Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0c291b4f-86c8-4a6c-9072-9ef46069d3a8.roa
File:                     0c291b4f-86c8-4a6c-9072-9ef46069d3a8.roa (raw, json)
Hash identifier:          huyjighhjB/mr6zZ3U4/6rSt5XGMr7brtmJu76P3+kw=
Subject key identifier:   66:EA:6F:1A:D0:93:2F:BE:74:A7:2B:1F:FF:B7:58:0C:C2:B5:38:A1
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5C691E1048AB990650432DD43AC110DF097D0F3D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0c291b4f-86c8-4a6c-9072-9ef46069d3a8.roa
Signing time:             Tue 03 Dec 2024 00:00:00 +0000
ROA not before:           Tue 03 Dec 2024 00:00:00 +0000
ROA not after:            Tue 07 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        64.252.73.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 07 Dec 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:69:1e:10:48:ab:99:06:50:43:2d:d4:3a:c1:10:df:09:7d:0f:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec  3 00:00:00 2024 GMT
            Not After : Jan  7 23:59:59 2025 GMT
        Subject: serialNumber=653259d993b5734f9c8319a0bee34dfea167c68cc9a4fd0c6d804a1714419b4c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:b7:4d:9e:38:49:54:fb:fe:b1:d2:91:9c:d2:
                    03:17:78:23:95:54:1e:fb:9d:ad:f2:ac:54:88:4d:
                    9d:96:1c:dc:2d:dc:0f:d0:6e:ec:d7:d8:bf:4d:04:
                    b0:07:a9:49:c6:d3:d8:64:24:2b:10:75:13:20:0b:
                    77:ce:3a:44:60:e1:9f:9c:e6:57:f1:f3:24:63:04:
                    b5:68:9e:f3:42:9e:b4:f6:37:ed:ca:1b:50:99:81:
                    3a:b6:53:72:d7:5f:98:13:38:21:b6:31:14:8e:8d:
                    44:97:83:b0:5d:05:11:97:c3:63:8c:d3:35:cc:55:
                    ef:ed:8b:5c:4b:00:86:11:1c:6b:53:29:01:ab:ef:
                    af:3c:06:38:d2:7f:bc:65:8a:cd:a3:74:9b:26:98:
                    f6:ed:a6:3a:0d:f9:f2:fc:09:cf:18:b3:0f:3d:06:
                    9f:02:ea:87:d3:4d:47:3a:01:15:f5:ce:fd:a2:a5:
                    9c:b3:f6:df:f0:f5:16:27:67:8d:5d:2a:56:ba:37:
                    e4:a1:05:51:f6:c0:d1:8e:31:71:91:30:22:8e:4a:
                    25:ec:a8:fd:a6:7c:18:ba:90:27:22:34:ba:30:4b:
                    86:12:32:be:6d:5d:44:73:dc:84:6a:ca:cd:b8:22:
                    e8:0b:b1:5a:b3:30:f4:aa:21:90:9c:c2:c2:67:78:
                    82:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:EA:6F:1A:D0:93:2F:BE:74:A7:2B:1F:FF:B7:58:0C:C2:B5:38:A1
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0c291b4f-86c8-4a6c-9072-9ef46069d3a8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.252.73.0/24

    Signature Algorithm: sha256WithRSAEncryption
         52:b4:b5:c1:fa:52:f8:e8:67:b8:da:ad:28:76:39:77:bc:0b:
         13:ae:01:7c:b5:69:f7:28:cf:b4:18:21:55:86:dc:f1:82:34:
         40:34:76:bd:ed:de:9b:7d:a0:11:ba:6c:d6:26:57:7c:78:be:
         45:7a:78:11:3e:b6:14:61:4e:2c:80:1e:97:0c:1d:02:d8:76:
         bf:bc:39:86:c6:69:5a:b8:df:c3:b5:af:29:c6:b6:76:59:73:
         a4:c8:0d:a2:37:48:f5:9c:ae:be:24:a3:50:91:03:7a:83:c7:
         c0:95:3a:48:b9:32:62:f2:63:02:97:8f:32:ed:b3:fa:6a:f1:
         ef:6c:4d:7f:c0:d5:6b:57:21:50:ab:50:bc:c1:20:ed:30:6b:
         43:d4:0e:74:78:17:28:5d:7e:a6:c8:9f:58:6e:3f:7b:6c:46:
         0c:2c:17:e7:c0:4a:21:98:07:a0:12:c1:bc:c1:50:82:eb:23:
         da:7a:95:ec:7b:c2:83:5c:00:c4:15:16:51:43:92:f1:ea:4e:
         ca:6d:80:63:2d:4a:5d:ae:8d:50:48:f9:2d:1c:f3:ae:1a:17:
         27:65:67:bd:9d:ff:f7:bd:20:b2:b8:ed:18:80:ed:ac:24:48:
         55:25:96:d9:6b:d2:d5:98:5e:2d:ea:67:78:93:31:b0:5c:e0:
         4e:30:f4:4a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXGkeEEirmQZQQy3UOsEQ3wl9Dz0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAzMDAwMDAwWhcNMjUwMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A2NTMyNTlkOTkzYjU3MzRmOWM4MzE5YTBiZWUzNGRmZWEx
NjdjNjhjYzlhNGZkMGM2ZDgwNGExNzE0NDE5YjRjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDYt02eOElU+/6x0pGc0gMXeCOVVB77na3yrFSITZ2WHNwt
3A/QbuzX2L9NBLAHqUnG09hkJCsQdRMgC3fOOkRg4Z+c5lfx8yRjBLVonvNCnrT2
N+3KG1CZgTq2U3LXX5gTOCG2MRSOjUSXg7BdBRGXw2OM0zXMVe/ti1xLAIYRHGtT
KQGr7688BjjSf7xlis2jdJsmmPbtpjoN+fL8Cc8Ysw89Bp8C6ofTTUc6ARX1zv2i
pZyz9t/w9RYnZ41dKla6N+ShBVH2wNGOMXGRMCKOSiXsqP2mfBi6kCciNLowS4YS
Mr5tXURz3IRqys24IugLsVqzMPSqIZCcwsJneIKVAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUZupvGtCTL750pysf/7dYDMK1OKEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzBjMjkxYjRmLTg2YzgtNGE2Yy05MDcyLTllZjQ2MDY5ZDNhOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABA/EkwDQYJKoZIhvcNAQELBQADggEBAFK0tcH6UvjoZ7jarSh2OXe8CxOu
AXy1afcoz7QYIVWG3PGCNEA0dr3t3pt9oBG6bNYmV3x4vkV6eBE+thRhTiyAHpcM
HQLYdr+8OYbGaVq438O1rynGtnZZc6TIDaI3SPWcrr4ko1CRA3qDx8CVOki5MmLy
YwKXjzLts/pq8e9sTX/A1WtXIVCrULzBIO0wa0PUDnR4FyhdfqbIn1huP3tsRgws
F+fASiGYB6ASwbzBUILrI9p6lex7woNcAMQVFlFDkvHqTsptgGMtSl2ujVBI+S0c
864aFydlZ72d//e9ILK47RiA7awkSFUlltlr0tWYXi3qZ3iTMbBc4E4w9Eo=
-----END CERTIFICATE-----
Generated at Fri Dec 6 04:28:48 2024 by rpki-client on console-fra.rpki-client.org