Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3c766b7f-e698-4e7f-8708-1c01042b5bcc.roa
File:                     3c766b7f-e698-4e7f-8708-1c01042b5bcc.roa (raw, json)
Hash identifier:          jRiRSFrS6hG1AlLfdGud3FDgkwnKHUnf9MBDYkC2+o0=
Subject key identifier:   72:D1:D1:F8:69:9A:0D:E6:5A:5C:F1:C3:96:CF:2D:89:2C:45:BC:34
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7282E227450717786096C98952135565BCB71A43
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3c766b7f-e698-4e7f-8708-1c01042b5bcc.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        40.178.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:82:e2:27:45:07:17:78:60:96:c9:89:52:13:55:65:bc:b7:1a:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=e64ebfb72da6b2e751dd037f7b441e8ac1eaca7eb56e737bf0bab59e4fe8eb4a, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:dc:95:00:73:6e:26:b2:16:82:ab:b4:1b:cb:
                    f8:31:e5:48:3b:e9:63:e8:df:5c:07:ea:3d:91:f0:
                    99:77:ab:43:a1:55:13:61:dc:a4:68:4d:7a:8b:cf:
                    e9:1c:25:8f:bc:73:96:b3:e2:2d:c4:45:1a:9d:78:
                    41:bd:4d:d5:5c:2f:2e:c9:fb:aa:53:54:3e:e0:45:
                    51:bf:b2:6d:b3:76:ff:1d:26:9f:77:38:cb:ed:f3:
                    b9:5b:89:c1:3a:e1:19:f9:09:ad:e0:16:99:70:db:
                    74:59:0b:c3:b6:71:5d:6d:35:6f:4e:6d:a8:03:ba:
                    d9:92:3c:99:4f:08:a5:34:5e:54:81:e1:8e:d1:fd:
                    2c:77:65:c7:21:d3:d6:0e:bf:c2:ba:6a:78:8f:92:
                    be:26:91:bb:4d:91:9d:ff:3f:6f:f7:d5:c3:07:b4:
                    83:fb:30:b9:39:42:89:53:8e:e5:fd:a6:04:33:0e:
                    6a:ab:83:a2:ba:b6:31:92:91:a4:f9:cc:57:33:ae:
                    10:ae:08:4a:cb:e4:0c:c4:b5:7e:96:0e:72:fe:40:
                    af:3e:4d:9e:e2:14:04:ef:5a:33:d1:89:02:32:64:
                    d3:2c:3d:2e:ff:ca:fe:36:6f:7c:e9:50:f9:a4:68:
                    3e:52:bc:af:48:4d:35:0a:89:a6:68:f5:35:5f:8e:
                    d2:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:D1:D1:F8:69:9A:0D:E6:5A:5C:F1:C3:96:CF:2D:89:2C:45:BC:34
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3c766b7f-e698-4e7f-8708-1c01042b5bcc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  40.178.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         c0:86:e7:11:1a:f4:bf:6c:9c:1d:0f:91:69:7f:45:2b:5e:f7:
         ce:e5:32:ac:cf:42:3f:7b:fb:6a:84:1c:b8:71:cf:2b:1d:64:
         2e:90:14:0a:ae:63:0a:73:ec:f8:7f:81:39:71:ef:f9:fc:ca:
         f8:d1:69:64:e2:47:3d:a5:db:2f:64:79:d5:72:52:e2:6d:7a:
         d1:9f:8c:4e:1a:6b:c2:1e:b3:50:d1:bd:b3:cf:76:3a:2c:44:
         f6:5b:f9:55:1d:41:39:fa:e2:e5:a1:d7:57:21:5b:26:43:eb:
         33:c3:01:8a:79:b5:2a:57:2c:90:06:17:41:c6:3b:6e:ce:b2:
         9c:cc:f3:77:f3:cf:06:bd:ba:40:4d:15:cb:11:05:4d:63:fa:
         61:51:8a:87:d0:36:f3:2f:a4:b6:23:fd:65:73:af:57:2a:9c:
         13:fb:8b:fb:55:95:5a:2f:3a:f7:cc:7d:5c:2b:6d:68:93:60:
         6f:9d:a5:4c:ad:50:00:95:db:b7:80:f6:72:e1:b3:e2:2e:dd:
         14:68:d1:6e:88:1f:a6:81:a4:65:bf:34:1f:1f:8b:74:f1:f0:
         15:7b:29:7c:6a:4b:0c:08:0f:22:b2:af:8a:97:a7:24:35:ff:
         5b:0b:ab:78:84:eb:85:df:da:1f:b9:d1:fb:da:ce:88:85:37:
         be:89:e0:c9
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUcoLiJ0UHF3hglsmJUhNVZby3GkMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BlNjRlYmZiNzJkYTZiMmU3NTFkZDAzN2Y3YjQ0MWU4YWMx
ZWFjYTdlYjU2ZTczN2JmMGJhYjU5ZTRmZThlYjRhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDe3JUAc24mshaCq7Qby/gx5Ug76WPo31wH6j2R8Jl3q0Oh
VRNh3KRoTXqLz+kcJY+8c5az4i3ERRqdeEG9TdVcLy7J+6pTVD7gRVG/sm2zdv8d
Jp93OMvt87lbicE64Rn5Ca3gFplw23RZC8O2cV1tNW9ObagDutmSPJlPCKU0XlSB
4Y7R/Sx3Zcch09YOv8K6aniPkr4mkbtNkZ3/P2/31cMHtIP7MLk5QolTjuX9pgQz
Dmqrg6K6tjGSkaT5zFczrhCuCErL5AzEtX6WDnL+QK8+TZ7iFATvWjPRiQIyZNMs
PS7/yv42b3zpUPmkaD5SvK9ITTUKiaZo9TVfjtJHAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUctHR+GmaDeZaXPHDls8tiSxFvDQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNjNzY2YjdmLWU2OTgtNGU3Zi04NzA4LTFjMDEwNDJiNWJjYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAosjANBgkqhkiG9w0BAQsFAAOCAQEAwIbnERr0v2ycHQ+RaX9FK173zuUy
rM9CP3v7aoQcuHHPKx1kLpAUCq5jCnPs+H+BOXHv+fzK+NFpZOJHPaXbL2R51XJS
4m160Z+MThprwh6zUNG9s892OixE9lv5VR1BOfri5aHXVyFbJkPrM8MBinm1Klcs
kAYXQcY7bs6ynMzzd/PPBr26QE0VyxEFTWP6YVGKh9A28y+ktiP9ZXOvVyqcE/uL
+1WVWi8698x9XCttaJNgb52lTK1QAJXbt4D2cuGz4i7dFGjRbogfpoGkZb80Hx+L
dPHwFXspfGpLDAgPIrKvipenJDX/WwureITrhd/aH7nR+9rOiIU3vongyQ==
-----END CERTIFICATE-----
Generated at Thu Mar 28 00:59:52 2024 by rpki-client on console-fra.rpki-client.org