Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1ff67b07-091b-43da-9723-1a94e29d65e8.roa
File:                     1ff67b07-091b-43da-9723-1a94e29d65e8.roa (raw, json)
Hash identifier:          fdzB2eHerz7nqwjzhsu3JLnVQAra8b9tqEW2AlKs9ZA=
Subject key identifier:   7A:66:EB:90:84:76:79:31:64:6F:78:57:4D:B3:24:96:BE:DA:3D:CF
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       718B4F7D831606C76F5BCE25F70A239F32E0D829
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1ff67b07-091b-43da-9723-1a94e29d65e8.roa
Signing time:             Tue 26 Nov 2024 00:00:00 +0000
ROA not before:           Tue 26 Nov 2024 00:00:00 +0000
ROA not after:            Tue 31 Dec 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        56.43.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 11 Dec 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:8b:4f:7d:83:16:06:c7:6f:5b:ce:25:f7:0a:23:9f:32:e0:d8:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 26 00:00:00 2024 GMT
            Not After : Dec 31 23:59:59 2024 GMT
        Subject: serialNumber=6b92027b1ed7d93ab2b5d76ca169ff440b44f47ab29358e8c5dd5de6b115cef0, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:68:54:8c:a0:a9:9a:bb:c9:70:63:cd:e4:d8:
                    10:e3:fd:c0:71:3d:82:14:e1:3b:69:5f:28:17:72:
                    2c:17:1e:9e:36:2f:5f:4a:0f:cb:85:ae:b1:95:b8:
                    d0:3a:98:ff:f1:0d:cf:0b:93:a6:dc:fc:db:f1:80:
                    c5:83:de:b8:b5:8b:52:96:dd:74:f9:ee:cc:09:95:
                    bf:ca:57:90:ea:52:d9:9d:4f:3a:d4:3d:37:e6:88:
                    cf:8f:b2:9c:72:22:8e:56:db:c3:5b:42:8a:a5:b2:
                    89:5b:d9:03:60:09:ac:43:b5:2c:c6:73:28:fb:3a:
                    9b:4d:97:8a:82:8c:f7:2f:b2:25:c9:0c:79:ea:23:
                    6d:be:1d:90:56:fc:b5:56:1f:d7:9c:6a:d4:ce:7b:
                    d0:8d:05:84:49:5a:ca:46:a1:a3:5b:f5:37:ba:e8:
                    62:d6:7a:d9:f1:c3:d3:aa:f9:4c:25:82:24:e4:f3:
                    6e:78:3e:9a:00:cc:f8:10:19:42:7a:76:f6:91:65:
                    b1:2a:63:e6:e7:99:8e:77:03:20:80:02:36:6f:07:
                    be:fb:53:f6:8b:67:a9:7a:35:1e:05:bf:ce:a3:2b:
                    66:52:6b:a9:e5:08:9a:01:c5:e4:7d:52:c4:71:28:
                    ea:82:a5:d8:18:c5:55:25:6e:98:2a:e8:67:6a:df:
                    ae:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:66:EB:90:84:76:79:31:64:6F:78:57:4D:B3:24:96:BE:DA:3D:CF
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1ff67b07-091b-43da-9723-1a94e29d65e8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.43.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         a4:fd:f8:73:bd:d2:98:d5:91:b6:20:51:0a:7b:4c:45:bb:52:
         a7:ef:f1:26:5c:24:7f:f1:00:8f:24:7e:a7:f9:d9:90:d5:8d:
         10:71:d6:9f:72:ff:03:b1:9f:54:2c:fe:6f:42:ef:5d:c2:83:
         e9:29:8d:fc:07:5f:cd:80:cb:db:d1:37:a5:b0:40:64:a0:51:
         74:2b:18:13:10:0a:61:af:8f:46:03:6c:2a:71:0a:d5:33:0a:
         20:7c:49:17:3a:c6:ab:ff:42:62:17:9f:1e:49:1f:47:1e:39:
         35:68:24:3f:4d:b1:47:55:51:35:fb:d0:33:db:1f:4d:8c:17:
         07:4e:48:3e:77:84:39:5a:37:7a:b8:0b:c0:ce:35:df:28:34:
         0b:d6:18:89:de:f5:8c:74:86:37:eb:f7:e3:5f:0c:a0:c1:28:
         42:35:08:24:3e:fa:a1:f7:92:98:8e:c8:8e:fd:3e:3e:47:50:
         36:ee:ef:6f:17:9e:e9:c5:10:8b:76:46:de:d9:57:d7:27:7f:
         fa:b1:f9:bb:6e:8b:5f:c5:18:88:b7:eb:b0:a1:5d:8d:cf:dc:
         8c:1b:69:3f:ce:2f:21:e8:ec:65:14:95:4a:a7:8c:fd:51:2f:
         7e:28:f3:7a:00:b5:15:46:e2:b2:56:0a:46:2f:76:12:7d:6a:
         1b:65:7d:7c
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUcYtPfYMWBsdvW84l9wojnzLg2CkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMTI2MDAwMDAwWhcNMjQxMjMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A2YjkyMDI3YjFlZDdkOTNhYjJiNWQ3NmNhMTY5ZmY0NDBi
NDRmNDdhYjI5MzU4ZThjNWRkNWRlNmIxMTVjZWYwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCeaFSMoKmau8lwY83k2BDj/cBxPYIU4TtpXygXciwXHp42
L19KD8uFrrGVuNA6mP/xDc8Lk6bc/NvxgMWD3ri1i1KW3XT57swJlb/KV5DqUtmd
TzrUPTfmiM+PspxyIo5W28NbQoqlsolb2QNgCaxDtSzGcyj7OptNl4qCjPcvsiXJ
DHnqI22+HZBW/LVWH9ecatTOe9CNBYRJWspGoaNb9Te66GLWetnxw9Oq+UwlgiTk
8254PpoAzPgQGUJ6dvaRZbEqY+bnmY53AyCAAjZvB777U/aLZ6l6NR4Fv86jK2ZS
a6nlCJoBxeR9UsRxKOqCpdgYxVUlbpgq6Gdq365XAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUembrkIR2eTFkb3hXTbMklr7aPc8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzFmZjY3YjA3LTA5MWItNDNkYS05NzIzLTFhOTRlMjlkNjVlOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4KzANBgkqhkiG9w0BAQsFAAOCAQEApP34c73SmNWRtiBRCntMRbtSp+/x
Jlwkf/EAjyR+p/nZkNWNEHHWn3L/A7GfVCz+b0LvXcKD6SmN/AdfzYDL29E3pbBA
ZKBRdCsYExAKYa+PRgNsKnEK1TMKIHxJFzrGq/9CYhefHkkfRx45NWgkP02xR1VR
NfvQM9sfTYwXB05IPneEOVo3ergLwM413yg0C9YYid71jHSGN+v3418MoMEoQjUI
JD76ofeSmI7Ijv0+PkdQNu7vbxee6cUQi3ZG3tlX1yd/+rH5u26LX8UYiLfrsKFd
jc/cjBtpP84vIejsZRSVSqeM/VEvfijzegC1FUbislYKRi92En1qG2V9fA==
-----END CERTIFICATE-----
Generated at Tue Dec 10 06:55:06 2024 by rpki-client on console-fra.rpki-client.org