Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4447d57f-1c32-47e8-9850-ca8c559cea4b.roa
File:                     4447d57f-1c32-47e8-9850-ca8c559cea4b.roa (raw, json)
Hash identifier:          cWop2dd4XrfqJQ2ukU+f+U3Hyd66rhKXBK2UpjqEzUA=
Subject key identifier:   0D:E7:09:63:53:AE:CE:58:50:E4:F7:98:26:2F:09:28:84:22:8A:64
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       41DB9F5AFB2962D9BA4238D4A418E96A2ED340F7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4447d57f-1c32-47e8-9850-ca8c559cea4b.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        128.11.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:db:9f:5a:fb:29:62:d9:ba:42:38:d4:a4:18:e9:6a:2e:d3:40:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=2595d4cdd5985a2e25366236f543aa8d000ad85dbd671706e2c49689a142d544, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:c5:b6:4b:66:c2:5b:39:38:c8:bf:50:f4:6b:
                    de:6c:e8:c5:66:ca:df:9f:28:5f:c8:65:7d:ce:58:
                    37:c5:17:29:4a:88:00:16:6b:bb:3c:18:14:30:75:
                    2e:fa:bd:d1:1d:65:bb:10:43:e7:11:3b:6c:a1:dd:
                    98:c9:6e:6f:57:1d:f9:b9:27:98:3f:b1:cd:3a:fa:
                    47:d2:55:93:35:fa:fa:55:dd:07:65:69:d3:36:6e:
                    1a:b2:1f:49:15:ca:6f:14:78:15:c2:1a:59:06:5a:
                    31:b6:45:8b:6a:9d:1e:92:bb:ed:35:73:03:e4:fb:
                    29:63:77:a8:66:f1:84:b6:5e:f2:9c:9e:a4:b4:04:
                    f6:ae:84:f1:8a:27:0f:9c:ae:91:4e:af:88:45:3d:
                    5a:5c:8f:6b:87:c9:92:10:ab:12:e8:0e:08:1b:b4:
                    b5:27:03:8c:61:91:63:b3:cd:73:05:3e:18:06:63:
                    0c:9a:6d:c7:f5:98:6f:ba:e1:73:be:09:35:02:cd:
                    ce:a2:a7:17:ed:52:ca:8f:9a:49:67:07:4a:f3:85:
                    f6:76:6d:f2:13:28:68:da:90:8a:ea:da:8d:18:4d:
                    bb:00:0d:41:1f:1d:c2:62:5d:40:9c:ac:f1:da:43:
                    d6:41:54:40:36:f3:9e:38:f8:a9:dd:bc:49:5e:93:
                    aa:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:E7:09:63:53:AE:CE:58:50:E4:F7:98:26:2F:09:28:84:22:8A:64
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4447d57f-1c32-47e8-9850-ca8c559cea4b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  128.11.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         43:6d:dc:0b:84:6e:8c:58:09:46:6b:0f:89:71:2c:25:67:c5:
         c1:f6:52:6d:99:f3:48:8f:2b:20:ca:38:10:2d:e5:5b:47:0f:
         88:5a:57:35:83:cd:b8:bc:25:70:8a:8d:48:9d:d6:e5:67:f9:
         b5:0b:14:dd:05:9e:bb:b7:26:93:ae:af:cc:f5:b3:c2:1c:29:
         1a:d8:ef:44:26:d6:1c:90:24:9c:06:19:c8:bb:f2:45:76:dc:
         29:b5:93:f2:1c:ea:e7:36:aa:3b:8c:5e:28:33:47:ed:a6:d4:
         1d:0f:46:93:a3:b6:3a:18:18:1e:d6:04:a6:15:0f:a1:71:7f:
         56:8b:c9:68:5e:ff:75:20:d3:5c:4b:98:86:70:c5:93:d7:8b:
         a2:5a:e2:da:71:e5:0e:68:ff:68:e8:82:4b:19:75:9f:2f:76:
         22:69:ac:d3:80:7e:ca:81:51:9b:d7:69:1f:7a:ee:41:d0:d9:
         8d:2e:53:ba:87:a1:38:72:36:01:99:23:2a:c0:4f:43:9f:71:
         b1:a0:fa:c4:ea:bc:69:a5:1f:2d:72:01:47:6a:c5:df:ec:ed:
         42:37:84:c3:17:1c:2e:68:14:bd:37:e2:87:83:1c:e2:3b:2f:
         b7:5f:5c:4d:3d:91:c0:d6:97:e8:71:08:ab:fb:56:3e:11:8b:
         e6:28:89:36
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUQdufWvspYtm6QjjUpBjpai7TQPcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0AyNTk1ZDRjZGQ1OTg1YTJlMjUzNjYyMzZmNTQzYWE4ZDAw
MGFkODVkYmQ2NzE3MDZlMmM0OTY4OWExNDJkNTQ0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDDxbZLZsJbOTjIv1D0a95s6MVmyt+fKF/IZX3OWDfFFylK
iAAWa7s8GBQwdS76vdEdZbsQQ+cRO2yh3ZjJbm9XHfm5J5g/sc06+kfSVZM1+vpV
3QdladM2bhqyH0kVym8UeBXCGlkGWjG2RYtqnR6Su+01cwPk+yljd6hm8YS2XvKc
nqS0BPauhPGKJw+crpFOr4hFPVpcj2uHyZIQqxLoDggbtLUnA4xhkWOzzXMFPhgG
Ywyabcf1mG+64XO+CTUCzc6ipxftUsqPmklnB0rzhfZ2bfITKGjakIrq2o0YTbsA
DUEfHcJiXUCcrPHaQ9ZBVEA28544+KndvElek6qpAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUDecJY1OuzlhQ5PeYJi8JKIQiimQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQ0NDdkNTdmLTFjMzItNDdlOC05ODUwLWNhOGM1NTljZWE0Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCACzANBgkqhkiG9w0BAQsFAAOCAQEAQ23cC4RujFgJRmsPiXEsJWfFwfZS
bZnzSI8rIMo4EC3lW0cPiFpXNYPNuLwlcIqNSJ3W5Wf5tQsU3QWeu7cmk66vzPWz
whwpGtjvRCbWHJAknAYZyLvyRXbcKbWT8hzq5zaqO4xeKDNH7abUHQ9Gk6O2OhgY
HtYEphUPoXF/VovJaF7/dSDTXEuYhnDFk9eLolri2nHlDmj/aOiCSxl1ny92Imms
04B+yoFRm9dpH3ruQdDZjS5TuoehOHI2AZkjKsBPQ59xsaD6xOq8aaUfLXIBR2rF
3+ztQjeEwxccLmgUvTfih4Mc4jsvt19cTT2RwNaX6HEIq/tWPhGL5iiJNg==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:17:07 2024 by rpki-client on console-ams.rpki-client.org