Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1b6e3735-b9d5-4de6-810c-4b236afea0b2.roa
File:                     1b6e3735-b9d5-4de6-810c-4b236afea0b2.roa (raw, json)
Hash identifier:          FPxR6euaxXLLEuC815NjJi/56IsM+/9dFhBpC4SnJSs=
Subject key identifier:   20:67:BE:65:41:39:20:FF:96:AE:DE:9C:05:AB:16:C4:5E:77:A3:B9
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2796AF67AF5C9DD3B572EF828D3BE6C6811CF425
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1b6e3735-b9d5-4de6-810c-4b236afea0b2.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        16.156.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:96:af:67:af:5c:9d:d3:b5:72:ef:82:8d:3b:e6:c6:81:1c:f4:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=6c6f072dc23f8a0975839a90d619fd5ae2bfc61568b150f20cd3b6e023ac2dc8, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:62:14:7d:b9:2c:06:02:4a:32:09:5a:aa:f4:
                    ce:5e:3b:e7:44:2e:2c:f1:1e:a1:c0:8e:f4:14:4d:
                    a1:da:dc:1d:58:3a:6e:1f:80:9d:04:51:eb:e9:5c:
                    e1:88:9f:76:66:66:dc:bf:8d:13:8d:79:23:93:18:
                    31:0c:1f:7b:8e:da:36:95:93:9a:f9:ab:a6:09:88:
                    25:dd:1b:7b:1e:4c:8d:28:8c:ab:69:0e:c0:bd:fb:
                    c1:ab:a0:6f:58:6f:be:25:f2:72:c6:c9:03:df:6d:
                    1d:37:d7:f4:5d:84:5e:0a:ca:0d:31:b2:72:50:d6:
                    ef:f0:20:df:c3:75:48:2a:c7:d8:fb:15:11:c8:3a:
                    23:fd:0d:cb:76:a3:db:10:72:bd:74:05:4a:64:f6:
                    5a:7b:76:53:38:f2:9c:f7:d9:82:02:65:1e:00:d3:
                    05:11:bd:39:cd:7e:13:5c:11:b0:43:43:11:d1:6b:
                    5e:51:bc:d8:2f:2e:0e:1c:82:01:d1:a3:bc:65:66:
                    9e:f6:ec:74:07:a5:d0:1d:33:ba:84:68:cf:c1:71:
                    2f:7e:58:f5:e7:9a:92:63:4c:85:d0:f8:38:8f:12:
                    11:97:97:73:d0:7d:9a:95:f7:9c:aa:f1:a5:47:3a:
                    ac:4c:df:8d:90:b2:9f:b7:5d:4b:c8:ab:68:41:10:
                    1e:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:67:BE:65:41:39:20:FF:96:AE:DE:9C:05:AB:16:C4:5E:77:A3:B9
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1b6e3735-b9d5-4de6-810c-4b236afea0b2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.156.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         5c:e6:25:20:9c:e4:36:60:c4:ff:24:65:87:88:4c:3d:fc:a1:
         17:79:09:6b:a7:64:94:ec:b5:e7:1e:9f:ae:e0:49:1e:7b:a1:
         44:c2:86:61:11:be:33:7d:2d:ff:67:12:4d:52:e8:d1:68:9f:
         5e:42:92:84:b6:6f:00:77:33:bc:2f:56:d2:67:8b:02:2c:39:
         48:90:c5:9b:a6:34:b1:b6:22:bd:15:7f:e0:4c:61:46:9e:85:
         03:ae:b1:e0:90:50:18:34:bb:d8:b6:30:54:b4:43:e1:d9:ed:
         fd:5a:2c:b5:07:79:16:1c:85:73:53:31:b9:0b:d6:6e:80:1a:
         d9:6a:4c:65:26:40:9c:e9:ff:f9:80:f0:5e:20:ad:20:b4:c8:
         cf:b2:f0:07:aa:b9:fa:e4:48:32:38:f4:a2:89:6a:32:49:76:
         39:e8:e6:6a:27:45:97:ee:7a:89:91:6b:87:76:70:46:5e:35:
         1f:39:88:f3:91:1b:28:e3:0e:b1:31:d8:29:69:a8:52:a6:3c:
         3e:61:94:b7:d6:d2:99:34:99:67:fa:84:ee:3c:92:4d:35:5e:
         78:51:ae:4b:30:ff:14:2c:23:2e:46:98:4c:dc:d4:79:c3:bb:
         ac:45:f6:61:0a:3f:55:b0:63:6f:d7:d7:63:1d:a1:89:f0:1f:
         ab:f7:0c:e0
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUJ5avZ69cndO1cu+CjTvmxoEc9CUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A2YzZmMDcyZGMyM2Y4YTA5NzU4MzlhOTBkNjE5ZmQ1YWUy
YmZjNjE1NjhiMTUwZjIwY2QzYjZlMDIzYWMyZGM4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCYYhR9uSwGAkoyCVqq9M5eO+dELizxHqHAjvQUTaHa3B1Y
Om4fgJ0EUevpXOGIn3ZmZty/jRONeSOTGDEMH3uO2jaVk5r5q6YJiCXdG3seTI0o
jKtpDsC9+8GroG9Yb74l8nLGyQPfbR031/RdhF4Kyg0xsnJQ1u/wIN/DdUgqx9j7
FRHIOiP9Dct2o9sQcr10BUpk9lp7dlM48pz32YICZR4A0wURvTnNfhNcEbBDQxHR
a15RvNgvLg4cggHRo7xlZp727HQHpdAdM7qEaM/BcS9+WPXnmpJjTIXQ+DiPEhGX
l3PQfZqV95yq8aVHOqxM342Qsp+3XUvIq2hBEB4lAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUIGe+ZUE5IP+Wrt6cBasWxF53o7kwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzFiNmUzNzM1LWI5ZDUtNGRlNi04MTBjLTRiMjM2YWZlYTBiMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQnDANBgkqhkiG9w0BAQsFAAOCAQEAXOYlIJzkNmDE/yRlh4hMPfyhF3kJ
a6dklOy15x6fruBJHnuhRMKGYRG+M30t/2cSTVLo0WifXkKShLZvAHczvC9W0meL
Aiw5SJDFm6Y0sbYivRV/4ExhRp6FA66x4JBQGDS72LYwVLRD4dnt/VostQd5FhyF
c1MxuQvWboAa2WpMZSZAnOn/+YDwXiCtILTIz7LwB6q5+uRIMjj0oolqMkl2Oejm
aidFl+56iZFrh3ZwRl41HzmI85EbKOMOsTHYKWmoUqY8PmGUt9bSmTSZZ/qE7jyS
TTVeeFGuSzD/FCwjLkaYTNzUecO7rEX2YQo/VbBjb9fXYx2hifAfq/cM4A==
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:05:12 2024 by rpki-client on console-ams.rpki-client.org