Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/04ee03b7-12a6-41a9-a0ce-ab7e197d0ac3.roa
File:                     04ee03b7-12a6-41a9-a0ce-ab7e197d0ac3.roa (raw, json)
Hash identifier:          DkWzWTbj5LcS7eAp+62vYDHNpxMWYXYum6spaEGuQTc=
Subject key identifier:   48:B7:F0:F3:BF:B9:99:B3:3A:08:02:D4:1B:3F:F8:42:E6:2F:FF:18
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       45B7DEB4AEA3325643822F6178D532B1F71E82CB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/04ee03b7-12a6-41a9-a0ce-ab7e197d0ac3.roa
Signing time:             Mon 18 Mar 2024 00:00:00 +0000
ROA not before:           Mon 18 Mar 2024 00:00:00 +0000
ROA not after:            Mon 22 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        209.54.160.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:b7:de:b4:ae:a3:32:56:43:82:2f:61:78:d5:32:b1:f7:1e:82:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 18 00:00:00 2024 GMT
            Not After : Apr 22 23:59:59 2024 GMT
        Subject: serialNumber=f9d0e98b7ad9505242695f871926f300436bd52c12b64fc46292eb2c64616b3e, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:76:69:39:16:35:58:10:be:48:08:0d:b0:00:
                    2b:41:e8:9a:1e:81:86:ed:3d:45:c6:9d:34:b8:cf:
                    e6:6d:0f:10:32:b5:bd:5e:4b:6b:70:aa:ef:4c:ec:
                    e4:98:88:2e:a3:af:72:83:2b:fe:c1:1a:6b:5b:36:
                    42:64:1a:8a:91:94:27:d5:60:8f:1a:91:5b:c9:69:
                    43:01:5d:95:5c:fb:0b:8c:07:da:2f:00:e4:99:ad:
                    a6:85:a7:f2:73:2c:23:31:6d:aa:cb:b9:72:93:fb:
                    e2:d3:e1:f0:8f:a1:1d:6a:5a:94:47:89:40:b4:8a:
                    7c:e2:bc:6a:bc:12:b5:36:04:6c:56:13:b3:9a:55:
                    48:52:63:6e:05:fc:9d:48:32:17:88:19:4a:84:f5:
                    77:56:5a:3f:c2:70:dc:c8:6f:5f:ec:f7:d1:10:99:
                    66:04:4f:65:22:70:74:80:03:ab:5d:bf:70:0c:b2:
                    4d:51:f4:b0:21:84:36:6f:23:8f:29:56:79:c0:fb:
                    56:6b:d0:7b:44:7a:7c:54:0f:3a:e4:3b:51:fb:18:
                    c7:68:72:12:0f:0b:04:35:d1:60:bd:74:1a:ff:9f:
                    62:9b:d8:3b:a0:ed:35:43:bf:de:57:8a:0a:3c:4c:
                    d8:26:93:cc:ef:66:bb:1f:73:38:17:d9:03:d7:f9:
                    3b:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:B7:F0:F3:BF:B9:99:B3:3A:08:02:D4:1B:3F:F8:42:E6:2F:FF:18
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/04ee03b7-12a6-41a9-a0ce-ab7e197d0ac3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  209.54.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         d4:8d:54:52:71:35:d3:2e:4b:a3:ff:55:e1:91:32:15:db:28:
         24:b9:83:fd:32:3b:bd:94:d1:10:0a:8d:26:bb:34:79:3b:67:
         51:00:55:53:24:0a:c2:68:89:3e:ff:be:a1:ea:37:83:10:7e:
         d1:54:84:15:07:40:e1:e8:7c:37:a2:2c:1a:ab:9e:c5:96:8d:
         47:fa:24:8d:b1:18:5a:65:b5:fe:73:96:44:98:be:03:74:7c:
         28:4b:ff:a2:28:05:a4:a8:6e:db:e8:51:f1:ec:f2:d8:3c:e0:
         e3:ab:a2:25:56:81:ae:c9:96:b7:c9:a0:6e:df:e6:4d:99:f3:
         bc:fb:32:e8:2b:51:e1:f5:27:2d:11:74:46:02:46:d7:72:8d:
         22:fd:6c:a0:cf:ff:78:27:6e:17:4c:0a:0d:67:4d:6f:e8:b3:
         db:28:46:df:07:17:e7:ed:e7:0d:42:fa:4d:b2:e8:06:bc:10:
         9b:84:e2:1a:19:a5:85:98:09:95:1f:ce:ad:09:f9:7c:46:11:
         c3:1f:ec:8d:8d:a1:2d:4a:7f:cb:a8:42:8e:c5:7b:1e:e4:06:
         ed:a8:0f:22:78:df:13:bc:38:75:78:bf:e5:77:11:c3:60:55:
         4a:a7:3c:8e:69:f7:da:94:12:97:f6:56:35:da:e2:b2:06:10:
         85:d7:b9:b3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURbfetK6jMlZDgi9heNUysfcegsswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE4MDAwMDAwWhcNMjQwNDIyMjM1OTU5
WjB6MUkwRwYDVQQFE0BmOWQwZTk4YjdhZDk1MDUyNDI2OTVmODcxOTI2ZjMwMDQz
NmJkNTJjMTJiNjRmYzQ2MjkyZWIyYzY0NjE2YjNlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFdmk5FjVYEL5ICA2wACtB6JoegYbtPUXGnTS4z+ZtDxAy
tb1eS2twqu9M7OSYiC6jr3KDK/7BGmtbNkJkGoqRlCfVYI8akVvJaUMBXZVc+wuM
B9ovAOSZraaFp/JzLCMxbarLuXKT++LT4fCPoR1qWpRHiUC0inzivGq8ErU2BGxW
E7OaVUhSY24F/J1IMheIGUqE9XdWWj/CcNzIb1/s99EQmWYET2UicHSAA6tdv3AM
sk1R9LAhhDZvI48pVnnA+1Zr0HtEenxUDzrkO1H7GMdochIPCwQ10WC9dBr/n2Kb
2Dug7TVDv95Xigo8TNgmk8zvZrsfczgX2QPX+TvHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUSLfw87+5mbM6CALUGz/4QuYv/xgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzA0ZWUwM2I3LTEyYTYtNDFhOS1hMGNlLWFiN2UxOTdkMGFjMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAXRNqAwDQYJKoZIhvcNAQELBQADggEBANSNVFJxNdMuS6P/VeGRMhXbKCS5
g/0yO72U0RAKjSa7NHk7Z1EAVVMkCsJoiT7/vqHqN4MQftFUhBUHQOHofDeiLBqr
nsWWjUf6JI2xGFpltf5zlkSYvgN0fChL/6IoBaSobtvoUfHs8tg84OOroiVWga7J
lrfJoG7f5k2Z87z7MugrUeH1Jy0RdEYCRtdyjSL9bKDP/3gnbhdMCg1nTW/os9so
Rt8HF+ft5w1C+k2y6Aa8EJuE4hoZpYWYCZUfzq0J+XxGEcMf7I2NoS1Kf8uoQo7F
ex7kBu2oDyJ43xO8OHV4v+V3EcNgVUqnPI5p99qUEpf2VjXa4rIGEIXXubM=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:16:51 2024 by rpki-client on console-ams.rpki-client.org