Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/259b0750-ae62-42f7-84c0-e7c8b6acca96.roa
File:                     259b0750-ae62-42f7-84c0-e7c8b6acca96.roa (raw, json)
Hash identifier:          jRbUbcBp39Kgz7yK8sA0Jfhqr4VmQGL1IgIYcM7SrUg=
Subject key identifier:   E4:C0:34:30:F9:31:F9:F4:61:25:93:2B:B3:96:2C:B4:ED:F1:08:51
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       60ECDB3BB08F632EDC98B6F6AED4D434D51A829F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/259b0750-ae62-42f7-84c0-e7c8b6acca96.roa
Signing time:             Sat 16 Mar 2024 00:00:00 +0000
ROA not before:           Sat 16 Mar 2024 00:00:00 +0000
ROA not after:            Sat 20 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        162.87.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:ec:db:3b:b0:8f:63:2e:dc:98:b6:f6:ae:d4:d4:34:d5:1a:82:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 16 00:00:00 2024 GMT
            Not After : Apr 20 23:59:59 2024 GMT
        Subject: serialNumber=91035ffe90e90cf0cdec757b2c374f954eb4f0dc305b4e0e3fd9932e9ed30b6d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:e1:ae:b2:5d:af:79:1d:df:5b:5f:f7:60:fa:
                    05:ac:ad:9d:95:70:f7:2c:1e:dc:86:9b:bb:27:1d:
                    66:9c:13:52:1b:40:54:66:f2:f5:51:14:25:df:6a:
                    e9:23:f6:c2:0e:f1:d9:d7:64:8c:9b:16:72:56:d1:
                    08:bd:2f:e2:d3:df:46:2a:4a:80:f8:4b:cf:5c:4b:
                    c9:f2:57:25:80:8c:d0:17:c3:37:7e:b6:69:a5:6b:
                    ce:6a:d6:b5:78:5c:bc:7c:7c:21:95:10:19:ee:c3:
                    b9:b7:11:9f:cd:dd:d9:4b:8b:f7:6c:9b:b3:ff:34:
                    06:04:e4:8c:07:1d:2a:b0:4e:d4:72:4c:23:ef:8e:
                    a4:a9:7b:f2:72:8c:f7:70:01:55:64:27:00:aa:95:
                    d2:cc:e6:ab:bc:ab:86:3d:bd:4b:20:a9:02:d8:69:
                    7d:a5:c5:a5:59:b9:05:99:7a:f5:89:fa:55:2b:7d:
                    10:12:ff:d9:45:82:b0:b4:24:41:37:2c:57:95:51:
                    96:48:0a:e7:62:e8:61:fd:3f:fe:ff:02:17:0a:07:
                    a0:b6:c6:d9:1c:80:6e:7a:d7:92:38:17:f1:73:a2:
                    c7:eb:f3:da:4f:1b:f7:8e:aa:2e:bf:ef:58:6a:86:
                    e2:c0:82:7c:f0:56:5f:6d:9d:94:e7:d9:d6:55:cd:
                    9a:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:C0:34:30:F9:31:F9:F4:61:25:93:2B:B3:96:2C:B4:ED:F1:08:51
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/259b0750-ae62-42f7-84c0-e7c8b6acca96.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  162.87.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         2a:91:4a:65:b3:dd:30:ce:02:c5:f9:00:00:95:c0:73:6f:58:
         1c:e8:22:53:4e:42:e4:18:3c:f7:94:66:cb:1e:29:60:ee:27:
         05:e0:2e:02:f4:1b:8d:91:2f:da:68:0f:8f:9e:11:cb:17:4e:
         40:c9:ac:38:98:ee:25:e7:df:c1:ea:cc:dd:b0:43:6e:a7:6b:
         85:88:1d:f8:0b:de:57:b9:d6:74:5b:d2:be:17:0c:c8:6c:48:
         89:72:01:98:23:c3:d9:e5:64:43:32:a6:56:08:b5:8d:34:f2:
         76:92:f5:c9:8e:2f:67:5d:63:13:1e:e4:49:cb:8f:4d:8e:9b:
         5f:aa:77:00:3b:9a:8e:80:37:5c:3b:ca:db:f3:eb:93:68:4d:
         ce:25:4d:cd:9a:8d:6f:8e:b7:9e:be:b7:d4:3e:00:9e:89:46:
         39:ae:c3:99:61:e8:38:cb:8a:68:c9:e8:77:06:3d:53:07:40:
         f2:d7:4e:d5:48:5b:68:a1:c8:f8:11:14:f1:86:80:05:52:3c:
         36:ac:6f:be:5a:34:62:fb:71:ca:9f:66:c1:0b:27:e7:2c:78:
         60:af:c3:41:c0:54:bb:d8:39:08:47:7c:4c:eb:b5:35:38:fb:
         90:ce:be:75:a0:6f:93:d2:fb:93:11:70:aa:ce:d7:c5:cd:25:
         0c:28:61:36
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUYOzbO7CPYy7cmLb2rtTUNNUagp8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE2MDAwMDAwWhcNMjQwNDIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A5MTAzNWZmZTkwZTkwY2YwY2RlYzc1N2IyYzM3NGY5NTRl
YjRmMGRjMzA1YjRlMGUzZmQ5OTMyZTllZDMwYjZkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCm4a6yXa95Hd9bX/dg+gWsrZ2VcPcsHtyGm7snHWacE1Ib
QFRm8vVRFCXfaukj9sIO8dnXZIybFnJW0Qi9L+LT30YqSoD4S89cS8nyVyWAjNAX
wzd+tmmla85q1rV4XLx8fCGVEBnuw7m3EZ/N3dlLi/dsm7P/NAYE5IwHHSqwTtRy
TCPvjqSpe/JyjPdwAVVkJwCqldLM5qu8q4Y9vUsgqQLYaX2lxaVZuQWZevWJ+lUr
fRAS/9lFgrC0JEE3LFeVUZZICudi6GH9P/7/AhcKB6C2xtkcgG5615I4F/Fzosfr
89pPG/eOqi6/71hqhuLAgnzwVl9tnZTn2dZVzZr3AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU5MA0MPkx+fRhJZMrs5YstO3xCFEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI1OWIwNzUwLWFlNjItNDJmNy04NGMwLWU3YzhiNmFjY2E5Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCiVzANBgkqhkiG9w0BAQsFAAOCAQEAKpFKZbPdMM4CxfkAAJXAc29YHOgi
U05C5Bg895Rmyx4pYO4nBeAuAvQbjZEv2mgPj54RyxdOQMmsOJjuJeffwerM3bBD
bqdrhYgd+AveV7nWdFvSvhcMyGxIiXIBmCPD2eVkQzKmVgi1jTTydpL1yY4vZ11j
Ex7kScuPTY6bX6p3ADuajoA3XDvK2/Prk2hNziVNzZqNb463nr631D4AnolGOa7D
mWHoOMuKaMnodwY9UwdA8tdO1UhbaKHI+BEU8YaABVI8Nqxvvlo0Yvtxyp9mwQsn
5yx4YK/DQcBUu9g5CEd8TOu1NTj7kM6+daBvk9L7kxFwqs7Xxc0lDChhNg==
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:05:14 2024 by rpki-client on console-ams.rpki-client.org