Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b4163a38-a8e2-48d9-855f-dd53ae7f6dcf.roa
File:                     b4163a38-a8e2-48d9-855f-dd53ae7f6dcf.roa (raw, json)
Hash identifier:          vguFN54DALE2U7G23e0PsO0mS9v/GPcAKuETRUTp3m4=
Subject key identifier:   03:62:18:AB:89:E4:69:31:1C:8E:DD:C1:D4:42:E2:40:1B:12:29:DD
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       5043924346E9F7134D355505300B15D88053F58C
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b4163a38-a8e2-48d9-855f-dd53ae7f6dcf.roa
Signing time:             Sat 18 Jan 2025 00:00:00 +0000
ROA not before:           Sat 18 Jan 2025 00:00:00 +0000
ROA not after:            Sat 22 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0f1:8801::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Jan 2025 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:43:92:43:46:e9:f7:13:4d:35:55:05:30:0b:15:d8:80:53:f5:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jan 18 00:00:00 2025 GMT
            Not After : Feb 22 23:59:59 2025 GMT
        Subject: serialNumber=fced8b31f1e3d451eeaed36dd41768434a0fa840501006cdf8fd47c64b1cc04c, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:93:39:e7:a0:c8:f3:df:26:40:d6:6d:3a:aa:
                    3a:43:c7:10:80:0b:58:b3:7c:15:d2:6c:10:1b:c9:
                    c4:fc:f1:87:51:5e:76:80:3f:91:a2:1d:f1:eb:2e:
                    c1:81:57:b7:f1:9a:09:01:1b:84:3b:dc:d9:3d:a4:
                    38:59:d6:80:f1:48:59:e7:88:24:e4:1f:b9:b5:a8:
                    43:fa:e7:40:cd:7a:24:55:23:57:e2:84:83:f4:d8:
                    1f:f3:b4:4c:12:2d:ba:70:cb:68:6e:ba:83:de:f9:
                    c4:b0:77:8f:57:92:3c:9a:d6:66:72:9c:5b:37:a3:
                    e8:75:34:a6:d8:c7:74:f2:22:73:7f:dd:75:63:c1:
                    50:1f:09:fc:cc:06:76:5d:f2:02:5e:c5:95:43:66:
                    dc:be:af:40:ff:cb:85:37:03:df:4d:19:41:11:c7:
                    54:b5:ee:1e:8c:e7:6c:21:a0:4f:50:1f:19:d1:ca:
                    4e:2a:a7:a5:2d:5d:56:6c:24:94:f2:35:e4:ec:4b:
                    5e:18:cb:53:29:26:26:6e:87:61:c4:0e:a6:ab:c0:
                    e9:7b:04:84:dd:05:49:97:60:53:16:01:f2:6a:23:
                    3e:90:7e:4d:0c:11:63:2e:e1:20:68:aa:fd:d4:6d:
                    c5:9b:ef:02:ea:32:16:e1:04:b0:50:1b:6c:fb:d8:
                    67:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:62:18:AB:89:E4:69:31:1C:8E:DD:C1:D4:42:E2:40:1B:12:29:DD
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b4163a38-a8e2-48d9-855f-dd53ae7f6dcf.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f1:8801::/48

    Signature Algorithm: sha256WithRSAEncryption
         3b:85:9d:0f:97:46:cd:ff:13:78:82:a9:36:23:e8:7e:d5:d2:
         27:d2:cb:85:b0:15:a2:6c:de:c5:6d:35:1a:02:cd:f8:0c:ec:
         d8:34:12:9f:7e:e4:59:eb:8b:ef:6f:2a:e2:50:c6:ec:17:8b:
         1c:2b:e1:71:f5:ee:db:86:61:99:d6:dc:82:ef:33:cc:0d:d0:
         a0:96:43:55:d9:50:c6:f2:01:d1:dc:b5:18:f5:48:85:02:43:
         fd:f7:a5:87:5e:4c:90:91:92:ba:05:ee:49:ee:f8:63:a6:c6:
         9b:ad:ed:a6:51:da:f0:72:6f:d6:39:a6:49:74:d5:0a:66:be:
         95:b8:be:c5:66:01:49:12:a1:7d:d6:17:28:00:ac:b1:22:b3:
         71:aa:cc:33:ad:a2:22:2f:c2:90:c3:89:a4:20:ed:60:4e:92:
         e8:ab:f6:4e:f9:28:d1:13:e0:34:f4:ff:d4:e5:a0:a3:49:7c:
         12:cf:ac:93:34:a5:cd:cd:9c:6d:47:57:8e:c2:17:44:72:38:
         5e:be:af:10:9b:9a:be:45:b3:0c:ae:4d:56:b5:f0:64:d9:71:
         3f:3b:20:d7:b5:79:50:12:37:03:f8:33:71:10:38:45:55:2f:
         bb:12:2a:b0:8f:24:c3:96:e5:22:14:ed:e3:49:f9:97:f2:fd:
         69:53:e5:96
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUUEOSQ0bp9xNNNVUFMAsV2IBT9YwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTE4MDAwMDAwWhcNMjUwMjIyMjM1OTU5
WjB6MUkwRwYDVQQFE0BmY2VkOGIzMWYxZTNkNDUxZWVhZWQzNmRkNDE3Njg0MzRh
MGZhODQwNTAxMDA2Y2RmOGZkNDdjNjRiMWNjMDRjMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDSkznnoMjz3yZA1m06qjpDxxCAC1izfBXSbBAbycT88YdR
XnaAP5GiHfHrLsGBV7fxmgkBG4Q73Nk9pDhZ1oDxSFnniCTkH7m1qEP650DNeiRV
I1fihIP02B/ztEwSLbpwy2huuoPe+cSwd49Xkjya1mZynFs3o+h1NKbYx3TyInN/
3XVjwVAfCfzMBnZd8gJexZVDZty+r0D/y4U3A99NGUERx1S17h6M52whoE9QHxnR
yk4qp6UtXVZsJJTyNeTsS14Yy1MpJiZuh2HEDqarwOl7BITdBUmXYFMWAfJqIz6Q
fk0MEWMu4SBoqv3UbcWb7wLqMhbhBLBQG2z72GdTAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUA2IYq4nkaTEcjt3B1ELiQBsSKd0wHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2I0MTYzYTM4LWE4ZTItNDhkOS04NTVmLWRkNTNhZTdmNmRjZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDxiAEwDQYJKoZIhvcNAQELBQADggEBADuFnQ+XRs3/E3iCqTYj6H7V
0ifSy4WwFaJs3sVtNRoCzfgM7Ng0Ep9+5Fnri+9vKuJQxuwXixwr4XH17tuGYZnW
3ILvM8wN0KCWQ1XZUMbyAdHctRj1SIUCQ/33pYdeTJCRkroF7knu+GOmxput7aZR
2vByb9Y5pkl01QpmvpW4vsVmAUkSoX3WFygArLEis3GqzDOtoiIvwpDDiaQg7WBO
kuir9k75KNET4DT0/9TloKNJfBLPrJM0pc3NnG1HV47CF0RyOF6+rxCbmr5Fswyu
TVa18GTZcT87INe1eVASNwP4M3EQOEVVL7sSKrCPJMOW5SIU7eNJ+Zfy/WlT5ZY=
-----END CERTIFICATE-----
Generated at Sat Jan 18 02:06:48 2025 by rpki-client on console-fra.rpki-client.org