Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/05d88e44-7886-4bc4-8a60-059ab296355e.roa
File:                     05d88e44-7886-4bc4-8a60-059ab296355e.roa (raw, json)
Hash identifier:          NSM+081fBXjfc8acbq6IR7p9ZeSC2Ug/UjOO2WCUFW4=
Subject key identifier:   79:C1:37:35:B7:DF:66:81:D9:6D:0C:3E:79:6B:CC:D0:A5:53:28:CD
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5FFE9A04E1717C7CEAF3D51B63A32C89D4E8361C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/05d88e44-7886-4bc4-8a60-059ab296355e.roa
Signing time:             Tue 03 Dec 2024 00:00:00 +0000
ROA not before:           Tue 03 Dec 2024 00:00:00 +0000
ROA not after:            Tue 07 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.82.152.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 11 Dec 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:fe:9a:04:e1:71:7c:7c:ea:f3:d5:1b:63:a3:2c:89:d4:e8:36:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec  3 00:00:00 2024 GMT
            Not After : Jan  7 23:59:59 2025 GMT
        Subject: serialNumber=ba9845cf17b0e576b34afe37b07aa58ab456895e8a486c0dff119fd594206a73, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:c9:dd:3f:d7:fb:84:cc:67:5d:8c:e9:d1:a3:
                    e6:99:49:53:c7:b3:84:da:45:d0:97:b1:c6:90:a5:
                    b6:bb:93:3c:88:73:e0:84:1f:92:d8:ab:c0:fc:7b:
                    2c:a7:66:96:f1:37:ce:e5:06:d1:44:f4:6c:b3:e5:
                    3b:10:72:04:1f:db:05:25:e2:99:7a:1c:16:9b:bd:
                    3f:88:2c:d2:8a:30:75:5f:01:c4:1d:ea:83:2a:e7:
                    4e:fa:f1:4d:33:d9:ab:d5:cc:9d:c3:6b:05:42:fa:
                    e0:f5:f3:08:60:aa:56:e1:8d:cb:8b:f5:e1:86:76:
                    e1:d6:db:ee:8d:09:ac:d2:05:29:0d:f2:30:2c:20:
                    6d:28:92:53:a0:0c:5f:33:e5:53:a3:65:70:d5:e9:
                    e6:40:91:08:90:e0:c9:f3:77:f1:d0:f3:12:55:61:
                    3e:9e:2d:50:97:a4:90:b9:e4:a2:5b:3c:f0:95:52:
                    91:91:8a:5b:ac:d2:80:0a:90:7a:8f:84:44:2c:19:
                    62:2e:fa:46:15:4c:9f:55:23:cd:58:ec:ec:f3:35:
                    49:5b:17:ca:28:f6:c2:c2:8d:ed:54:64:2c:fb:55:
                    df:c2:3a:49:59:55:b6:4b:70:46:0e:11:4f:8c:9d:
                    83:36:b1:13:f6:d9:d5:5e:b6:16:5c:a6:73:e3:45:
                    f1:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:C1:37:35:B7:DF:66:81:D9:6D:0C:3E:79:6B:CC:D0:A5:53:28:CD
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/05d88e44-7886-4bc4-8a60-059ab296355e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.82.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1a:c7:7f:1b:38:70:e5:ad:6f:fd:87:eb:f4:2f:4e:53:47:73:
         1c:79:c4:b2:e6:54:22:a8:86:5e:ec:63:8c:9d:e3:ab:87:3c:
         4a:ec:12:77:79:40:a5:bd:74:a4:86:74:c1:3d:53:73:b9:ef:
         ac:53:2f:eb:dd:c2:01:a2:a4:06:27:eb:b9:ef:c9:d0:71:19:
         c5:0b:ad:56:d3:0f:82:a4:6e:dc:ab:39:89:0e:e4:72:81:52:
         9e:cb:e0:90:6c:da:aa:13:1e:c3:d0:d3:ad:bc:1c:c5:b8:f9:
         36:5a:3c:ad:a7:85:01:d5:cd:25:db:ee:25:91:ac:4c:d5:b2:
         f8:58:84:93:60:0d:a2:c0:cb:eb:d5:57:31:10:d2:ca:fb:79:
         ca:7a:3f:7d:95:e8:35:64:ae:28:89:0d:ad:12:39:b1:a2:b4:
         9e:62:93:f9:82:5d:ef:f9:07:63:85:6f:63:62:af:65:92:94:
         d2:65:b0:4d:be:e1:25:b5:2f:b7:1f:49:a7:40:2f:42:23:8a:
         44:90:3e:95:59:ba:3e:c0:a5:9c:14:3f:ea:0d:69:ed:3c:a3:
         ad:1a:87:76:1a:09:2a:dc:0c:a8:df:6a:7a:d1:4b:a8:3a:a4:
         8b:bb:61:fd:24:f5:ff:bb:4e:75:f8:18:d0:9e:13:a9:5e:1e:
         9d:0c:6b:2e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUX/6aBOFxfHzq89UbY6MsidToNhwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAzMDAwMDAwWhcNMjUwMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BiYTk4NDVjZjE3YjBlNTc2YjM0YWZlMzdiMDdhYTU4YWI0
NTY4OTVlOGE0ODZjMGRmZjExOWZkNTk0MjA2YTczMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDHyd0/1/uEzGddjOnRo+aZSVPHs4TaRdCXscaQpba7kzyI
c+CEH5LYq8D8eyynZpbxN87lBtFE9Gyz5TsQcgQf2wUl4pl6HBabvT+ILNKKMHVf
AcQd6oMq50768U0z2avVzJ3DawVC+uD18whgqlbhjcuL9eGGduHW2+6NCazSBSkN
8jAsIG0oklOgDF8z5VOjZXDV6eZAkQiQ4Mnzd/HQ8xJVYT6eLVCXpJC55KJbPPCV
UpGRilus0oAKkHqPhEQsGWIu+kYVTJ9VI81Y7OzzNUlbF8oo9sLCje1UZCz7Vd/C
OklZVbZLcEYOEU+MnYM2sRP22dVethZcpnPjRfHDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUecE3NbffZoHZbQw+eWvM0KVTKM0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzA1ZDg4ZTQ0LTc4ODYtNGJjNC04YTYwLTA1OWFiMjk2MzU1ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJjUpgwDQYJKoZIhvcNAQELBQADggEBABrHfxs4cOWtb/2H6/QvTlNHcxx5
xLLmVCKohl7sY4yd46uHPErsEnd5QKW9dKSGdME9U3O576xTL+vdwgGipAYn67nv
ydBxGcULrVbTD4KkbtyrOYkO5HKBUp7L4JBs2qoTHsPQ0628HMW4+TZaPK2nhQHV
zSXb7iWRrEzVsvhYhJNgDaLAy+vVVzEQ0sr7ecp6P32V6DVkriiJDa0SObGitJ5i
k/mCXe/5B2OFb2Nir2WSlNJlsE2+4SW1L7cfSadAL0IjikSQPpVZuj7ApZwUP+oN
ae08o60ah3YaCSrcDKjfanrRS6g6pIu7Yf0k9f+7TnX4GNCeE6leHp0May4=
-----END CERTIFICATE-----
Generated at Tue Dec 10 06:24:40 2024 by rpki-client on console-ams.rpki-client.org