Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/02e8e3cf-8157-4c2c-8460-90cdfb690289.roa
File:                     02e8e3cf-8157-4c2c-8460-90cdfb690289.roa (raw, json)
Hash identifier:          M9COd+vD0pYXiaV5CtRKCPyQbJTcNqdARFlB2NdGVuU=
Subject key identifier:   B0:FF:56:FA:B1:75:65:20:F9:FB:0C:C7:C0:E3:E1:24:AC:B1:73:E3
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       76EBB1DC518B88BEC513CDFE04E74FD3E4B96DAA
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/02e8e3cf-8157-4c2c-8460-90cdfb690289.roa
Signing time:             Mon 23 Sep 2024 00:00:00 +0000
ROA not before:           Mon 23 Sep 2024 00:00:00 +0000
ROA not after:            Mon 28 Oct 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000::/28 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 12 Oct 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:eb:b1:dc:51:8b:88:be:c5:13:cd:fe:04:e7:4f:d3:e4:b9:6d:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Sep 23 00:00:00 2024 GMT
            Not After : Oct 28 23:59:59 2024 GMT
        Subject: serialNumber=e80049b549de1280ca184181c7077d5a78c0a998003c25a2a19838df9ab6571b, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:38:d0:dd:f5:15:a8:d5:52:ac:6f:d8:95:23:
                    17:25:77:ef:8e:c4:89:b0:7b:8d:65:c9:57:78:56:
                    3e:bb:e7:be:74:4b:72:5d:3d:3d:6a:d3:5e:f8:a5:
                    d4:ce:21:74:ed:2f:81:24:5a:f9:3b:88:66:6a:e0:
                    b5:d6:75:17:c1:a3:93:bd:0d:94:d1:bc:57:43:65:
                    2c:08:da:79:7d:97:10:93:a5:45:f8:80:b8:10:81:
                    dc:99:97:68:56:b1:19:eb:a2:b4:4c:03:cf:0b:32:
                    76:a2:66:10:58:27:b1:fd:00:c4:05:23:e2:8c:c4:
                    b8:b7:6b:04:44:b8:41:21:76:f2:cf:4b:3e:3c:16:
                    1f:c7:7e:d4:87:f9:05:a3:39:e9:69:99:84:a6:c5:
                    4c:fd:64:ca:0b:02:c5:a1:6d:26:16:da:f8:6b:b7:
                    9b:68:a6:e0:ab:dc:a9:31:69:db:12:8e:aa:4d:9e:
                    db:de:0b:dc:28:eb:95:e1:4f:b4:97:37:c6:2f:f6:
                    8f:7d:ad:71:de:9f:3e:cf:74:34:72:9b:d9:db:8a:
                    e1:95:ec:27:06:28:97:af:c7:5e:7a:34:d0:45:72:
                    9d:9f:dc:14:3d:4a:b0:c3:cf:02:34:00:71:8d:f7:
                    ba:3f:5f:b2:7f:c0:92:85:ff:84:60:e0:91:1e:4b:
                    ff:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:FF:56:FA:B1:75:65:20:F9:FB:0C:C7:C0:E3:E1:24:AC:B1:73:E3
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/02e8e3cf-8157-4c2c-8460-90cdfb690289.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000::/28

    Signature Algorithm: sha256WithRSAEncryption
         72:b4:ca:bc:8c:21:02:11:e9:94:8e:df:be:29:79:d6:f7:23:
         28:73:c4:f6:5a:50:bc:e4:cc:20:83:d7:1a:53:40:0a:2b:95:
         30:f8:af:4f:6c:c4:99:96:9d:b0:95:2a:d5:8e:94:40:8e:c4:
         93:4e:9b:8e:32:a0:6f:99:78:b7:b9:bb:ef:31:62:69:04:d1:
         cf:a0:78:b9:81:de:0a:38:76:f0:e0:7b:3a:ef:24:de:18:49:
         b9:d8:8c:5e:ac:81:d9:3f:11:82:93:57:c3:cf:6e:e2:b2:d1:
         8d:ea:9e:66:ef:0e:8a:3a:5c:f5:cf:fe:36:43:bb:ce:40:b9:
         76:3c:65:b8:c9:d3:84:4a:17:21:52:1c:80:7f:e1:d8:d9:40:
         72:f3:46:ca:4a:87:49:f4:33:3f:46:3e:f7:d1:55:56:d6:97:
         ee:fc:37:e2:c9:fc:25:1a:57:5c:78:e6:83:b7:3c:92:49:20:
         2f:3c:d6:7e:0e:e5:bf:aa:3e:85:7c:d2:d6:81:ff:50:14:03:
         44:0f:f0:a6:89:3c:fa:dc:f1:bf:e4:24:c0:d2:78:72:98:a5:
         85:f8:fb:ac:5d:72:2d:87:12:bf:6d:22:12:bf:5a:3f:29:f5:
         57:23:3f:df:c0:d2:e7:24:bd:37:ee:97:03:77:32:c4:7d:a6:
         d5:01:5d:61
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIUduux3FGLiL7FE83+BOdP0+S5baowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjQwOTIzMDAwMDAwWhcNMjQxMDI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BlODAwNDliNTQ5ZGUxMjgwY2ExODQxODFjNzA3N2Q1YTc4
YzBhOTk4MDAzYzI1YTJhMTk4MzhkZjlhYjY1NzFiMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDUONDd9RWo1VKsb9iVIxcld++OxImwe41lyVd4Vj675750
S3JdPT1q0174pdTOIXTtL4EkWvk7iGZq4LXWdRfBo5O9DZTRvFdDZSwI2nl9lxCT
pUX4gLgQgdyZl2hWsRnrorRMA88LMnaiZhBYJ7H9AMQFI+KMxLi3awREuEEhdvLP
Sz48Fh/HftSH+QWjOelpmYSmxUz9ZMoLAsWhbSYW2vhrt5topuCr3KkxadsSjqpN
ntveC9wo65XhT7SXN8Yv9o99rXHenz7PdDRym9nbiuGV7CcGKJevx156NNBFcp2f
3BQ9SrDDzwI0AHGN97o/X7J/wJKF/4Rg4JEeS/8XAgMBAAGjggKyMIICrjAdBgNV
HQ4EFgQUsP9W+rF1ZSD5+wzHwOPhJKyxc+MwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzAyZThlM2NmLTgxNTctNGMyYy04NDYwLTkwY2RmYjY5MDI4OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC
MAcDBQQmAJAAMA0GCSqGSIb3DQEBCwUAA4IBAQBytMq8jCECEemUjt++KXnW9yMo
c8T2WlC85Mwgg9caU0AKK5Uw+K9PbMSZlp2wlSrVjpRAjsSTTpuOMqBvmXi3ubvv
MWJpBNHPoHi5gd4KOHbw4Hs67yTeGEm52IxerIHZPxGCk1fDz27istGN6p5m7w6K
Olz1z/42Q7vOQLl2PGW4ydOEShchUhyAf+HY2UBy80bKSodJ9DM/Rj730VVW1pfu
/DfiyfwlGldceOaDtzySSSAvPNZ+DuW/qj6FfNLWgf9QFANED/CmiTz63PG/5CTA
0nhymKWF+PusXXIthxK/bSISv1o/KfVXIz/fwNLnJL037pcDdzLEfabVAV1h
-----END CERTIFICATE-----
Generated at Fri Oct 11 01:48:42 2024 by rpki-client on console-ams.rpki-client.org