Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/80d0e2ea-6a97-4531-ba66-c7d4d4ee82a7.roa
File:                     80d0e2ea-6a97-4531-ba66-c7d4d4ee82a7.roa (raw, json)
Hash identifier:          fFft/1DJRNRCVM186nO55wzV1C77KPrGrbNoMcN5OLM=
Subject key identifier:   8E:15:FC:11:3B:82:E6:89:14:37:44:A5:9C:38:78:72:1E:85:8F:76
Certificate issuer:       /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial:       470828EF7B68EF0B4FF6BAD865DC497D33761444
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/80d0e2ea-6a97-4531-ba66-c7d4d4ee82a7.roa
Signing time:             Sat 25 Mar 2023 00:00:00 +0000
ROA not before:           Sat 25 Mar 2023 00:00:00 +0000
ROA not after:            Sat 29 Apr 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        2606:8140::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 27 Mar 2023 04:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:08:28:ef:7b:68:ef:0b:4f:f6:ba:d8:65:dc:49:7d:33:76:14:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
        Validity
            Not Before: Mar 25 00:00:00 2023 GMT
            Not After : Apr 29 23:59:59 2023 GMT
        Subject: serialNumber=4fd0356e3191f5b850df9232e22f213cc6c391a8831412231673a65c1c73e690, CN=8cd8442f-235f-4171-84e6-8e1007a64c60, OU=Amazon RPKI, O=Amazon.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:49:b2:3a:76:4c:0f:7e:cb:d2:39:9c:a2:15:
                    a5:21:68:6c:23:2b:4b:fb:3d:05:2b:05:8b:ec:67:
                    6a:66:9c:93:84:79:14:ff:3a:97:ee:b3:73:0c:e0:
                    57:cb:d3:4c:41:2d:15:61:ed:46:68:97:14:2e:54:
                    46:37:76:18:b4:6a:68:b8:c9:a7:3d:b6:c7:2f:20:
                    e8:03:e1:bf:7f:66:44:cb:2a:41:35:42:6f:76:87:
                    cc:5d:df:85:fd:77:12:20:a9:db:7b:61:84:20:cb:
                    48:63:f1:77:9b:ff:aa:d2:bb:13:73:b3:97:6b:86:
                    e9:15:d8:90:f5:2a:22:fb:ba:92:84:c1:6e:cb:43:
                    c3:a2:04:0e:6c:9f:ba:ab:2c:c9:a2:7a:eb:ac:c0:
                    a1:0a:39:97:13:21:a7:48:18:1b:72:40:79:29:68:
                    6c:27:e2:76:95:f5:5e:d9:3c:d9:a1:ec:7f:fd:39:
                    dd:fa:1f:e2:1e:8e:a2:98:63:32:7b:8d:d6:85:78:
                    ce:82:99:db:5f:8b:f3:f1:14:bd:ec:8d:75:3a:c1:
                    6c:c5:58:fd:cf:a7:8f:ac:13:20:79:56:a4:6d:a5:
                    cd:ed:cd:59:8c:4a:c2:a8:04:08:ac:a0:50:62:34:
                    91:74:de:c1:e4:66:d5:68:07:0b:01:8d:33:91:79:
                    fa:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                8E:15:FC:11:3B:82:E6:89:14:37:44:A5:9C:38:78:72:1E:85:8F:76
            X509v3 Authority Key Identifier: 
                keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/80d0e2ea-6a97-4531-ba66-c7d4d4ee82a7.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2606:8140::/32

