Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/31d1b808-e86d-4470-94d3-43f282680e9f.roa
File:                     31d1b808-e86d-4470-94d3-43f282680e9f.roa (raw, json)
Hash identifier:          JZ8DiMvyZmek8TdvlNJW17zthHJSa948eKPXLnhKEAw=
Subject key identifier:   9A:66:7C:0C:F3:7E:2C:25:CB:4A:5A:4C:44:E1:39:B5:9B:EE:BF:22
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4D835F58222BC1F0BFBD2C8D8DE4733167898545
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/31d1b808-e86d-4470-94d3-43f282680e9f.roa
Signing time:             Sat 23 Nov 2024 00:00:00 +0000
ROA not before:           Sat 23 Nov 2024 00:00:00 +0000
ROA not after:            Sat 28 Dec 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        134.127.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Dec 2024 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:83:5f:58:22:2b:c1:f0:bf:bd:2c:8d:8d:e4:73:31:67:89:85:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 23 00:00:00 2024 GMT
            Not After : Dec 28 23:59:59 2024 GMT
        Subject: serialNumber=5d45fbec6619efa2a78c1b9b1740f05934c8466883434446849818ebe9000172, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:fe:54:6d:05:b2:2f:35:c4:e7:45:25:a2:a1:
                    9b:24:62:30:57:73:0c:e4:8a:9c:9a:bc:b7:0a:c7:
                    62:f9:2f:0d:9a:9f:f5:03:ec:91:c5:33:8d:1c:dc:
                    93:db:e1:3e:a3:f7:15:ef:f7:b7:ec:91:c8:55:a0:
                    55:da:af:30:0d:71:51:4c:f2:91:58:56:86:0e:bb:
                    56:3b:05:fb:2f:0a:6e:fa:84:4d:ae:37:61:f9:2a:
                    80:3e:7d:5c:31:91:97:3b:bb:7d:ee:e6:2f:70:20:
                    44:4a:e0:46:b7:d0:c3:bc:b4:2e:8a:c7:f3:9e:9b:
                    00:c3:fb:10:f5:4b:32:b3:7f:3d:e0:d8:15:fc:0e:
                    0d:f2:4f:6b:55:70:a4:45:ea:95:e6:fb:9b:0b:29:
                    71:8d:7e:68:d4:a6:c2:af:aa:05:c3:a6:76:0c:b6:
                    43:8c:6c:2a:b3:b6:3d:2a:96:a6:5e:21:62:63:6f:
                    c4:63:83:74:bb:0f:22:2e:32:ca:6b:94:fb:9b:63:
                    4e:f0:82:98:f0:3f:ce:6b:86:8e:0c:ff:d3:59:b7:
                    cb:06:4d:39:8a:ec:21:c1:d8:6f:45:31:a8:ff:ae:
                    4f:ab:c8:10:f6:76:3d:6c:77:eb:91:48:95:53:b8:
                    06:42:b2:35:8a:ef:a6:81:af:74:eb:c9:f2:fd:67:
                    21:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:66:7C:0C:F3:7E:2C:25:CB:4A:5A:4C:44:E1:39:B5:9B:EE:BF:22
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/31d1b808-e86d-4470-94d3-43f282680e9f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  134.127.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         b4:17:d8:e6:89:88:49:53:b8:8b:09:a9:c5:91:d2:d4:d5:b6:
         68:48:33:76:cd:f8:a6:59:e9:54:47:32:75:00:12:5e:5a:b1:
         c4:c9:c3:99:b5:ae:6f:6c:49:7a:a6:83:d9:9b:ee:f8:a5:47:
         13:28:f4:86:2e:6a:5e:89:2d:01:d8:34:9f:05:9e:ad:70:d4:
         39:1d:be:2b:10:cb:11:cb:0d:fa:39:8b:b5:4b:15:dd:60:04:
         50:1f:81:d0:75:b1:c8:f2:b7:71:ed:5e:ec:9a:69:f3:16:4f:
         d7:66:30:c9:c8:53:e6:c7:e4:fb:65:c2:03:06:c5:db:5f:b4:
         79:f4:3e:9a:66:a3:72:ad:df:41:c1:80:62:9d:17:c7:a6:58:
         3b:2d:91:4e:6b:54:5a:ed:86:ea:cc:6a:37:9e:e7:92:ae:92:
         6e:4d:8b:df:f9:ec:2d:29:2b:c9:19:8c:30:46:eb:27:37:6d:
         3d:52:04:53:70:16:a4:fc:1e:1b:91:e1:0d:c8:2a:a9:ec:ac:
         c2:ed:d7:85:4c:7e:56:06:8e:88:b7:9f:7c:c5:98:ad:26:15:
         f3:2f:db:37:7e:87:05:4a:07:17:67:5a:f9:30:84:62:76:a8:
         86:a3:16:42:37:57:f1:2d:15:d8:31:b0:d4:ef:b9:7e:98:56:
         86:2f:52:29
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUTYNfWCIrwfC/vSyNjeRzMWeJhUUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMTIzMDAwMDAwWhcNMjQxMjI4MjM1OTU5
WjB6MUkwRwYDVQQFE0A1ZDQ1ZmJlYzY2MTllZmEyYTc4YzFiOWIxNzQwZjA1OTM0
Yzg0NjY4ODM0MzQ0NDY4NDk4MThlYmU5MDAwMTcyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCt/lRtBbIvNcTnRSWioZskYjBXcwzkipyavLcKx2L5Lw2a
n/UD7JHFM40c3JPb4T6j9xXv97fskchVoFXarzANcVFM8pFYVoYOu1Y7BfsvCm76
hE2uN2H5KoA+fVwxkZc7u33u5i9wIERK4Ea30MO8tC6Kx/OemwDD+xD1SzKzfz3g
2BX8Dg3yT2tVcKRF6pXm+5sLKXGNfmjUpsKvqgXDpnYMtkOMbCqztj0qlqZeIWJj
b8Rjg3S7DyIuMsprlPubY07wgpjwP85rho4M/9NZt8sGTTmK7CHB2G9FMaj/rk+r
yBD2dj1sd+uRSJVTuAZCsjWK76aBr3TryfL9ZyHdAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUmmZ8DPN+LCXLSlpMROE5tZvuvyIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzMxZDFiODA4LWU4NmQtNDQ3MC05NGQzLTQzZjI4MjY4MGU5Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCGfzANBgkqhkiG9w0BAQsFAAOCAQEAtBfY5omISVO4iwmpxZHS1NW2aEgz
ds34plnpVEcydQASXlqxxMnDmbWub2xJeqaD2Zvu+KVHEyj0hi5qXoktAdg0nwWe
rXDUOR2+KxDLEcsN+jmLtUsV3WAEUB+B0HWxyPK3ce1e7Jpp8xZP12YwychT5sfk
+2XCAwbF21+0efQ+mmajcq3fQcGAYp0Xx6ZYOy2RTmtUWu2G6sxqN57nkq6Sbk2L
3/nsLSkryRmMMEbrJzdtPVIEU3AWpPweG5HhDcgqqeyswu3XhUx+VgaOiLeffMWY
rSYV8y/bN36HBUoHF2da+TCEYnaohqMWQjdX8S0V2DGw1O+5fphWhi9SKQ==
-----END CERTIFICATE-----
Generated at Sun Dec 1 03:30:02 2024 by rpki-client on console-ams.rpki-client.org