Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/277fb1fb-3655-4c68-80f2-1f4160a003be.roa
File:                     277fb1fb-3655-4c68-80f2-1f4160a003be.roa (raw, json)
Hash identifier:          DJD0wQyy62+69I2dP8jow+kNeSihXJjhvEJ7/qY5sB8=
Subject key identifier:   D1:A0:29:60:9E:0D:2F:D1:BB:99:DC:C0:35:1B:F6:72:9B:56:AA:85
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       7F7B950FEEE5022CCA9946BF9E835D3082E007C5
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/277fb1fb-3655-4c68-80f2-1f4160a003be.roa
Signing time:             Mon 25 Nov 2024 00:00:00 +0000
ROA not before:           Mon 25 Nov 2024 00:00:00 +0000
ROA not after:            Mon 30 Dec 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:398::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 11 Dec 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:7b:95:0f:ee:e5:02:2c:ca:99:46:bf:9e:83:5d:30:82:e0:07:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Nov 25 00:00:00 2024 GMT
            Not After : Dec 30 23:59:59 2024 GMT
        Subject: serialNumber=8d6db8dbac998b856d57c77342271d82697f7b29fb7e5b19d223759abe026bf4, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:28:46:56:23:31:47:80:01:df:8b:2b:37:12:
                    46:d9:23:49:03:11:2f:3f:28:51:2a:83:92:b9:92:
                    96:1b:38:61:36:4a:d4:8d:b9:88:bd:58:fd:aa:36:
                    e7:46:81:e1:49:9a:24:e2:2d:2a:f1:33:1a:28:39:
                    dc:8b:b2:5d:ef:e8:0c:71:79:d8:58:16:5a:e4:b2:
                    55:6c:09:91:a0:5d:8b:70:d6:76:22:e1:b5:92:6b:
                    a3:4d:7f:6c:d7:03:eb:d9:0c:5e:cc:16:41:69:59:
                    02:c4:37:e1:3e:db:d9:65:b8:54:b0:87:d7:1f:45:
                    89:aa:a7:cd:26:20:51:e2:c8:cb:2e:23:84:dd:c0:
                    51:38:32:da:4f:24:d8:7d:c7:97:fc:56:f9:f4:25:
                    ff:b8:90:9b:a0:61:e7:5b:c2:e3:56:55:6f:2a:e8:
                    3e:0a:74:87:ef:94:79:ac:20:d2:a2:8e:bc:e1:23:
                    2c:2a:13:6c:1a:f9:e1:9f:9a:7e:24:e0:47:36:11:
                    a2:63:9d:70:a1:36:a8:de:32:7d:1f:f2:94:f6:ab:
                    6b:b2:7f:5b:86:12:a4:49:01:27:af:89:65:ae:26:
                    21:b0:c6:9f:22:06:08:a8:dc:83:04:58:93:7f:2a:
                    f4:e1:07:17:91:6c:83:79:fa:9b:9f:fc:7c:c0:e3:
                    3e:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:A0:29:60:9E:0D:2F:D1:BB:99:DC:C0:35:1B:F6:72:9B:56:AA:85
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/277fb1fb-3655-4c68-80f2-1f4160a003be.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:398::/48

    Signature Algorithm: sha256WithRSAEncryption
         62:b7:4f:44:96:9d:24:a8:3c:ed:c3:05:59:8b:d6:73:f9:c4:
         94:bb:5f:2a:44:05:d8:21:6d:f5:ec:2d:f1:56:e2:14:0c:64:
         1b:1c:eb:e2:f9:aa:34:6c:6b:38:b3:c2:a2:d7:aa:17:5d:3f:
         e5:25:c9:e6:48:c8:f6:8e:7d:2a:79:29:b9:67:23:02:c3:2f:
         a6:4c:80:0c:02:57:06:39:c4:a4:b7:0d:a4:64:fd:4e:ae:4a:
         03:d3:e2:89:66:da:35:8d:4f:77:cc:d8:db:87:3b:b1:c5:4f:
         7e:0f:ff:82:88:1e:e2:ba:f5:63:0e:cd:2e:b5:45:60:0c:e1:
         d1:0b:49:d5:ab:14:e1:4b:2e:4c:67:39:65:09:ca:0a:4b:06:
         23:ec:58:d8:4e:73:e4:87:0f:19:b1:d9:ea:96:81:3a:05:a8:
         f5:f2:90:7f:33:98:64:89:54:f8:da:57:9a:b0:06:dd:b2:8a:
         ee:3d:1e:47:a7:28:d0:01:1a:e5:48:be:cf:61:91:f9:a2:32:
         77:56:f0:ba:99:56:76:76:87:e8:ba:da:2d:60:c9:5c:87:28:
         c7:d9:2d:d9:32:08:bd:96:14:9c:fd:a2:dc:2e:3b:bb:31:ec:
         79:97:05:f0:56:9f:4f:09:ac:d0:8f:08:08:97:ff:71:bd:42:
         56:a5:91:83
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUf3uVD+7lAizKmUa/noNdMILgB8UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjQxMTI1MDAwMDAwWhcNMjQxMjMwMjM1OTU5
WjB6MUkwRwYDVQQFE0A4ZDZkYjhkYmFjOTk4Yjg1NmQ1N2M3NzM0MjI3MWQ4MjY5
N2Y3YjI5ZmI3ZTViMTlkMjIzNzU5YWJlMDI2YmY0MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC6KEZWIzFHgAHfiys3EkbZI0kDES8/KFEqg5K5kpYbOGE2
StSNuYi9WP2qNudGgeFJmiTiLSrxMxooOdyLsl3v6AxxedhYFlrkslVsCZGgXYtw
1nYi4bWSa6NNf2zXA+vZDF7MFkFpWQLEN+E+29lluFSwh9cfRYmqp80mIFHiyMsu
I4TdwFE4MtpPJNh9x5f8Vvn0Jf+4kJugYedbwuNWVW8q6D4KdIfvlHmsINKijrzh
IywqE2wa+eGfmn4k4Ec2EaJjnXChNqjeMn0f8pT2q2uyf1uGEqRJASeviWWuJiGw
xp8iBgio3IMEWJN/KvThBxeRbIN5+puf/HzA4z4FAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU0aApYJ4NL9G7mdzANRv2cptWqoUwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzI3N2ZiMWZiLTM2NTUtNGM2OC04MGYyLTFmNDE2MGEwMDNiZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzAA5gwDQYJKoZIhvcNAQELBQADggEBAGK3T0SWnSSoPO3DBVmL1nP5
xJS7XypEBdghbfXsLfFW4hQMZBsc6+L5qjRsazizwqLXqhddP+UlyeZIyPaOfSp5
KblnIwLDL6ZMgAwCVwY5xKS3DaRk/U6uSgPT4olm2jWNT3fM2NuHO7HFT34P/4KI
HuK69WMOzS61RWAM4dELSdWrFOFLLkxnOWUJygpLBiPsWNhOc+SHDxmx2eqWgToF
qPXykH8zmGSJVPjaV5qwBt2yiu49HkenKNABGuVIvs9hkfmiMndW8LqZVnZ2h+i6
2i1gyVyHKMfZLdkyCL2WFJz9otwuO7sx7HmXBfBWn08JrNCPCAiX/3G9QlalkYM=
-----END CERTIFICATE-----
Generated at Tue Dec 10 12:12:25 2024 by rpki-client on console-ams.rpki-client.org