Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/203b501d-ebeb-4fcd-86f7-98b9ffc1813b.roa
File:                     203b501d-ebeb-4fcd-86f7-98b9ffc1813b.roa (raw, json)
Hash identifier:          FM2vmleU5qvBYXSIgjUASJfDfmBQIdlQ8fV/hJtKDS0=
Subject key identifier:   F9:F4:91:D6:EB:B4:33:F0:A1:7E:72:49:30:EE:A5:8E:95:AC:D7:52
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       755F292842ADA0CDD7117BF9E22A87FF36C65646
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/203b501d-ebeb-4fcd-86f7-98b9ffc1813b.roa
Signing time:             Tue 05 Nov 2024 00:00:00 +0000
ROA not before:           Tue 05 Nov 2024 00:00:00 +0000
ROA not after:            Tue 10 Dec 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        192.26.25.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Dec 2024 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:5f:29:28:42:ad:a0:cd:d7:11:7b:f9:e2:2a:87:ff:36:c6:56:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  5 00:00:00 2024 GMT
            Not After : Dec 10 23:59:59 2024 GMT
        Subject: serialNumber=6f9605c3d6f0250f9ae61bcc6e2a17b06b03a30b5ac99f078b167e92bface567, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:23:3c:fa:b5:97:0d:2f:c3:cd:1a:d5:2d:11:
                    f1:d0:40:9a:70:ef:26:48:d5:c7:cb:c7:72:f7:37:
                    59:de:f0:61:3e:5b:27:d5:c7:de:86:a2:47:12:d9:
                    e8:a5:ec:2a:48:d3:c4:a2:13:73:f5:9d:b6:bf:59:
                    f6:c6:32:ed:7b:39:8c:7d:b6:47:0f:89:b5:0c:24:
                    b7:bc:4f:b7:0f:da:6a:69:e2:23:af:c9:3c:de:84:
                    4a:0c:2e:0e:3e:cb:61:ca:1c:53:9d:b3:f4:fb:6c:
                    65:38:fb:78:53:a2:e0:0f:c8:0c:df:7a:0b:e1:21:
                    d4:88:d5:be:96:96:fb:e3:be:13:91:c0:4b:58:35:
                    7c:29:39:5f:5e:b7:0d:28:f3:a6:65:27:08:c5:e0:
                    d0:41:d1:35:cc:a2:f5:d4:29:d5:0c:43:e5:93:f5:
                    1b:89:4c:57:ba:d0:c1:7b:82:62:8e:68:1c:c7:84:
                    2f:a7:7e:3f:4a:85:81:72:b0:45:20:34:ab:a9:ee:
                    f6:a1:40:b9:c6:5a:56:fb:e1:d6:6c:9d:d0:da:69:
                    0c:0d:9c:3e:bc:4f:66:9c:6e:c6:ab:5e:a2:92:d7:
                    b7:08:57:53:d7:4c:45:17:eb:5a:31:59:28:c5:3d:
                    ac:cb:d3:c0:ec:bb:1e:10:60:88:d5:44:c9:de:11:
                    14:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:F4:91:D6:EB:B4:33:F0:A1:7E:72:49:30:EE:A5:8E:95:AC:D7:52
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/203b501d-ebeb-4fcd-86f7-98b9ffc1813b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.26.25.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:24:d9:12:11:88:7d:61:1c:0e:7f:08:3f:44:76:16:67:2a:
         fc:61:43:2d:c6:14:78:e1:88:b0:53:59:b6:20:1e:8f:81:4a:
         e1:9a:0f:d3:f2:d3:c1:11:ab:94:6e:7d:4a:54:3d:e3:7b:cc:
         35:ab:3e:2e:fb:71:e7:29:81:5a:4c:7b:88:6f:0f:aa:c3:13:
         60:b8:d7:66:4a:79:28:fe:8d:e6:bf:36:be:ac:4f:a1:27:39:
         37:d6:66:9b:bc:18:e8:f7:58:4d:61:26:63:13:4b:a0:ad:e0:
         08:e5:89:67:30:23:06:f4:c6:ca:10:eb:d5:d7:3e:eb:ce:d2:
         7f:3b:94:f3:03:eb:6a:b5:06:76:6a:03:5d:f9:de:5c:d0:21:
         43:da:06:83:4f:db:ac:88:88:a6:83:c3:87:06:c0:b5:d4:dc:
         e1:d1:07:2b:39:a9:e5:f5:2b:39:2b:d1:08:e5:2f:a3:16:1b:
         b1:d4:db:a9:3e:62:c3:cd:bf:45:a2:68:2c:b1:a4:14:81:97:
         40:12:a2:61:f6:fd:02:fe:b1:48:65:22:cf:59:92:72:38:3e:
         cc:dd:b4:70:2c:32:8c:c3:32:6d:49:d9:8d:b1:d9:29:36:22:
         f6:0c:e8:cf:77:0d:02:95:9c:be:72:e5:25:62:8c:5d:88:f4:
         09:6b:18:67
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdV8pKEKtoM3XEXv54iqH/zbGVkYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMTA1MDAwMDAwWhcNMjQxMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A2Zjk2MDVjM2Q2ZjAyNTBmOWFlNjFiY2M2ZTJhMTdiMDZi
MDNhMzBiNWFjOTlmMDc4YjE2N2U5MmJmYWNlNTY3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7Izz6tZcNL8PNGtUtEfHQQJpw7yZI1cfLx3L3N1ne8GE+
WyfVx96GokcS2eil7CpI08SiE3P1nba/WfbGMu17OYx9tkcPibUMJLe8T7cP2mpp
4iOvyTzehEoMLg4+y2HKHFOds/T7bGU4+3hTouAPyAzfegvhIdSI1b6WlvvjvhOR
wEtYNXwpOV9etw0o86ZlJwjF4NBB0TXMovXUKdUMQ+WT9RuJTFe60MF7gmKOaBzH
hC+nfj9KhYFysEUgNKup7vahQLnGWlb74dZsndDaaQwNnD68T2acbsarXqKS17cI
V1PXTEUX61oxWSjFPazL08Dsux4QYIjVRMneERRXAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU+fSR1uu0M/ChfnJJMO6ljpWs11IwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzIwM2I1MDFkLWViZWItNGZjZC04NmY3LTk4YjlmZmMxODEzYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADAGhkwDQYJKoZIhvcNAQELBQADggEBAIQk2RIRiH1hHA5/CD9EdhZnKvxh
Qy3GFHjhiLBTWbYgHo+BSuGaD9Py08ERq5RufUpUPeN7zDWrPi77cecpgVpMe4hv
D6rDE2C412ZKeSj+jea/Nr6sT6EnOTfWZpu8GOj3WE1hJmMTS6Ct4AjliWcwIwb0
xsoQ69XXPuvO0n87lPMD62q1BnZqA1353lzQIUPaBoNP26yIiKaDw4cGwLXU3OHR
Bys5qeX1Kzkr0QjlL6MWG7HU26k+YsPNv0WiaCyxpBSBl0ASomH2/QL+sUhlIs9Z
knI4PszdtHAsMozDMm1J2Y2x2Sk2IvYM6M93DQKVnL5y5SVijF2I9AlrGGc=
-----END CERTIFICATE-----
Generated at Sun Dec 1 03:10:03 2024 by rpki-client on console-fra.rpki-client.org