Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/cbf43d99-4d01-4d24-ada9-6e34368d1d71.roa
File:                     cbf43d99-4d01-4d24-ada9-6e34368d1d71.roa (raw, json)
Hash identifier:          lpKEEEqu53xQZnuEEjAjPrzYHIRgRO2Cp5E2t0nuvYA=
Subject key identifier:   D8:3D:BC:7F:5B:10:8C:4D:7B:A6:B0:11:5E:A5:40:AD:F6:0A:E1:79
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       5E9BB3D968BDB8F94175CA90BA4B2317F56B5EE8
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/cbf43d99-4d01-4d24-ada9-6e34368d1d71.roa
Signing time:             Mon 06 Jan 2025 00:00:00 +0000
ROA not before:           Mon 06 Jan 2025 00:00:00 +0000
ROA not after:            Mon 10 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:5518::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Jan 2025 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:9b:b3:d9:68:bd:b8:f9:41:75:ca:90:ba:4b:23:17:f5:6b:5e:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jan  6 00:00:00 2025 GMT
            Not After : Feb 10 23:59:59 2025 GMT
        Subject: serialNumber=2d2454d423ca72342b0d9fdbfce227e0b87768cdf5d61baa37617c086962e641, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:12:48:ed:5d:46:3b:93:3c:b0:ff:8d:31:24:
                    c3:18:2e:70:a2:c4:09:a5:ee:21:9e:b3:99:c0:ed:
                    f8:f3:83:95:6b:6b:3f:07:76:30:36:27:60:19:b3:
                    15:d4:4b:25:30:d5:96:2f:8c:6b:52:ca:a6:e3:e1:
                    2b:b3:45:e0:ed:49:f6:a5:d5:01:9b:94:d2:f5:01:
                    1c:83:c9:6f:02:3b:ac:c9:cf:3d:e4:54:bd:ec:ff:
                    02:5e:46:53:92:91:70:d8:91:16:21:d9:31:ff:0d:
                    55:f7:ca:7f:66:99:ef:4d:cd:bb:d8:35:f1:4b:86:
                    fe:16:f8:0a:9a:01:ef:76:ef:32:3e:b1:9a:f5:97:
                    bb:9b:fe:5d:2c:b2:82:38:ed:7c:0e:90:2f:63:e4:
                    74:69:17:2f:bb:27:db:5f:f3:1a:d9:58:d8:2a:98:
                    9a:39:9a:b4:df:d9:7a:38:99:ae:69:92:d5:c1:4f:
                    d8:64:cb:39:60:9c:22:0b:78:67:fb:50:36:ae:11:
                    da:ec:b3:62:7e:62:ad:04:8f:bd:f0:95:71:95:ce:
                    cd:f8:2b:91:80:28:06:09:e7:0c:e7:9f:d2:d5:73:
                    ad:86:ab:15:73:dc:80:cc:fe:69:50:a1:d2:8f:e8:
                    14:dd:08:3f:ff:b3:af:da:60:54:4a:44:e8:0f:48:
                    48:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:3D:BC:7F:5B:10:8C:4D:7B:A6:B0:11:5E:A5:40:AD:F6:0A:E1:79
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/cbf43d99-4d01-4d24-ada9-6e34368d1d71.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:5518::/48

    Signature Algorithm: sha256WithRSAEncryption
         0a:41:89:76:90:24:60:28:51:10:4d:7e:0f:f9:1a:11:b6:e6:
         4a:ad:49:bc:fb:0b:9d:b8:f5:36:9c:97:62:f5:69:ad:7f:3e:
         45:48:08:26:a1:d4:59:30:20:35:4f:0f:89:bb:9c:5d:76:99:
         58:dd:f9:f2:3e:7a:f3:17:69:ed:bf:14:21:1d:2f:e9:2e:2e:
         43:70:25:8f:66:b7:12:5a:4d:78:b0:fa:0d:0a:e7:d9:cf:c5:
         cf:d0:be:1a:cf:c7:05:ee:6e:ca:79:7e:f8:46:89:80:9c:6d:
         33:f8:a3:f7:52:e5:eb:4f:19:4a:9e:f3:1b:ed:ff:93:48:bd:
         cb:fa:71:67:99:fd:49:be:07:e9:f7:de:33:3f:1e:a8:7c:ef:
         f6:f6:05:1a:f1:cd:b9:5c:fc:37:fa:d7:1f:cb:19:09:73:6d:
         08:6d:d8:2a:5f:bd:fb:6b:29:b5:cc:8b:d0:44:06:c8:c0:b0:
         f9:65:33:43:1d:83:d6:7e:d6:95:cd:aa:8a:dc:06:c4:98:c6:
         da:73:d2:c1:b4:59:3d:79:c0:e4:ad:98:d0:8f:3c:bc:8f:64:
         be:94:5c:26:a6:ec:79:3d:4c:cc:46:73:ad:6d:9f:ff:7a:33:
         b5:6d:7d:74:e2:2c:b5:4f:56:de:aa:86:c4:e6:42:02:59:23:
         f4:ae:b3:3c
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUXpuz2Wi9uPlBdcqQuksjF/VrXugwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTA2MDAwMDAwWhcNMjUwMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AyZDI0NTRkNDIzY2E3MjM0MmIwZDlmZGJmY2UyMjdlMGI4
Nzc2OGNkZjVkNjFiYWEzNzYxN2MwODY5NjJlNjQxMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC8EkjtXUY7kzyw/40xJMMYLnCixAml7iGes5nA7fjzg5Vr
az8HdjA2J2AZsxXUSyUw1ZYvjGtSyqbj4SuzReDtSfal1QGblNL1ARyDyW8CO6zJ
zz3kVL3s/wJeRlOSkXDYkRYh2TH/DVX3yn9mme9NzbvYNfFLhv4W+AqaAe927zI+
sZr1l7ub/l0ssoI47XwOkC9j5HRpFy+7J9tf8xrZWNgqmJo5mrTf2Xo4ma5pktXB
T9hkyzlgnCILeGf7UDauEdrss2J+Yq0Ej73wlXGVzs34K5GAKAYJ5wznn9LVc62G
qxVz3IDM/mlQodKP6BTdCD//s6/aYFRKROgPSEj/AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU2D28f1sQjE17prARXqVArfYK4XkwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2NiZjQzZDk5LTRkMDEtNGQyNC1hZGE5LTZlMzQzNjhkMWQ3MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVRgwDQYJKoZIhvcNAQELBQADggEBAApBiXaQJGAoURBNfg/5GhG2
5kqtSbz7C5249Tacl2L1aa1/PkVICCah1FkwIDVPD4m7nF12mVjd+fI+evMXae2/
FCEdL+kuLkNwJY9mtxJaTXiw+g0K59nPxc/QvhrPxwXubsp5fvhGiYCcbTP4o/dS
5etPGUqe8xvt/5NIvcv6cWeZ/Um+B+n33jM/Hqh87/b2BRrxzblc/Df61x/LGQlz
bQht2CpfvftrKbXMi9BEBsjAsPllM0Mdg9Z+1pXNqorcBsSYxtpz0sG0WT15wOSt
mNCPPLyPZL6UXCam7Hk9TMxGc61tn/96M7VtfXTiLLVPVt6qhsTmQgJZI/Suszw=
-----END CERTIFICATE-----
Generated at Fri Jan 17 21:21:58 2025 by rpki-client on console-ams.rpki-client.org