    Signature Algorithm: sha256WithRSAEncryption
         07:1b:72:1e:26:d6:9a:8d:07:b5:5b:e0:de:0e:bd:c8:b6:cd:
         a4:e6:ba:87:9e:bd:4e:76:4e:c9:93:28:64:53:00:a7:f6:94:
         0f:06:ee:49:1e:be:b2:d1:ed:19:0d:59:6b:79:53:60:9c:78:
         ed:86:7f:c2:d9:9a:11:81:69:83:3a:d2:75:53:4f:2a:bc:3d:
         e9:c8:39:24:af:32:6e:0d:f8:c4:0a:8a:ac:14:c8:89:74:71:
         96:ad:36:62:e4:1e:7d:e1:21:19:d4:8f:ca:7d:ba:fc:f0:44:
         2b:3d:6a:b9:24:4f:2c:fd:92:02:72:31:57:86:44:cd:7a:d5:
         fc:ad:65:57:cc:50:86:2a:be:41:aa:0e:e0:30:36:9f:1c:f0:
         d6:12:52:75:7d:d6:dc:30:44:74:48:10:e2:1e:90:1c:89:af:
         53:ca:79:df:85:14:58:dd:20:2b:3d:b4:45:6b:5d:0a:f1:ae:
         34:16:ac:6f:75:40:98:0d:8f:50:58:a1:ad:38:ba:57:86:a1:
         bb:84:07:81:b2:59:c7:2f:34:37:98:82:d2:28:5f:c4:03:72:
         f0:dc:09:76:45:28:72:95:c0:a9:3b:19:ab:43:ce:74:99:18:
         49:e4:56:e3:48:b5:6c:4f:39:45:6d:39:c5:c9:4f:68:32:f5:
         0c:58:ba:ff
-----BEGIN CERTIFICATE-----
MIIGJTCCBQ2gAwIBAgIURwgo73to7wtP9rrYZdxJfTN2FEQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjMwMzI1MDAwMDAwWhcNMjMwNDI5MjM1OTU5
WjCBpTFJMEcGA1UEBRNANGZkMDM1NmUzMTkxZjViODUwZGY5MjMyZTIyZjIxM2Nj
NmMzOTFhODgzMTQxMjIzMTY3M2E2NWMxYzczZTY5MDEtMCsGA1UEAxMkOGNkODQ0
MmYtMjM1Zi00MTcxLTg0ZTYtOGUxMDA3YTY0YzYwMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALRJsjp2TA9+y9I5nKIVpSFobCMrS/s9BSsFi+xnamack4R5FP86
l+6zcwzgV8vTTEEtFWHtRmiXFC5URjd2GLRqaLjJpz22xy8g6APhv39mRMsqQTVC
b3aHzF3fhf13EiCp23thhCDLSGPxd5v/qtK7E3Ozl2uG6RXYkPUqIvu6koTBbstD
w6IEDmyfuqssyaJ666zAoQo5lxMhp0gYG3JAeSlobCfidpX1Xtk82aHsf/053fof
4h6OophjMnuN1oV4zoKZ21+L8/EUveyNdTrBbMVY/c+nj6wTIHlWpG2lze3NWYxK
wqgECKygUGI0kXTeweRm1WgHCwGNM5F5+nsCAwEAAaOCArIwggKuMB0GA1UdDgQW
BBSOFfwRO4LmiRQ3RKWcOHhyHoWPdjAfBgNVHSMEGDAWgBRqzD59oudtmREP1jnE
E35CQplw2DAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzY3NTU5NzBjLTQ3NDct
NDk5ZC05Nzc0LTVlMTMwOGM1MDFhNy85YWIwMTVmMzgyNmUwMTM1MTJhNDUyOThh
NDJmMmJhYmExZmE3MmY4ZDI3OTM4ODc4Yy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9lNzJkOGRiMC00NzI4LTRmYzEtYmRkOC00NzExMjk4
NjYzNjIvODBkMGUyZWEtNmE5Ny00NTMxLWJhNjYtYzdkNGQ0ZWU4MmE3LnJvYTCB
iAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyL2JnRTFFcVJTbUtRdks2dWgtbkw0MG5rNGg0dy5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMF
ACYGgUAwDQYJKoZIhvcNAQELBQADggEBAAcbch4m1pqNB7Vb4N4Ovci2zaTmuoee
vU52TsmTKGRTAKf2lA8G7kkevrLR7RkNWWt5U2CceO2Gf8LZmhGBaYM60nVTTyq8
PenIOSSvMm4N+MQKiqwUyIl0cZatNmLkHn3hIRnUj8p9uvzwRCs9arkkTyz9kgJy
MVeGRM161fytZVfMUIYqvkGqDuAwNp8c8NYSUnV91twwRHRIEOIekByJr1PKed+F
FFjdICs9tEVrXQrxrjQWrG91QJgNj1BYoa04uleGobuEB4GyWccvNDeYgtIoX8QD
cvDcCXZFKHKVwKk7GatDznSZGEnkVuNItWxPOUVtOcXJT2gy9QxYuv8=
-----END CERTIFICATE-----
Generated at Sat Mar 25 16:22:28 2023 by rpki-client on console-fra.rpki-client.org