Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/da0d0f1f-f82d-47bb-9ac7-ee09a51b3f2c.roa
File:                     da0d0f1f-f82d-47bb-9ac7-ee09a51b3f2c.roa (raw, json)
Hash identifier:          Lq97raWvzddCBJJjuv+o6Z1iJpRephj9NOqGNW7145Q=
Subject key identifier:   55:0C:A4:8A:36:BD:6E:69:2B:15:78:C4:E1:E1:22:43:E2:2F:B8:CA
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       6BDE5636416CE475CF3A7562A8E6BF38E09AB925
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/da0d0f1f-f82d-47bb-9ac7-ee09a51b3f2c.roa
Signing time:             Mon 06 Jan 2025 00:00:00 +0000
ROA not before:           Mon 06 Jan 2025 00:00:00 +0000
ROA not after:            Mon 10 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:500::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Jan 2025 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:de:56:36:41:6c:e4:75:cf:3a:75:62:a8:e6:bf:38:e0:9a:b9:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jan  6 00:00:00 2025 GMT
            Not After : Feb 10 23:59:59 2025 GMT
        Subject: serialNumber=771a8fee3d70ae9a6c3023e62aeec2fc9468558ab800b32f2ddac9ac0c5f75b6, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:4b:e6:7f:40:88:dc:85:c9:45:6e:bb:53:a1:
                    8a:4b:41:6d:54:45:6a:7a:20:4d:f6:41:96:51:4f:
                    9c:a1:14:9e:e6:e7:fc:1d:cd:7d:0f:6b:d8:89:29:
                    ec:63:f0:98:a1:ab:83:8b:2b:38:a1:f9:79:db:f9:
                    0c:ac:cb:62:47:01:12:2e:39:0d:d8:b2:5b:80:e9:
                    21:38:9f:ef:27:16:8e:87:85:52:c0:1a:68:85:72:
                    e9:2a:ef:0a:a1:89:25:64:5f:be:d0:1f:8d:54:f5:
                    58:2d:8c:74:ba:e4:33:73:15:da:ad:f1:25:cb:db:
                    ab:44:22:90:87:73:ff:e5:46:08:4f:28:20:45:44:
                    8b:76:33:20:7a:1f:97:20:19:59:97:8f:a4:3d:fa:
                    f1:a3:89:4c:fb:64:e0:bb:2b:95:3f:0b:54:ff:01:
                    31:f6:46:ee:47:27:92:ec:06:27:42:5b:80:2e:c3:
                    6d:1f:05:87:ca:c0:2b:15:7a:3e:fd:03:89:a2:49:
                    2c:d3:16:2b:5f:ea:85:d8:b2:80:f8:5b:00:b9:21:
                    33:b9:8c:96:04:58:d2:02:4f:e7:e8:d0:11:03:11:
                    fa:2c:87:82:23:b5:c0:52:d6:e8:ed:e3:6b:6a:02:
                    1c:ce:5c:9d:3d:ac:5f:46:06:18:58:90:e5:4c:96:
                    d0:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:0C:A4:8A:36:BD:6E:69:2B:15:78:C4:E1:E1:22:43:E2:2F:B8:CA
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/da0d0f1f-f82d-47bb-9ac7-ee09a51b3f2c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:500::/48

    Signature Algorithm: sha256WithRSAEncryption
         2f:03:8a:41:53:f3:ed:48:97:26:f0:a4:da:98:65:ca:9b:c2:
         fd:e1:02:d2:a4:5e:96:b6:ba:b0:ea:78:65:d2:a7:a8:33:5b:
         84:09:f6:ab:53:6b:92:3f:5d:26:30:7a:1d:10:f6:f9:3d:2e:
         be:a3:49:3f:33:db:2e:be:e9:59:8c:a1:23:d9:6a:69:2c:b1:
         26:f5:4a:04:42:fb:e0:90:c5:fc:d9:e9:d8:e3:87:44:c2:c8:
         d3:58:48:3d:33:39:5f:2a:89:22:51:f0:80:a8:48:93:45:1a:
         19:72:4c:da:bf:ba:86:54:a3:4d:69:95:87:25:97:0c:e1:90:
         24:7f:f1:39:c3:c2:18:a9:1e:43:19:99:0d:a5:a6:44:0e:77:
         34:f6:d9:30:40:57:5a:c6:93:a5:4c:bd:0e:2e:d4:7f:bc:bf:
         cd:34:01:69:eb:65:85:aa:c5:a9:07:29:8e:16:12:50:5c:20:
         51:ca:24:95:25:0b:18:60:98:76:37:0f:af:a6:a8:cf:b7:24:
         35:92:c9:dc:ad:4d:c6:b0:9e:82:f6:54:db:21:5b:d9:af:aa:
         f6:ca:4d:df:a1:05:cf:c8:d1:6f:41:be:a8:ae:6f:56:9f:66:
         1c:79:1e:75:6b:c3:fd:5b:7f:33:40:73:9d:f6:7b:66:4a:f0:
         9f:83:8a:66
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUa95WNkFs5HXPOnViqOa/OOCauSUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTA2MDAwMDAwWhcNMjUwMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A3NzFhOGZlZTNkNzBhZTlhNmMzMDIzZTYyYWVlYzJmYzk0
Njg1NThhYjgwMGIzMmYyZGRhYzlhYzBjNWY3NWI2MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDTS+Z/QIjchclFbrtToYpLQW1URWp6IE32QZZRT5yhFJ7m
5/wdzX0Pa9iJKexj8Jihq4OLKzih+Xnb+Qysy2JHARIuOQ3YsluA6SE4n+8nFo6H
hVLAGmiFcukq7wqhiSVkX77QH41U9VgtjHS65DNzFdqt8SXL26tEIpCHc//lRghP
KCBFRIt2MyB6H5cgGVmXj6Q9+vGjiUz7ZOC7K5U/C1T/ATH2Ru5HJ5LsBidCW4Au
w20fBYfKwCsVej79A4miSSzTFitf6oXYsoD4WwC5ITO5jJYEWNICT+fo0BEDEfos
h4IjtcBS1ujt42tqAhzOXJ09rF9GBhhYkOVMltARAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUVQykija9bmkrFXjE4eEiQ+IvuMowHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2RhMGQwZjFmLWY4MmQtNDdiYi05YWM3LWVlMDlhNTFiM2YyYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwBQAwDQYJKoZIhvcNAQELBQADggEBAC8DikFT8+1IlybwpNqYZcqb
wv3hAtKkXpa2urDqeGXSp6gzW4QJ9qtTa5I/XSYweh0Q9vk9Lr6jST8z2y6+6VmM
oSPZamkssSb1SgRC++CQxfzZ6djjh0TCyNNYSD0zOV8qiSJR8ICoSJNFGhlyTNq/
uoZUo01plYcllwzhkCR/8TnDwhipHkMZmQ2lpkQOdzT22TBAV1rGk6VMvQ4u1H+8
v800AWnrZYWqxakHKY4WElBcIFHKJJUlCxhgmHY3D6+mqM+3JDWSydytTcawnoL2
VNshW9mvqvbKTd+hBc/I0W9Bvqiub1afZhx5HnVrw/1bfzNAc532e2ZK8J+DimY=
-----END CERTIFICATE-----
Generated at Fri Jan 17 21:21:58 2025 by rpki-client on console-ams.rpki-client.org