Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/02e8e3cf-8157-4c2c-8460-90cdfb690289.roa
File:                     02e8e3cf-8157-4c2c-8460-90cdfb690289.roa (raw, json)
Hash identifier:          x6t2L1k+J6TW68k5GL2Nz+V6YeAedIJxc4I5lcHlW1Q=
Subject key identifier:   4E:83:6A:E2:BE:00:48:73:EE:A2:C8:AF:EF:75:82:76:8C:A8:40:BD
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       7BC16377635247EE154A4818A7702E8ADCD4E5E0
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/02e8e3cf-8157-4c2c-8460-90cdfb690289.roa
Signing time:             Sat 18 Mar 2023 00:00:00 +0000
ROA not before:           Sat 18 Mar 2023 00:00:00 +0000
ROA not after:            Sat 22 Apr 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000::/28 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Mar 2023 12:03:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:c1:63:77:63:52:47:ee:15:4a:48:18:a7:70:2e:8a:dc:d4:e5:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Mar 18 00:00:00 2023 GMT
            Not After : Apr 22 23:59:59 2023 GMT
        Subject: serialNumber=d8b7c315a023b8449f934b7fa21de13b68d64a70776e3cd8ee2562d4beb9b8c3, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8, OU=Amazon RPKI, O=Amazon.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:4f:35:03:65:39:99:dd:5f:ab:75:71:bc:8c:
                    28:60:df:1d:b9:ce:31:20:bf:54:a3:1e:be:bc:83:
                    8f:0f:8f:d4:95:fd:05:88:5a:0a:51:44:bd:73:9c:
                    48:d0:8c:04:9b:ae:80:b3:b9:57:2d:a2:39:94:7a:
                    4c:b1:90:ae:6b:19:78:58:65:d4:c3:67:62:50:08:
                    5b:35:69:7d:fd:73:70:f1:0b:19:ea:fa:12:c0:b7:
                    f3:69:9b:90:a8:2d:2d:49:4b:ad:3a:5d:4a:5b:3b:
                    b3:8f:c5:0e:31:46:fa:1a:2f:93:64:31:ca:94:14:
                    3d:41:7b:73:78:09:3c:c2:99:4a:e2:f7:f4:75:9e:
                    a8:26:93:e2:48:e7:06:50:a7:8b:cd:bd:9c:c0:77:
                    1b:f0:40:43:2b:8b:4c:92:b3:fa:69:bc:06:33:64:
                    5a:13:0b:a0:d1:6a:cd:b6:fd:27:38:7c:29:b3:cf:
                    43:71:ea:c9:b4:3d:9a:66:83:f7:fa:7a:59:03:66:
                    4c:5b:b9:64:6f:6e:05:9b:1a:ce:aa:33:61:3e:52:
                    15:82:a5:1b:89:b0:3e:93:64:ff:44:89:d7:91:a4:
                    59:dd:84:02:13:dd:49:2c:33:87:a0:7d:6d:52:16:
                    2f:96:f3:b4:e7:68:7f:f8:4e:a1:8e:c5:e3:ba:e0:
                    38:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                4E:83:6A:E2:BE:00:48:73:EE:A2:C8:AF:EF:75:82:76:8C:A8:40:BD
            X509v3 Authority Key Identifier: 
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/02e8e3cf-8157-4c2c-8460-90cdfb690289.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000::/28

    Signature Algorithm: sha256WithRSAEncryption
