Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/af93e150-9469-47eb-8185-3ff03d87db06.roa
File:                     af93e150-9469-47eb-8185-3ff03d87db06.roa (raw, json)
Hash identifier:          tgL1HpxBn8rlo7V7pPOhbraU/fLqeI2xlWGm6MCEBFM=
Subject key identifier:   58:3D:BC:2B:A4:3C:4C:B1:40:10:57:80:FF:0F:59:18:CD:52:EE:60
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       10D5F127810E5A30A8976C4E7F8F44031BFE7505
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/af93e150-9469-47eb-8185-3ff03d87db06.roa
Signing time:             Tue 24 Dec 2024 00:00:00 +0000
ROA not before:           Tue 24 Dec 2024 00:00:00 +0000
ROA not after:            Tue 28 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0fb:f000::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Jan 2025 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:d5:f1:27:81:0e:5a:30:a8:97:6c:4e:7f:8f:44:03:1b:fe:75:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Dec 24 00:00:00 2024 GMT
            Not After : Jan 28 23:59:59 2025 GMT
        Subject: serialNumber=8a2c257bd7ad7f1967a80eaa029e1897196dcfe3e4a40f26f47ea4665925ffb4, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:c7:c7:3a:2d:ab:5c:d9:47:1a:e6:e3:96:f8:
                    f8:26:16:85:2f:b9:31:8a:ab:30:75:53:54:f9:08:
                    08:6e:56:0d:8f:fb:da:09:72:b0:48:c1:a4:fa:4a:
                    cd:e6:1b:66:c6:3a:ea:40:a2:eb:ce:e0:6a:d2:b6:
                    dc:60:a4:04:4d:5b:6c:a7:a5:4c:8a:96:47:e5:8a:
                    56:34:2c:25:8b:3a:7c:6f:5d:0f:e4:1a:16:da:66:
                    92:31:57:d1:df:db:95:22:20:85:76:33:9d:4b:5c:
                    4a:2c:de:e7:41:3c:8f:a2:46:33:b1:a3:8c:e1:f5:
                    4f:33:c2:de:ed:3a:f0:03:6d:f7:00:2f:0d:ea:da:
                    8c:35:e0:f1:26:03:f0:fb:d6:0c:e3:07:2b:db:4a:
                    60:c2:07:cc:d7:4c:83:d0:85:d4:ee:8e:99:98:77:
                    fc:d8:c7:60:c7:87:35:24:45:97:d6:70:0f:cb:6c:
                    9d:6d:a5:37:1c:94:4b:76:99:b2:6e:af:6e:23:bb:
                    ab:1e:77:9a:11:38:93:6e:83:9b:f5:dd:49:75:13:
                    b2:2b:fd:17:87:4b:bf:3d:ba:69:3e:2f:5c:43:14:
                    0b:e7:b2:d7:20:35:67:59:a7:00:68:bb:8e:0a:7b:
                    a7:79:c7:50:89:12:66:de:de:d4:bf:10:f3:30:ab:
                    c8:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:3D:BC:2B:A4:3C:4C:B1:40:10:57:80:FF:0F:59:18:CD:52:EE:60
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/af93e150-9469-47eb-8185-3ff03d87db06.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:f000::/44

    Signature Algorithm: sha256WithRSAEncryption
         7c:81:0b:2c:33:0f:45:44:25:af:58:f1:12:bc:00:0e:ba:fe:
         5c:05:b9:b2:53:0c:5a:8c:81:b1:8d:5c:40:61:e5:de:5e:41:
         87:79:2c:9f:d1:f9:3f:91:aa:1f:9a:5d:eb:72:b8:d7:72:48:
         0f:f1:7f:23:53:b2:98:99:d4:91:c0:32:0d:06:c8:34:2f:75:
         ff:54:d9:e0:e3:86:84:7f:12:1f:97:84:d3:57:68:54:14:01:
         ea:f8:32:27:46:a6:5b:c1:90:63:e5:bc:f4:e1:67:77:01:b8:
         07:20:47:5a:2d:af:79:dd:ee:32:67:22:bd:75:a9:26:21:26:
         ec:26:28:38:de:2e:46:ea:bb:91:2a:80:d2:57:f6:d3:df:e7:
         f4:bf:aa:7e:86:d3:19:c6:35:0e:e0:5d:f0:e3:66:24:89:13:
         f8:99:db:8b:5b:14:37:95:45:1f:3d:46:a5:b7:4d:79:3f:f2:
         45:ec:bb:8b:35:43:0e:ad:ac:c5:e5:01:9b:52:cc:19:40:06:
         c5:9b:52:09:dd:74:02:ae:62:c8:67:16:5b:45:89:64:8e:b9:
         25:a8:40:28:38:af:ed:5c:2d:f7:76:8e:74:df:55:7c:43:7b:
         b0:30:10:26:20:51:7a:03:f9:08:d4:86:47:77:64:cc:56:ab:
         7b:60:8b:6a
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUENXxJ4EOWjCol2xOf49EAxv+dQUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjQxMjI0MDAwMDAwWhcNMjUwMTI4MjM1OTU5
WjB6MUkwRwYDVQQFE0A4YTJjMjU3YmQ3YWQ3ZjE5NjdhODBlYWEwMjllMTg5NzE5
NmRjZmUzZTRhNDBmMjZmNDdlYTQ2NjU5MjVmZmI0MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCax8c6Latc2Uca5uOW+PgmFoUvuTGKqzB1U1T5CAhuVg2P
+9oJcrBIwaT6Ss3mG2bGOupAouvO4GrSttxgpARNW2ynpUyKlkflilY0LCWLOnxv
XQ/kGhbaZpIxV9Hf25UiIIV2M51LXEos3udBPI+iRjOxo4zh9U8zwt7tOvADbfcA
Lw3q2ow14PEmA/D71gzjByvbSmDCB8zXTIPQhdTujpmYd/zYx2DHhzUkRZfWcA/L
bJ1tpTcclEt2mbJur24ju6sed5oROJNug5v13Ul1E7Ir/ReHS789umk+L1xDFAvn
stcgNWdZpwBou44Ke6d5x1CJEmbe3tS/EPMwq8gxAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUWD28K6Q8TLFAEFeA/w9ZGM1S7mAwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2FmOTNlMTUwLTk0NjktNDdlYi04MTg1LTNmZjAzZDg3ZGIwNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwQmAPD78AAwDQYJKoZIhvcNAQELBQADggEBAHyBCywzD0VEJa9Y8RK8AA66
/lwFubJTDFqMgbGNXEBh5d5eQYd5LJ/R+T+Rqh+aXetyuNdySA/xfyNTspiZ1JHA
Mg0GyDQvdf9U2eDjhoR/Eh+XhNNXaFQUAer4MidGplvBkGPlvPThZ3cBuAcgR1ot
r3nd7jJnIr11qSYhJuwmKDjeLkbqu5EqgNJX9tPf5/S/qn6G0xnGNQ7gXfDjZiSJ
E/iZ24tbFDeVRR89RqW3TXk/8kXsu4s1Qw6trMXlAZtSzBlABsWbUgnddAKuYshn
FltFiWSOuSWoQCg4r+1cLfd2jnTfVXxDe7AwECYgUXoD+QjUhkd3ZMxWq3tgi2o=
-----END CERTIFICATE-----
Generated at Sat Jan 18 02:06:48 2025 by rpki-client on console-fra.rpki-client.org