Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/45affd42-2744-48f2-a212-a55559bedfe0.roa
File:                     45affd42-2744-48f2-a212-a55559bedfe0.roa (raw, json)
Hash identifier:          Czyhc9fbWdi8TL4+mpM+c3INcgm7R+UJylc8VjZsWuQ=
Subject key identifier:   69:B4:8F:84:D1:C5:CD:9F:20:72:EF:E3:E9:D6:2C:A8:3B:32:19:2E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0FBC1ADF8582496626CFC29EC0BDBB5D01099F05
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/45affd42-2744-48f2-a212-a55559bedfe0.roa
Signing time:             Tue 03 Dec 2024 00:00:00 +0000
ROA not before:           Tue 03 Dec 2024 00:00:00 +0000
ROA not after:            Tue 07 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        96.0.72.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 12 Dec 2024 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:bc:1a:df:85:82:49:66:26:cf:c2:9e:c0:bd:bb:5d:01:09:9f:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec  3 00:00:00 2024 GMT
            Not After : Jan  7 23:59:59 2025 GMT
        Subject: serialNumber=2bfc646825c88a7f77a58449795a2921386f473f97651b8d53789117fb989abc, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:bc:5f:df:58:43:35:f6:ec:e8:cb:56:15:c7:
                    98:d8:16:8c:84:32:a5:eb:fc:65:1b:6b:7e:b6:f9:
                    04:61:37:41:e6:a4:8b:5d:ef:0d:dc:01:eb:41:82:
                    25:f0:e9:9c:49:c1:68:ee:af:59:9a:28:7b:2f:bc:
                    be:29:35:16:0c:cc:c0:6e:7c:74:08:cc:22:41:6d:
                    1b:64:9c:c0:87:1f:66:8e:f2:54:0a:44:61:bb:e8:
                    f8:7c:43:0a:e8:c3:d5:2d:51:47:a8:dc:9a:94:5e:
                    94:ac:e8:93:8c:28:a2:ff:7d:8a:0d:61:d9:00:65:
                    f3:f7:75:da:7f:c0:f6:8e:7c:1d:55:ab:0c:af:44:
                    a3:0d:68:80:cc:67:a7:a9:4a:77:d8:a9:31:d8:98:
                    22:d8:c2:97:04:39:ff:ae:fd:bf:52:15:a8:b5:bd:
                    90:00:9d:27:8b:21:14:a1:15:66:07:4f:58:b5:70:
                    8d:7e:53:1d:cc:46:1d:44:bd:54:3c:27:1b:a9:04:
                    7b:e9:73:20:32:b9:5b:5f:03:22:dc:42:bd:64:52:
                    6c:24:4d:87:3a:41:cc:62:90:4e:7c:73:b8:49:9a:
                    d5:17:22:30:aa:d0:e4:ce:58:9b:16:2d:c5:44:a1:
                    eb:8f:14:0f:bf:55:9e:4a:ca:e8:3a:a4:b7:bd:91:
                    ae:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:B4:8F:84:D1:C5:CD:9F:20:72:EF:E3:E9:D6:2C:A8:3B:32:19:2E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/45affd42-2744-48f2-a212-a55559bedfe0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  96.0.72.0/21

    Signature Algorithm: sha256WithRSAEncryption
         06:e8:1d:9c:3a:55:a1:12:bc:81:5a:2c:be:fd:0e:bd:34:66:
         91:89:58:05:3a:94:e9:5a:ec:91:ea:cf:7c:a4:3d:ab:f4:24:
         fc:e8:24:c2:6e:fc:b0:42:0e:fd:8f:b4:e1:0e:a3:0c:bc:6b:
         fe:f9:a9:33:11:ad:f3:2b:4e:1f:19:d3:55:fe:e7:3b:57:d9:
         7d:1e:f2:57:ed:58:c8:4b:39:8e:af:fe:1a:e2:b0:d4:01:f2:
         bf:f3:fe:d2:e0:8f:61:c2:13:ce:7e:44:64:83:9e:d9:e6:63:
         1d:67:a9:a0:6e:35:88:75:e8:cf:88:d5:10:f3:16:25:ee:68:
         8c:f2:58:8c:b3:28:ce:62:4a:16:5d:4d:d9:d4:14:a0:23:eb:
         83:68:54:ca:f5:63:64:94:c1:46:23:bc:3b:e1:d1:6f:1e:db:
         e7:1f:df:ae:f9:b2:30:6c:fa:ff:b8:67:33:eb:38:a8:02:4d:
         b3:86:dd:74:17:cb:83:47:a3:fc:b7:9b:ba:9b:ea:fb:35:18:
         da:f9:a7:4b:c6:55:79:03:e8:78:5d:a8:9f:f7:f2:f0:70:f5:
         63:4a:55:e0:b1:c6:f3:a8:05:12:be:b1:c7:ef:43:a4:1b:de:
         20:f4:03:7e:ff:c7:f9:e4:a3:10:12:8d:9d:e7:43:26:73:f9:
         60:4f:b1:7a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUD7wa34WCSWYmz8KewL27XQEJnwUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAzMDAwMDAwWhcNMjUwMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0AyYmZjNjQ2ODI1Yzg4YTdmNzdhNTg0NDk3OTVhMjkyMTM4
NmY0NzNmOTc2NTFiOGQ1Mzc4OTExN2ZiOTg5YWJjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpvF/fWEM19uzoy1YVx5jYFoyEMqXr/GUba362+QRhN0Hm
pItd7w3cAetBgiXw6ZxJwWjur1maKHsvvL4pNRYMzMBufHQIzCJBbRtknMCHH2aO
8lQKRGG76Ph8Qwrow9UtUUeo3JqUXpSs6JOMKKL/fYoNYdkAZfP3ddp/wPaOfB1V
qwyvRKMNaIDMZ6epSnfYqTHYmCLYwpcEOf+u/b9SFai1vZAAnSeLIRShFWYHT1i1
cI1+Ux3MRh1EvVQ8JxupBHvpcyAyuVtfAyLcQr1kUmwkTYc6QcxikE58c7hJmtUX
IjCq0OTOWJsWLcVEoeuPFA+/VZ5Kyug6pLe9ka4HAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUabSPhNHFzZ8gcu/j6dYsqDsyGS4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQ1YWZmZDQyLTI3NDQtNDhmMi1hMjEyLWE1NTU1OWJlZGZlMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANgAEgwDQYJKoZIhvcNAQELBQADggEBAAboHZw6VaESvIFaLL79Dr00ZpGJ
WAU6lOla7JHqz3ykPav0JPzoJMJu/LBCDv2PtOEOowy8a/75qTMRrfMrTh8Z01X+
5ztX2X0e8lftWMhLOY6v/hrisNQB8r/z/tLgj2HCE85+RGSDntnmYx1nqaBuNYh1
6M+I1RDzFiXuaIzyWIyzKM5iShZdTdnUFKAj64NoVMr1Y2SUwUYjvDvh0W8e2+cf
3675sjBs+v+4ZzPrOKgCTbOG3XQXy4NHo/y3m7qb6vs1GNr5p0vGVXkD6HhdqJ/3
8vBw9WNKVeCxxvOoBRK+scfvQ6Qb3iD0A37/x/nkoxASjZ3nQyZz+WBPsXo=
-----END CERTIFICATE-----
Generated at Wed Dec 11 00:44:11 2024 by rpki-client on console-fra.rpki-client.org