC:6F:26:B7:51:E2:3A:A3:0F:CF:50:12
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a84b381b-bc70-4b19-91a5-fa66fa80011e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f2:7000::/44

    Signature Algorithm: sha256WithRSAEncryption
         61:95:e1:d4:3a:08:7a:ef:e1:f7:c3:cb:85:3e:43:e3:82:d6:
         ee:80:60:6b:63:c8:b4:4e:80:ab:b5:b9:e7:43:6e:a3:21:b5:
         90:26:a0:90:7b:0d:86:3c:c9:1b:bf:e0:a5:69:82:63:09:f3:
         79:ce:c9:c0:7b:3c:d2:f0:a9:86:4d:49:2e:6f:16:6c:0a:ce:
         58:00:cb:9b:4a:da:ef:4f:a1:ac:a5:19:0b:37:a6:77:48:92:
         89:f4:5b:1f:45:07:3d:00:61:2b:98:ae:03:58:7f:7a:66:43:
         6d:87:d4:7a:d5:2c:dc:e9:e2:17:40:0c:cb:29:3e:cd:16:e9:
         ca:92:72:ab:d1:d3:41:d2:a4:09:5c:0f:1c:29:97:cb:6a:e8:
         db:ec:c1:bb:a1:10:18:e7:c1:77:13:5b:c8:96:37:7c:53:d3:
         e5:25:66:ac:2d:81:ba:b2:06:ed:35:08:d1:3e:c1:57:c6:eb:
         64:92:e6:f3:6f:e0:c1:1a:e8:d5:76:12:59:96:da:e3:f8:35:
         21:a8:82:73:af:50:49:4a:e8:7f:7d:76:1c:b4:02:be:ef:5d:
         c7:ee:6b:59:b5:0b:5c:e4:69:6a:51:af:e9:f9:97:37:77:72:
         5a:75:2f:b7:12:7d:64:92:fa:7a:3f:b1:39:e1:dc:fb:1d:7b:
         9d:f0:cf:20
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUNB5tUXCsBIctN7/p2zOORu2SFdUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjQxMjI0MDAwMDAwWhcNMjUwMTI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BkZmRlZDZlNTJlZWIzZmIyMTkxMmNiOGRlNTEwMWZhZDc5
NmFiMjUyN2UwMDBhNjFhOTkxODFiNjZjN2JjNGEzMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCg/df947mgXbNBIhlZL/dOiqRvZpYQQEnNuF0fr+cD9YvP
Q3RxcASKaEwMDABTwAgyatHw8r+p8GZlf/UChiWPMRUESPYODgpIo7H8EqA9XJAO
nJfotU42AOYu0uVO/bTs22tO15RFiKERj4B0INzKTRGv3r8ZmP0oQQxU/swOyJrt
hP0aID+McduQinkeyCfLYIeNa/v8AC6af0Tq2jRZN8MGR+Aj8sOj+B9BlwKLYqqz
HB18/rY+ORWfpeX45VzluCaCQEcsDMkcYKXiMYFJZGmPQiEjZXx6rRwzvRFTaUG/
YnJYo0Xe5z6eGw8j2RcCpJXtfHz2iUd3BfNEXKwpAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUYl1DUaVnhqPcbya3UeI6ow/PUBIwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2E4NGIzODFiLWJjNzAtNGIxOS05MWE1LWZhNjZmYTgwMDExZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwQmAPDycAAwDQYJKoZIhvcNAQELBQADggEBAGGV4dQ6CHrv4ffDy4U+Q+OC
1u6AYGtjyLROgKu1uedDbqMhtZAmoJB7DYY8yRu/4KVpgmMJ83nOycB7PNLwqYZN
SS5vFmwKzlgAy5tK2u9PoaylGQs3pndIkon0Wx9FBz0AYSuYrgNYf3pmQ22H1HrV
LNzp4hdADMspPs0W6cqScqvR00HSpAlcDxwpl8tq6NvswbuhEBjnwXcTW8iWN3xT
0+UlZqwtgbqyBu01CNE+wVfG62SS5vNv4MEa6NV2ElmW2uP4NSGognOvUElK6H99
dhy0Ar7vXcfua1m1C1zkaWpRr+n5lzd3clp1L7cSfWSS+no/sTnh3Psde53wzyA=
-----END CERTIFICATE-----
Generated at Fri Jan 17 21:21:57 2025 by rpki-client on console-ams.rpki-client.org