         bc:f9:cc:70:70:a5:88:07:36:13:e3:95:79:78:c2:2a:ea:1a:
         a7:30:9a:7b:ff:22:00:54:94:61:55:54:06:3a:77:b2:13:77:
         7d:44:5a:a8:92:28:13:65:27:ba:95:9a:2e:8e:bd:e2:48:53:
         bc:5c:60:99:d9:d9:a8:20:34:79:12:cb:e7:7f:3e:bc:df:99:
         eb:7c:68:8a:ef:72:29:08:dd:0d:37:73:8d:bb:0f:51:ce:cf:
         61:0f:b2:22:3d:46:50:81:3d:7d:9f:5f:2f:4f:de:70:18:38:
         6b:9e:48:a7:75:85:d2:5b:36:a6:89:0f:2d:95:e3:10:14:b9:
         87:2f:4c:61:2f:0a:67:c4:08:44:a4:fc:71:6f:26:79:c7:08:
         8d:53:bf:1c:21:76:5a:44:06:b9:30:2b:d3:da:41:54:26:0e:
         2f:a9:95:b8:4e:5f:c3:4f:07:0c:fc:53:ab:84:7e:ff:af:0a:
         3b:7c:02:fb:b5:c2:d4:03:e5:a6:9e:ff:b2:5b:42:57:e8:9e:
         13:51:34:27:15:4a:2c:24:1f:25:20:7c:32:c1:17:7b:0b:c4:
         88:40:07:5b:43:b0:76:57:40:77:74:35:60:62:a2:98:d2:d4:
         d5:6b:78:75:5f:1a:63:35:7e:a4:ab:ad:b9:8d:ad:34:25:d0:
         70:52:73:e4
-----BEGIN CERTIFICATE-----
MIIGJTCCBQ2gAwIBAgIUe8Fjd2NSR+4VSkgYp3AuitzU5eAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjMwMzE4MDAwMDAwWhcNMjMwNDIyMjM1OTU5
WjCBpTFJMEcGA1UEBRNAZDhiN2MzMTVhMDIzYjg0NDlmOTM0YjdmYTIxZGUxM2I2
OGQ2NGE3MDc3NmUzY2Q4ZWUyNTYyZDRiZWI5YjhjMzEtMCsGA1UEAxMkOWYyMzBm
YTktYWEyZi00MDIwLWFlMmEtMWE2MDM3NDA4NGI4MRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANVPNQNlOZndX6t1cbyMKGDfHbnOMSC/VKMevryDjw+P1JX9BYha
ClFEvXOcSNCMBJuugLO5Vy2iOZR6TLGQrmsZeFhl1MNnYlAIWzVpff1zcPELGer6
EsC382mbkKgtLUlLrTpdSls7s4/FDjFG+hovk2QxypQUPUF7c3gJPMKZSuL39HWe
qCaT4kjnBlCni829nMB3G/BAQyuLTJKz+mm8BjNkWhMLoNFqzbb9Jzh8KbPPQ3Hq
ybQ9mmaD9/p6WQNmTFu5ZG9uBZsazqozYT5SFYKlG4mwPpNk/0SJ15GkWd2EAhPd
SSwzh6B9bVIWL5bztOdof/hOoY7F47rgOCECAwEAAaOCArIwggKuMB0GA1UdDgQW
BBROg2rivgBIc+6iyK/vdYJ2jKhAvTAfBgNVHSMEGDAWgBTo88Ug4g7yXTq3oha7
FAQxajc48TAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvZjYw
YzlmMzItYTg3Yy00MzM5LWEyZjMtNjI5OWEzYjAyZTI5Lzk5ZjhmZWQyLTI5MmIt
NDcyMi1iOTI4LWZlZTdiZjBhNTkxMC81NTEyMDkwMjdmNWU3YWQ1NGUwNGYwNDJl
NGFjMGU5ZTY1YzU2ZTU1Yzc3NDc4ZDJjZS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9lNzUxOGFmNS1hMzQzLTQyOGQtYmY3OC1mOTgyYjZl
NjA1MDUvMDJlOGUzY2YtODE1Ny00YzJjLTg0NjAtOTBjZGZiNjkwMjg5LnJvYTCB
iAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1L1huclZUZ1R3UXVTc0RwNWx4VzVWeDNSNDBzNC5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMF
BCYAkAAwDQYJKoZIhvcNAQELBQADggEBALz5zHBwpYgHNhPjlXl4wirqGqcwmnv/
IgBUlGFVVAY6d7ITd31EWqiSKBNlJ7qVmi6OveJIU7xcYJnZ2aggNHkSy+d/Przf
met8aIrvcikI3Q03c427D1HOz2EPsiI9RlCBPX2fXy9P3nAYOGueSKd1hdJbNqaJ
Dy2V4xAUuYcvTGEvCmfECESk/HFvJnnHCI1TvxwhdlpEBrkwK9PaQVQmDi+plbhO
X8NPBwz8U6uEfv+vCjt8Avu1wtQD5aae/7JbQlfonhNRNCcVSiwkHyUgfDLBF3sL
xIhAB1tDsHZXQHd0NWBiopjS1NVreHVfGmM1fqSrrbmNrTQl0HBSc+Q=
-----END CERTIFICATE-----
Generated at Sat Mar 18 00:25:52 2023 by rpki-client on console-fra.rpki-client.org