Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/18e20a74-bdc3-4bcf-9338-15e54b26aae0.roa
File:                     18e20a74-bdc3-4bcf-9338-15e54b26aae0.roa (raw, json)
Hash identifier:          3nBQpvvnnUM5raEJUMoAhBKRxyTL6XLYVC00ZyxQNbs=
Subject key identifier:   66:16:54:5E:65:CF:D6:81:A4:EF:E8:D3:3D:A3:9E:8A:5E:8A:E0:02
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       65D68B9A29BEBBD2D86E1D6F592D5A081AC4B7F8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/18e20a74-bdc3-4bcf-9338-15e54b26aae0.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        16.12.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:d6:8b:9a:29:be:bb:d2:d8:6e:1d:6f:59:2d:5a:08:1a:c4:b7:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=6834996956102a4207cf0b54378c6aaed36551437d9965e4cb4c2465969e142f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:c6:ef:fe:b5:fc:0e:1d:42:7f:05:38:aa:1a:
                    f6:56:87:9c:2d:de:81:25:fc:19:f0:13:4f:bd:2c:
                    da:e4:9a:5d:18:3c:31:00:a9:c4:a1:ba:28:80:11:
                    a7:1c:a9:3f:c4:4b:dd:c1:43:f0:42:84:57:ff:9b:
                    61:df:67:4d:c6:7b:9e:09:b3:97:9a:24:08:e8:22:
                    fd:f5:1c:73:55:21:28:51:b8:97:5d:76:3f:15:46:
                    ac:17:6a:7a:e6:41:4c:63:89:26:d2:a2:d5:f6:9a:
                    82:67:a7:19:f8:54:f5:36:63:28:c2:82:2a:0c:9f:
                    d5:1b:2a:13:1a:a1:81:a3:6e:93:96:46:7c:13:b3:
                    4b:66:ab:f0:4d:27:cf:26:61:b0:63:76:98:f1:fc:
                    ea:0d:4b:e7:47:82:8c:34:dd:d2:fc:8b:6f:06:92:
                    e5:ab:d3:54:67:71:e9:f4:5f:72:c0:5f:a4:00:4f:
                    c1:cf:8c:27:17:76:8a:09:83:c0:cb:ea:98:6d:f6:
                    ec:d7:85:70:b1:41:9a:55:8b:50:3c:21:83:c5:c9:
                    28:fe:10:bd:32:0a:de:5c:6d:57:bf:b9:6f:83:5b:
                    ff:c2:3e:db:13:23:1d:4f:ea:df:f4:ad:1c:16:bc:
                    e2:06:e7:c8:7f:63:e6:a9:76:c1:b8:7a:4b:72:8f:
                    1f:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:16:54:5E:65:CF:D6:81:A4:EF:E8:D3:3D:A3:9E:8A:5E:8A:E0:02
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/18e20a74-bdc3-4bcf-9338-15e54b26aae0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.12.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         b3:29:3f:30:fd:bc:a2:77:36:ae:57:e9:cd:bf:17:7c:0a:37:
         bd:1b:81:06:e4:86:e9:b2:05:aa:a2:c5:63:2a:7d:75:04:9e:
         e4:2a:b9:71:b4:dc:21:df:38:ab:23:3b:3b:60:6e:54:cf:85:
         76:ee:f9:05:dc:21:93:38:8c:14:58:bc:d3:aa:e6:22:63:3a:
         ab:05:ac:7a:b7:ae:2a:61:4c:d4:e4:02:ef:d7:60:c0:c7:61:
         85:cb:7a:f9:f3:7f:c0:47:99:d2:c8:98:80:1d:51:55:97:16:
         8d:9d:98:f4:be:2b:0c:46:a9:a3:3b:79:b4:e9:e8:85:64:50:
         c4:8d:c1:fc:d2:49:39:d0:ea:23:0e:a7:d4:88:3c:41:74:57:
         53:67:d2:41:ca:58:30:f7:c5:bf:d4:3f:1f:38:71:b2:43:d8:
         23:4d:3e:19:05:8e:dd:7a:22:24:d5:f0:9c:fe:16:2a:46:e5:
         65:a7:d3:83:cd:c2:f9:5f:22:92:c4:a7:62:ab:0e:e5:2b:8a:
         cf:9a:5b:76:d4:4c:c8:b5:73:79:1e:f6:bd:66:c4:40:a9:65:
         59:e5:9c:65:65:31:d2:81:50:5b:8a:a6:21:55:b4:9c:6f:96:
         60:34:cb:aa:f3:40:e2:5e:9e:8d:9a:82:0d:8d:ea:31:d0:2f:
         43:33:69:5a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUZdaLmim+u9LYbh1vWS1aCBrEt/gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A2ODM0OTk2OTU2MTAyYTQyMDdjZjBiNTQzNzhjNmFhZWQz
NjU1MTQzN2Q5OTY1ZTRjYjRjMjQ2NTk2OWUxNDJmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDmxu/+tfwOHUJ/BTiqGvZWh5wt3oEl/BnwE0+9LNrkml0Y
PDEAqcShuiiAEaccqT/ES93BQ/BChFf/m2HfZ03Ge54Js5eaJAjoIv31HHNVIShR
uJdddj8VRqwXanrmQUxjiSbSotX2moJnpxn4VPU2YyjCgioMn9UbKhMaoYGjbpOW
RnwTs0tmq/BNJ88mYbBjdpjx/OoNS+dHgow03dL8i28GkuWr01Rncen0X3LAX6QA
T8HPjCcXdooJg8DL6pht9uzXhXCxQZpVi1A8IYPFySj+EL0yCt5cbVe/uW+DW//C
PtsTIx1P6t/0rRwWvOIG58h/Y+apdsG4ektyjx+1AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUZhZUXmXP1oGk7+jTPaOeil6K4AIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE4ZTIwYTc0LWJkYzMtNGJjZi05MzM4LTE1ZTU0YjI2YWFlMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQDDANBgkqhkiG9w0BAQsFAAOCAQEAsyk/MP28onc2rlfpzb8XfAo3vRuB
BuSG6bIFqqLFYyp9dQSe5Cq5cbTcId84qyM7O2BuVM+Fdu75BdwhkziMFFi806rm
ImM6qwWsereuKmFM1OQC79dgwMdhhct6+fN/wEeZ0siYgB1RVZcWjZ2Y9L4rDEap
ozt5tOnohWRQxI3B/NJJOdDqIw6n1Ig8QXRXU2fSQcpYMPfFv9Q/HzhxskPYI00+
GQWO3XoiJNXwnP4WKkblZafTg83C+V8iksSnYqsO5SuKz5pbdtRMyLVzeR72vWbE
QKllWeWcZWUx0oFQW4qmIVW0nG+WYDTLqvNA4l6ejZqCDY3qMdAvQzNpWg==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:36:39 2024 by rpki-client on console-fra.rpki-client.org