Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ec42dc47-0cc9-474a-9470-19700f756d36.roa
File:                     ec42dc47-0cc9-474a-9470-19700f756d36.roa (raw, json)
Hash identifier:          stviDKs/zA+5LQ5ziquHCBWvv1UJE2jPFP4w1+1u3CE=
Subject key identifier:   71:38:C1:D0:6B:AB:0A:4A:03:C1:36:C0:F6:DC:CA:7B:7E:4A:B5:10
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       71D3C5C3539E7B1861F918F7487FEDD47C7F2419
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ec42dc47-0cc9-474a-9470-19700f756d36.roa
Signing time:             Mon 06 Jan 2025 00:00:00 +0000
ROA not before:           Mon 06 Jan 2025 00:00:00 +0000
ROA not after:            Mon 10 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0f0:551c::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Jan 2025 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:d3:c5:c3:53:9e:7b:18:61:f9:18:f7:48:7f:ed:d4:7c:7f:24:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jan  6 00:00:00 2025 GMT
            Not After : Feb 10 23:59:59 2025 GMT
        Subject: serialNumber=1df258453c3b555b0b6f283dc3d0658862143ed23f57c8d6671f24755811c86a, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:f5:66:b5:14:9f:92:2b:2e:10:c5:f3:6e:88:
                    b3:3f:ea:c0:e3:51:7c:f7:2b:60:6d:2f:cb:0d:15:
                    22:4a:2c:0b:84:f8:e7:80:b0:3d:f8:93:cf:27:35:
                    86:09:a1:3a:f3:4e:2c:9d:d5:9c:62:a9:89:bb:9c:
                    be:2f:64:e4:6c:77:91:fe:22:b7:e5:50:8e:ce:d6:
                    5f:8a:18:55:4a:23:91:e3:22:36:e0:81:36:80:e7:
                    94:57:2a:9d:2e:6c:a5:bb:3f:fa:75:42:d0:8a:f3:
                    c8:5e:92:ea:06:05:cb:7e:8a:89:8b:d1:7c:8a:cd:
                    16:3b:e2:80:ec:dd:59:d1:45:90:19:65:6c:43:82:
                    a0:91:74:39:92:66:e7:b9:c6:19:6d:1c:9f:e1:3c:
                    6a:67:19:a5:00:dc:20:c3:0a:52:7c:6c:bf:3c:00:
                    3f:d6:21:e3:7f:55:b8:86:8a:2a:d3:af:27:96:5e:
                    a6:9b:d2:10:a8:70:3f:7b:e3:b0:af:4a:0c:f8:a7:
                    12:85:33:8c:83:02:9c:e3:18:10:5e:44:97:aa:c5:
                    c5:67:3e:7e:91:72:42:e8:83:59:e0:ff:95:b8:2a:
                    47:f7:43:6f:b9:88:00:ff:60:93:4a:1f:56:89:18:
                    96:ff:31:29:a4:54:ec:b6:b0:ca:38:47:8f:ba:52:
                    c9:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:38:C1:D0:6B:AB:0A:4A:03:C1:36:C0:F6:DC:CA:7B:7E:4A:B5:10
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ec42dc47-0cc9-474a-9470-19700f756d36.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:551c::/48

    Signature Algorithm: sha256WithRSAEncryption
         72:12:ba:7e:30:b0:fa:b0:7c:14:d5:da:1a:81:1f:ac:08:dc:
         38:9d:f9:ec:77:49:c3:4a:1d:e6:9d:eb:5d:42:3a:50:ec:42:
         b4:71:ef:e4:0d:6b:13:e0:a3:3e:7b:b9:5c:5b:7c:d8:54:aa:
         42:7c:9f:93:b3:51:c2:f4:0c:e7:f1:b4:81:e6:8d:e7:b7:e9:
         9f:aa:ee:f0:5a:aa:8f:b6:62:92:2f:f4:14:3a:f3:f9:d1:0e:
         2b:47:d0:27:3a:5a:52:1e:57:8b:80:1a:61:e2:8c:f7:5d:59:
         83:d6:c8:b2:90:ba:69:30:0d:50:9f:ff:2b:80:a8:dd:2f:35:
         2c:8b:76:43:41:b7:14:3a:49:01:c5:fb:96:65:0a:c2:df:8d:
         4d:37:69:96:97:ee:37:ae:9e:ae:5e:94:4d:40:9d:71:36:d9:
         e2:1b:47:36:21:16:c0:bd:2c:7c:8e:61:96:fe:00:0e:d2:db:
         b8:82:c4:47:e5:02:08:44:4d:fa:25:26:a3:f2:73:87:c6:c4:
         f4:c8:49:3a:37:88:d7:c5:a0:ba:e3:0d:04:c4:c1:4b:5d:17:
         0c:bb:8a:08:91:fc:68:a1:e8:68:5b:33:2f:1a:dc:d1:9f:3a:
         06:53:d8:ee:b9:75:09:f0:d7:ed:11:b0:5b:a1:52:c9:17:23:
         01:07:ca:af
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUcdPFw1Oeexhh+Rj3SH/t1Hx/JBkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTA2MDAwMDAwWhcNMjUwMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AxZGYyNTg0NTNjM2I1NTViMGI2ZjI4M2RjM2QwNjU4ODYy
MTQzZWQyM2Y1N2M4ZDY2NzFmMjQ3NTU4MTFjODZhMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCs9Wa1FJ+SKy4QxfNuiLM/6sDjUXz3K2BtL8sNFSJKLAuE
+OeAsD34k88nNYYJoTrzTiyd1ZxiqYm7nL4vZORsd5H+IrflUI7O1l+KGFVKI5Hj
IjbggTaA55RXKp0ubKW7P/p1QtCK88hekuoGBct+iomL0XyKzRY74oDs3VnRRZAZ
ZWxDgqCRdDmSZue5xhltHJ/hPGpnGaUA3CDDClJ8bL88AD/WIeN/VbiGiirTryeW
Xqab0hCocD9747CvSgz4pxKFM4yDApzjGBBeRJeqxcVnPn6RckLog1ng/5W4Kkf3
Q2+5iAD/YJNKH1aJGJb/MSmkVOy2sMo4R4+6UsklAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUcTjB0GurCkoDwTbA9tzKe35KtRAwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2VjNDJkYzQ3LTBjYzktNDc0YS05NDcwLTE5NzAwZjc1NmQzNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVRwwDQYJKoZIhvcNAQELBQADggEBAHISun4wsPqwfBTV2hqBH6wI
3Did+ex3ScNKHead611COlDsQrRx7+QNaxPgoz57uVxbfNhUqkJ8n5OzUcL0DOfx
tIHmjee36Z+q7vBaqo+2YpIv9BQ68/nRDitH0Cc6WlIeV4uAGmHijPddWYPWyLKQ
umkwDVCf/yuAqN0vNSyLdkNBtxQ6SQHF+5ZlCsLfjU03aZaX7jeunq5elE1AnXE2
2eIbRzYhFsC9LHyOYZb+AA7S27iCxEflAghETfolJqPyc4fGxPTISTo3iNfFoLrj
DQTEwUtdFwy7igiR/Gih6GhbMy8a3NGfOgZT2O65dQnw1+0RsFuhUskXIwEHyq8=
-----END CERTIFICATE-----
Generated at Sat Jan 18 02:06:48 2025 by rpki-client on console-fra.rpki-client.org