Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f8738a51-4689-46b8-a472-d4d0afaca2d7.roa
File:                     f8738a51-4689-46b8-a472-d4d0afaca2d7.roa (raw, json)
Hash identifier:          x96Tbr4Jpk8ndmv6MjuF8NxXb0gVhoHM5tlRBwWoTEs=
Subject key identifier:   37:C3:1A:24:01:B6:BE:44:67:AD:6F:CC:09:5A:7B:19:29:09:D6:1D
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       20D7649CE271A8C4F54CF533098A27195BAE78F7
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f8738a51-4689-46b8-a472-d4d0afaca2d7.roa
Signing time:             Mon 30 Dec 2024 00:00:00 +0000
ROA not before:           Mon 30 Dec 2024 00:00:00 +0000
ROA not after:            Mon 03 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:4::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Jan 2025 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:d7:64:9c:e2:71:a8:c4:f5:4c:f5:33:09:8a:27:19:5b:ae:78:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Dec 30 00:00:00 2024 GMT
            Not After : Feb  3 23:59:59 2025 GMT
        Subject: serialNumber=1def73aa04c591c632fb8300acc1c0964fde50ff0c7f72cec4adc9336e2ae444, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:21:40:ad:c6:45:c1:23:ba:78:57:7d:71:a1:
                    00:4e:53:34:96:bf:f3:df:8e:1d:7b:4b:53:1b:4b:
                    df:c7:b9:a1:09:6d:1f:78:76:21:68:77:43:56:8e:
                    d0:1c:3e:8f:18:50:f0:20:b0:ca:2f:cb:ff:a4:0a:
                    c3:24:a7:f9:62:73:59:7e:c9:e2:f2:b4:39:19:cb:
                    f2:4c:44:9c:f7:49:a4:06:ea:be:e9:3e:90:0a:d1:
                    35:30:eb:50:af:60:31:25:a3:e1:69:ef:32:4e:43:
                    a9:81:fa:4f:11:e3:67:10:c0:51:9f:f0:8e:f7:7c:
                    3d:63:81:57:b2:24:d5:d7:fd:87:8f:7a:74:d5:cf:
                    b5:a1:64:f7:98:04:e3:06:d4:d3:85:4a:11:30:36:
                    54:68:ae:98:f3:56:29:b0:33:b7:4b:7e:d5:1a:43:
                    52:5d:1c:a3:66:fd:74:73:4c:17:47:2c:f5:b1:19:
                    1c:30:c6:b2:b6:4c:74:87:51:f7:1e:dc:6a:44:e2:
                    16:b0:e4:d5:34:0b:a7:e0:82:ef:ae:a0:82:39:2c:
                    59:e4:26:60:a9:c1:d2:70:19:84:0f:d2:c0:38:b3:
                    0f:c2:8d:02:70:26:8b:26:15:02:c3:c6:1d:5b:af:
                    73:6c:a1:98:36:19:25:85:25:e5:4e:0f:89:52:79:
                    c8:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:C3:1A:24:01:B6:BE:44:67:AD:6F:CC:09:5A:7B:19:29:09:D6:1D
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f8738a51-4689-46b8-a472-d4d0afaca2d7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:4::/48

    Signature Algorithm: sha256WithRSAEncryption
         06:99:2a:44:b7:e5:87:92:13:e7:38:e6:5d:2c:ee:73:7f:5c:
         ac:9d:4c:ae:2e:a9:2d:2b:60:95:41:d5:ad:a7:99:7a:7d:22:
         0c:a9:47:2f:00:02:b8:83:4f:de:3f:f7:99:70:85:8a:9a:9d:
         5d:81:92:38:4c:e6:e2:c7:3c:b8:1d:15:30:a5:64:37:07:b1:
         5e:bd:7c:b7:67:57:c0:8a:a0:ec:92:85:f0:32:2c:e9:54:cc:
         eb:be:3b:6a:1a:7c:87:c2:23:35:15:b3:40:12:dc:af:7f:28:
         cb:35:d8:80:a5:b2:0e:94:84:11:c6:78:6c:e9:36:7a:4a:d3:
         c4:a0:fb:e3:2a:50:d7:2d:1d:50:e8:ff:1d:e0:76:19:5b:68:
         58:11:94:cd:11:d7:0c:ee:51:41:39:40:f3:ee:e7:76:f9:c7:
         c4:9e:13:f3:e3:82:c5:dc:6c:ce:f1:43:65:ef:71:b8:ee:72:
         df:e0:6a:5f:30:c7:99:55:6b:9f:ac:61:2a:0d:d3:aa:5e:36:
         e3:7e:a0:1b:b9:60:a2:65:50:22:57:1f:71:ba:ec:f6:96:6a:
         54:ba:63:b7:7e:9a:3f:77:bc:c0:4e:b6:a3:fa:dd:7b:49:4c:
         b2:44:30:cf:12:87:90:27:ad:59:a4:a0:be:3b:f4:2b:32:03:
         68:11:aa:1f
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUINdknOJxqMT1TPUzCYonGVuuePcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjQxMjMwMDAwMDAwWhcNMjUwMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0AxZGVmNzNhYTA0YzU5MWM2MzJmYjgzMDBhY2MxYzA5NjRm
ZGU1MGZmMGM3ZjcyY2VjNGFkYzkzMzZlMmFlNDQ0MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2IUCtxkXBI7p4V31xoQBOUzSWv/Pfjh17S1MbS9/HuaEJ
bR94diFod0NWjtAcPo8YUPAgsMovy/+kCsMkp/lic1l+yeLytDkZy/JMRJz3SaQG
6r7pPpAK0TUw61CvYDElo+Fp7zJOQ6mB+k8R42cQwFGf8I73fD1jgVeyJNXX/YeP
enTVz7WhZPeYBOMG1NOFShEwNlRorpjzVimwM7dLftUaQ1JdHKNm/XRzTBdHLPWx
GRwwxrK2THSHUfce3GpE4haw5NU0C6fggu+uoII5LFnkJmCpwdJwGYQP0sA4sw/C
jQJwJosmFQLDxh1br3NsoZg2GSWFJeVOD4lSecjvAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUN8MaJAG2vkRnrW/MCVp7GSkJ1h0wHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2Y4NzM4YTUxLTQ2ODktNDZiOC1hNDcyLWQ0ZDBhZmFjYTJkNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwAAQwDQYJKoZIhvcNAQELBQADggEBAAaZKkS35YeSE+c45l0s7nN/
XKydTK4uqS0rYJVB1a2nmXp9IgypRy8AAriDT94/95lwhYqanV2BkjhM5uLHPLgd
FTClZDcHsV69fLdnV8CKoOyShfAyLOlUzOu+O2oafIfCIzUVs0AS3K9/KMs12ICl
sg6UhBHGeGzpNnpK08Sg++MqUNctHVDo/x3gdhlbaFgRlM0R1wzuUUE5QPPu53b5
x8SeE/PjgsXcbM7xQ2Xvcbjuct/gal8wx5lVa5+sYSoN06peNuN+oBu5YKJlUCJX
H3G67PaWalS6Y7d+mj93vMBOtqP63XtJTLJEMM8Sh5AnrVmkoL479CsyA2gRqh8=
-----END CERTIFICATE-----
Generated at Sat Jan 18 02:06:48 2025 by rpki-client on console-fra.rpki-client.org