Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/20cff8ef-58d4-41ca-b3a8-a17cb6933ce0.roa
File:                     20cff8ef-58d4-41ca-b3a8-a17cb6933ce0.roa (raw, json)
Hash identifier:          xuJEQCMdlWyWNTg3eJ+attPDCkhMqoXnqlzbLkoDG1g=
Subject key identifier:   9C:C1:87:F3:DA:83:D8:B0:4B:2E:70:45:62:38:35:5E:C6:2C:3A:79
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       22695A2D9CCB65E61E6748C1F7D1278BF8B22CA9
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/20cff8ef-58d4-41ca-b3a8-a17cb6933ce0.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        64.252.104.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:69:5a:2d:9c:cb:65:e6:1e:67:48:c1:f7:d1:27:8b:f8:b2:2c:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=83c1be6274e2005cf6dad229c4cb3dc5be5763b00956a3a1fbbffde08c44b970, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:27:af:2d:94:25:4b:8e:b4:5e:d3:73:a5:cb:
                    6f:8e:14:50:8d:8d:a9:8c:be:17:f7:c0:80:b1:ad:
                    38:14:01:18:29:56:1f:7a:2a:57:cd:27:18:49:b3:
                    2d:c9:7d:67:dd:b1:24:a3:47:5b:15:1f:0c:84:58:
                    1e:59:f4:51:d1:24:71:2f:61:a4:3a:db:16:11:86:
                    28:c5:82:a2:73:9a:00:ed:ee:c2:fe:f9:8d:b8:08:
                    2a:ce:bc:13:28:ed:1c:74:ea:1c:69:e3:01:41:db:
                    e3:44:53:42:74:cb:76:95:1b:8b:1e:aa:46:e1:90:
                    44:3b:95:e6:8a:c1:2d:d4:8b:56:06:df:c8:2a:f8:
                    e5:f3:a6:2a:1e:dd:20:a2:1b:cf:2a:bf:d0:5f:67:
                    5d:67:5d:e6:12:6f:87:7b:ef:0c:87:7d:ec:7f:3c:
                    55:fe:b9:44:5f:fd:6f:6e:74:16:69:6e:a3:dc:f2:
                    4e:e9:7c:fd:8f:90:78:7f:be:d8:36:f5:0c:76:14:
                    77:6b:45:95:2f:db:c0:db:9c:b8:0c:a1:63:88:85:
                    dd:91:9c:ba:84:f0:67:2b:f5:dc:75:9d:48:3a:f3:
                    bd:c1:9c:74:67:c9:a1:78:96:20:49:46:b8:5a:75:
                    4c:8d:96:54:77:92:96:12:ae:09:9d:31:31:d5:a0:
                    c0:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:C1:87:F3:DA:83:D8:B0:4B:2E:70:45:62:38:35:5E:C6:2C:3A:79
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/20cff8ef-58d4-41ca-b3a8-a17cb6933ce0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.252.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:08:a7:9a:96:65:b3:6f:f0:62:0f:78:c2:51:4d:98:d7:ed:
         cc:b5:23:b5:71:be:64:a2:8a:11:2f:cf:20:64:35:1f:72:bc:
         31:91:9d:e7:47:fb:77:c1:17:48:6f:c2:cd:22:c4:35:b4:7a:
         8e:98:07:bd:4a:38:aa:52:de:27:ef:8c:27:db:de:3e:3d:a2:
         25:aa:8d:53:9e:d5:b3:b8:e7:93:8e:64:d9:4f:da:20:75:7e:
         39:1f:c4:d1:da:a9:65:8f:db:7f:4a:ad:ce:a2:92:35:c6:f6:
         d5:55:eb:df:f6:ee:61:d1:df:96:fc:0d:a6:f5:7f:06:85:99:
         98:8b:1c:57:84:80:d3:8d:b2:5d:be:0a:8a:c3:b5:1d:3b:60:
         d3:92:95:b4:0c:6c:f8:35:f4:2a:5a:fa:4d:59:9e:2a:6c:05:
         b3:64:e2:cd:f9:ba:f6:7f:b4:54:ad:b5:d7:75:2c:54:54:e4:
         9f:a7:fa:b2:9e:03:ba:e7:27:9d:96:fc:83:a1:34:e7:3b:01:
         db:65:04:46:a2:8f:f1:52:1d:3c:2f:d3:9c:d2:62:3b:e3:70:
         0b:7d:19:30:40:04:2e:5a:3a:22:4b:9d:02:c7:96:25:f8:bf:
         d8:e6:81:c4:07:0a:65:fa:2e:85:fb:f8:48:cc:81:54:7a:b6:
         8a:83:0e:87
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUImlaLZzLZeYeZ0jB99Eni/iyLKkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A4M2MxYmU2Mjc0ZTIwMDVjZjZkYWQyMjljNGNiM2RjNWJl
NTc2M2IwMDk1NmEzYTFmYmJmZmRlMDhjNDRiOTcwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDOJ68tlCVLjrRe03Oly2+OFFCNjamMvhf3wICxrTgUARgp
Vh96KlfNJxhJsy3JfWfdsSSjR1sVHwyEWB5Z9FHRJHEvYaQ62xYRhijFgqJzmgDt
7sL++Y24CCrOvBMo7Rx06hxp4wFB2+NEU0J0y3aVG4seqkbhkEQ7leaKwS3Ui1YG
38gq+OXzpioe3SCiG88qv9BfZ11nXeYSb4d77wyHfex/PFX+uURf/W9udBZpbqPc
8k7pfP2PkHh/vtg29Qx2FHdrRZUv28DbnLgMoWOIhd2RnLqE8Gcr9dx1nUg6873B
nHRnyaF4liBJRrhadUyNllR3kpYSrgmdMTHVoMB9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUnMGH89qD2LBLLnBFYjg1XsYsOnkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzIwY2ZmOGVmLTU4ZDQtNDFjYS1iM2E4LWExN2NiNjkzM2NlMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABA/GgwDQYJKoZIhvcNAQELBQADggEBAHYIp5qWZbNv8GIPeMJRTZjX7cy1
I7VxvmSiihEvzyBkNR9yvDGRnedH+3fBF0hvws0ixDW0eo6YB71KOKpS3ifvjCfb
3j49oiWqjVOe1bO455OOZNlP2iB1fjkfxNHaqWWP239Krc6ikjXG9tVV69/27mHR
35b8Dab1fwaFmZiLHFeEgNONsl2+CorDtR07YNOSlbQMbPg19Cpa+k1ZnipsBbNk
4s35uvZ/tFSttdd1LFRU5J+n+rKeA7rnJ52W/IOhNOc7AdtlBEaij/FSHTwv05zS
YjvjcAt9GTBABC5aOiJLnQLHliX4v9jmgcQHCmX6LoX7+EjMgVR6toqDDoc=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:36:41 2024 by rpki-client on console-fra.rpki-client.org