Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1b6e3735-b9d5-4de6-810c-4b236afea0b2.roa
File:                     1b6e3735-b9d5-4de6-810c-4b236afea0b2.roa (raw, json)
Hash identifier:          sam9HRSrzicffQzsoRlQXNoYRYHhb6LFmeRerIQuADU=
Subject key identifier:   8C:07:0C:74:7C:76:05:C6:08:FC:3A:FE:C8:4F:8A:81:E5:4E:7D:3D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0CBAEE69BE0DEFA4ED032B53C12EDCBD504012DB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1b6e3735-b9d5-4de6-810c-4b236afea0b2.roa
Signing time:             Tue 17 Sep 2024 00:00:00 +0000
ROA not before:           Tue 17 Sep 2024 00:00:00 +0000
ROA not after:            Tue 22 Oct 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        16.156.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 13 Oct 2024 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:ba:ee:69:be:0d:ef:a4:ed:03:2b:53:c1:2e:dc:bd:50:40:12:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 17 00:00:00 2024 GMT
            Not After : Oct 22 23:59:59 2024 GMT
        Subject: serialNumber=af2f2018fc46ee26e66ff140073b90b415c4981093e2ad74aaab49a4118b67fa, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:32:9d:c5:cd:70:c4:4d:2d:5a:10:93:8f:ef:
                    8d:7c:e3:b9:94:23:65:a1:9c:c4:e2:30:0a:d1:93:
                    98:cc:1b:e6:ac:9d:18:aa:92:be:4a:c9:97:df:47:
                    fd:4d:e2:9f:d3:b6:ac:49:eb:76:ac:92:93:ce:c0:
                    0a:71:14:5b:0f:4a:94:68:0f:74:76:6d:28:f0:01:
                    d6:30:02:f7:24:5d:7f:6f:77:e7:77:a9:0c:53:1f:
                    b2:22:79:94:5f:f8:12:4c:45:c5:28:50:99:bb:21:
                    74:27:16:e0:0e:0c:8c:b4:f5:64:51:d7:0e:6d:12:
                    8f:c9:b1:98:8a:3e:55:ec:b9:cc:df:98:24:82:60:
                    af:99:20:83:64:8f:3b:4d:93:62:57:43:25:7c:b6:
                    6c:82:69:70:21:39:b4:31:10:40:9c:82:02:e3:84:
                    57:17:64:77:68:21:a9:50:2e:f4:83:3a:00:40:df:
                    32:6c:17:29:8d:09:28:31:63:d5:6d:b3:df:f2:aa:
                    42:68:35:43:ef:90:ae:af:9f:70:b0:b1:19:6d:50:
                    49:56:9e:4c:d6:6f:f3:64:67:ff:2a:1f:d1:52:2f:
                    50:97:7e:f3:26:ba:10:a7:7d:2f:f8:e8:63:2d:b3:
                    18:b3:b4:24:07:af:ff:c5:41:b1:9b:dd:aa:16:06:
                    3c:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:07:0C:74:7C:76:05:C6:08:FC:3A:FE:C8:4F:8A:81:E5:4E:7D:3D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1b6e3735-b9d5-4de6-810c-4b236afea0b2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.156.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         1e:6b:84:dc:a2:7e:8b:43:f5:c2:6e:a7:cb:93:c3:96:8d:14:
         10:06:04:5d:13:f6:07:20:b0:ed:bb:7b:5a:d0:7a:34:02:ad:
         82:ba:b0:3e:c7:58:c4:53:8d:0e:7a:bd:0b:d4:17:06:a9:73:
         7a:eb:d2:9f:9e:d3:d9:3a:01:f5:18:72:09:7b:19:91:31:b5:
         04:27:a0:fa:44:65:90:8a:6a:07:56:37:5b:51:1a:6c:65:4d:
         37:7a:3a:b4:ab:95:5b:90:3d:01:d0:04:30:2b:d5:18:7f:3c:
         22:3a:95:8d:7b:0d:1d:d1:bb:cd:7b:0b:91:57:96:fc:8e:61:
         f5:c6:db:68:7a:e7:4b:68:39:e9:f1:9b:75:d6:1b:11:6d:57:
         36:83:dc:87:2f:c7:93:07:a0:0d:fc:6e:b5:89:45:d4:d8:f5:
         30:fd:37:0e:bb:70:93:44:6e:f0:6d:f1:a5:24:82:f4:55:4d:
         fb:10:90:bb:41:54:43:e8:66:49:6c:0e:36:76:ca:e0:d8:23:
         c3:77:e9:14:27:87:22:6a:a8:d1:0e:7f:af:c9:ab:be:57:ad:
         36:44:57:b8:b8:f2:f1:7a:ef:0c:a5:df:2c:25:70:f3:e4:65:
         e7:77:12:a0:b0:b7:2d:ab:1b:fb:af:89:fa:5b:91:b2:8c:ae:
         5a:08:62:85
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUDLruab4N76TtAytTwS7cvVBAEtswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwOTE3MDAwMDAwWhcNMjQxMDIyMjM1OTU5
WjB6MUkwRwYDVQQFE0BhZjJmMjAxOGZjNDZlZTI2ZTY2ZmYxNDAwNzNiOTBiNDE1
YzQ5ODEwOTNlMmFkNzRhYWFiNDlhNDExOGI2N2ZhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC9Mp3FzXDETS1aEJOP741847mUI2WhnMTiMArRk5jMG+as
nRiqkr5KyZffR/1N4p/TtqxJ63askpPOwApxFFsPSpRoD3R2bSjwAdYwAvckXX9v
d+d3qQxTH7IieZRf+BJMRcUoUJm7IXQnFuAODIy09WRR1w5tEo/JsZiKPlXsuczf
mCSCYK+ZIINkjztNk2JXQyV8tmyCaXAhObQxEECcggLjhFcXZHdoIalQLvSDOgBA
3zJsFymNCSgxY9Vts9/yqkJoNUPvkK6vn3CwsRltUElWnkzWb/NkZ/8qH9FSL1CX
fvMmuhCnfS/46GMtsxiztCQHr//FQbGb3aoWBjxNAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUjAcMdHx2BcYI/Dr+yE+KgeVOfT0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzFiNmUzNzM1LWI5ZDUtNGRlNi04MTBjLTRiMjM2YWZlYTBiMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQnDANBgkqhkiG9w0BAQsFAAOCAQEAHmuE3KJ+i0P1wm6ny5PDlo0UEAYE
XRP2ByCw7bt7WtB6NAKtgrqwPsdYxFONDnq9C9QXBqlzeuvSn57T2ToB9RhyCXsZ
kTG1BCeg+kRlkIpqB1Y3W1EabGVNN3o6tKuVW5A9AdAEMCvVGH88IjqVjXsNHdG7
zXsLkVeW/I5h9cbbaHrnS2g56fGbddYbEW1XNoPchy/HkwegDfxutYlF1Nj1MP03
Drtwk0Ru8G3xpSSC9FVN+xCQu0FUQ+hmSWwONnbK4Ngjw3fpFCeHImqo0Q5/r8mr
vletNkRXuLjy8XrvDKXfLCVw8+Rl53cSoLC3Lasb+6+J+luRsoyuWghihQ==
-----END CERTIFICATE-----
Generated at Sat Oct 12 01:10:24 2024 by rpki-client on console-fra.rpki-client.org