Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1f1b12b8-7d63-4bd6-949b-5ce09f1d110d.roa
File:                     1f1b12b8-7d63-4bd6-949b-5ce09f1d110d.roa (raw, json)
Hash identifier:          Vx+MMFGIEz+m5GS4yJohnZoXrhMT40993FYl3B27Qnw=
Subject key identifier:   58:69:BB:81:8F:4F:89:68:BE:F2:67:18:A5:61:DD:96:C7:3D:FE:A3
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       39B12CF6CFF9DFA13F227FC6902D486900B6A5F8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1f1b12b8-7d63-4bd6-949b-5ce09f1d110d.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        167.2.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:b1:2c:f6:cf:f9:df:a1:3f:22:7f:c6:90:2d:48:69:00:b6:a5:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=de2d35620cd138e219a64ab5d62799754eea207d94d17e34321139719c65d4d2, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:da:c8:38:ed:94:b6:27:ec:ac:a5:ba:6b:97:
                    c5:cc:5b:0d:b7:3a:d6:33:d0:d6:48:95:88:e0:6e:
                    54:df:21:c5:fa:a1:ff:5c:2f:50:3b:28:34:17:cb:
                    81:17:35:cd:e6:91:9c:5d:85:f3:2e:92:38:12:bf:
                    f6:a1:6a:09:ff:8d:7a:42:82:f6:e6:f4:1d:94:f4:
                    c3:fa:24:0c:f6:e6:0f:be:6c:34:31:cb:1b:30:9e:
                    15:4d:ff:8e:8e:21:83:01:fc:fc:63:07:93:d8:5a:
                    ba:4a:50:12:33:a5:a1:f2:e6:32:18:1b:c9:45:f2:
                    50:89:19:15:4d:13:84:f0:b7:ae:96:ed:be:b7:fd:
                    bc:f0:f0:e1:f3:a5:7b:fe:8e:d0:ff:cc:2c:09:56:
                    08:63:d4:df:d6:71:3d:7f:70:4b:02:4a:1f:cf:52:
                    e4:8d:13:d9:bc:17:eb:f4:c1:2e:f6:93:68:c6:10:
                    12:46:d3:12:1f:58:d8:9d:38:a0:5f:8f:9e:1e:c7:
                    7b:78:9d:8c:78:c8:86:79:fc:f1:5c:b6:46:da:c4:
                    0e:0d:75:f3:6a:fb:0e:a0:84:13:7d:26:f9:6b:02:
                    43:76:01:29:40:61:2f:11:35:0a:bb:1a:1f:ab:3d:
                    07:18:94:f0:bb:8a:97:59:8b:02:b1:65:36:b9:a9:
                    70:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:69:BB:81:8F:4F:89:68:BE:F2:67:18:A5:61:DD:96:C7:3D:FE:A3
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1f1b12b8-7d63-4bd6-949b-5ce09f1d110d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  167.2.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         d7:ae:00:d2:0f:10:ca:b9:37:3f:49:a6:fc:a9:a6:4d:10:4a:
         73:32:7a:6a:04:61:dc:c8:03:32:13:cc:49:32:35:f8:49:1c:
         db:11:b8:1c:9d:20:64:e3:28:5f:66:67:88:c6:b0:5f:31:28:
         ad:15:0d:e1:79:c0:7d:b9:19:0c:7f:40:41:d7:28:f9:74:13:
         a2:0a:41:8a:f3:06:9f:33:54:9c:0d:60:e6:f3:1b:88:16:c3:
         c6:e5:71:05:8c:25:51:bb:4d:9f:0c:2d:c8:64:a0:f4:df:56:
         9d:88:d3:75:d5:a9:2b:42:15:82:d0:8c:ff:5b:06:ff:eb:2a:
         f1:7d:c8:87:f4:9f:4c:73:97:c5:95:f0:d3:df:47:e0:d9:75:
         07:8b:77:29:3a:2f:c5:fb:6c:c1:44:7e:e1:89:a5:fc:ab:ad:
         69:78:5f:72:50:c6:de:dc:58:a2:6f:08:e7:08:31:38:b5:6c:
         6a:48:8f:dc:e2:eb:a5:bc:14:d3:2c:29:7b:70:2d:75:3e:4b:
         16:eb:97:30:f3:26:c4:17:18:5c:a6:af:76:4f:21:05:99:94:
         de:2a:ca:85:db:73:71:ac:60:0e:e5:b6:70:5e:b2:58:fb:b1:
         c1:9e:fa:20:3c:cd:53:72:cb:14:dc:c0:33:98:ef:1c:fe:79:
         d5:2a:24:4d
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUObEs9s/536E/In/GkC1IaQC2pfgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BkZTJkMzU2MjBjZDEzOGUyMTlhNjRhYjVkNjI3OTk3NTRl
ZWEyMDdkOTRkMTdlMzQzMjExMzk3MTljNjVkNGQyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDj2sg47ZS2J+yspbprl8XMWw23OtYz0NZIlYjgblTfIcX6
of9cL1A7KDQXy4EXNc3mkZxdhfMukjgSv/ahagn/jXpCgvbm9B2U9MP6JAz25g++
bDQxyxswnhVN/46OIYMB/PxjB5PYWrpKUBIzpaHy5jIYG8lF8lCJGRVNE4Twt66W
7b63/bzw8OHzpXv+jtD/zCwJVghj1N/WcT1/cEsCSh/PUuSNE9m8F+v0wS72k2jG
EBJG0xIfWNidOKBfj54ex3t4nYx4yIZ5/PFctkbaxA4NdfNq+w6ghBN9JvlrAkN2
ASlAYS8RNQq7Gh+rPQcYlPC7ipdZiwKxZTa5qXCXAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUWGm7gY9PiWi+8mcYpWHdlsc9/qMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzFmMWIxMmI4LTdkNjMtNGJkNi05NDliLTVjZTA5ZjFkMTEwZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCnAjANBgkqhkiG9w0BAQsFAAOCAQEA164A0g8Qyrk3P0mm/KmmTRBKczJ6
agRh3MgDMhPMSTI1+Ekc2xG4HJ0gZOMoX2ZniMawXzEorRUN4XnAfbkZDH9AQdco
+XQTogpBivMGnzNUnA1g5vMbiBbDxuVxBYwlUbtNnwwtyGSg9N9WnYjTddWpK0IV
gtCM/1sG/+sq8X3Ih/SfTHOXxZXw099H4Nl1B4t3KTovxftswUR+4Yml/KutaXhf
clDG3txYom8I5wgxOLVsakiP3OLrpbwU0ywpe3AtdT5LFuuXMPMmxBcYXKavdk8h
BZmU3irKhdtzcaxgDuW2cF6yWPuxwZ76IDzNU3LLFNzAM5jvHP551SokTQ==
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:05:12 2024 by rpki-client on console-ams.rpki-client.org