Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/47a95b2d-b390-454d-b7fe-61f0be7e13af.roa
File:                     47a95b2d-b390-454d-b7fe-61f0be7e13af.roa (raw, json)
Hash identifier:          E67N/1lwjJ8PUJ/pTx9yQNqJ4G4QX0xMCiKBWNHSlOQ=
Subject key identifier:   25:C3:BB:91:D9:6C:3D:6C:94:21:28:D0:FA:53:43:27:D5:68:BE:41
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       347600C733C9CE0239EFE4B401CF4815A9D3C063
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/47a95b2d-b390-454d-b7fe-61f0be7e13af.roa
Signing time:             Sat 30 Nov 2024 00:00:00 +0000
ROA not before:           Sat 30 Nov 2024 00:00:00 +0000
ROA not after:            Sat 04 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        131.127.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 11 Dec 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            34:76:00:c7:33:c9:ce:02:39:ef:e4:b4:01:cf:48:15:a9:d3:c0:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 30 00:00:00 2024 GMT
            Not After : Jan  4 23:59:59 2025 GMT
        Subject: serialNumber=207b79e557b098d3defa54debdc2ec99dc6f9e36f46a8c1cd8afe6ccc0d300cd, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:2e:d5:36:b1:eb:38:80:d3:22:fd:c3:06:fe:
                    b1:cc:59:74:89:cb:5a:ef:44:74:1a:3b:da:e3:38:
                    2e:62:ae:50:c8:9d:42:ae:fc:34:61:27:49:df:83:
                    90:3d:d2:32:39:f8:f5:45:5d:0b:77:5d:11:6b:9b:
                    5a:2f:90:de:99:ee:80:fe:49:7b:d5:00:78:00:32:
                    3e:31:b6:92:b7:d2:02:0d:c5:a9:d6:26:8b:0a:63:
                    03:8d:d5:c4:b0:ed:4f:79:70:56:e0:0a:81:e9:94:
                    07:c8:c9:73:04:27:9f:11:f0:f4:a0:9e:2d:5b:d4:
                    77:66:c8:59:dd:8a:6e:71:f3:76:21:4f:d0:00:eb:
                    cf:1c:fb:aa:ff:9a:89:f7:10:f4:7e:f0:1f:ef:d6:
                    8e:c6:57:ce:e8:e6:b1:a7:d2:d0:44:17:83:48:a5:
                    bd:4d:86:0d:79:a9:a0:dc:66:15:65:c4:07:c1:71:
                    1b:8a:55:58:0f:c5:69:4e:20:16:f7:6b:d2:b1:d8:
                    67:be:82:04:fb:d2:ba:f5:75:18:07:ce:dc:4a:16:
                    bb:16:d6:b3:1e:56:f2:e2:00:30:91:9c:1d:c5:2c:
                    2b:6e:48:e2:40:03:e3:80:87:c2:f9:f7:db:8c:76:
                    0b:01:72:16:17:20:f7:c7:99:db:cb:2e:10:09:8e:
                    87:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:C3:BB:91:D9:6C:3D:6C:94:21:28:D0:FA:53:43:27:D5:68:BE:41
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/47a95b2d-b390-454d-b7fe-61f0be7e13af.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.127.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         7b:e7:c8:10:15:17:86:b3:f2:ea:5c:7b:89:1f:79:69:26:1c:
         c9:5a:40:d9:b0:e9:73:ed:60:e1:72:fe:a9:2a:7b:09:b7:c1:
         00:6e:ae:9e:4a:ff:16:2b:50:c8:16:c8:31:00:05:08:15:87:
         3a:63:4e:32:f0:76:9d:ce:35:6d:7a:1d:25:44:73:8d:e0:c2:
         42:47:6b:3d:0d:40:05:4a:35:d4:9b:3a:da:96:d4:85:4b:1d:
         68:16:70:61:97:30:71:a3:fd:05:1e:8e:7b:63:d7:7a:fd:15:
         9a:94:6a:ff:b8:ff:d6:c1:b1:07:21:9d:35:36:46:ac:2a:b2:
         fe:51:1a:0f:c9:8a:67:1e:00:34:57:7e:3f:ec:33:83:3c:89:
         35:2e:e2:c5:d6:94:bd:d3:e2:42:4a:d0:9a:cd:76:e0:e6:67:
         1d:08:ec:43:5b:c2:36:b2:fa:92:b7:3e:16:e1:27:50:09:3d:
         d7:15:fc:55:58:7a:f3:4a:c0:c3:ff:c5:2e:78:3c:74:84:44:
         1b:a8:8a:8e:93:d4:30:7b:4b:ac:c8:98:94:fa:57:7c:8f:47:
         ba:20:05:84:2f:ea:85:ee:d6:d8:35:b1:d3:68:9b:61:78:18:
         40:e1:4c:22:21:b1:dd:48:23:34:93:ad:48:ce:04:89:e3:56:
         42:15:56:be
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUNHYAxzPJzgI57+S0Ac9IFanTwGMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMTMwMDAwMDAwWhcNMjUwMTA0MjM1OTU5
WjB6MUkwRwYDVQQFE0AyMDdiNzllNTU3YjA5OGQzZGVmYTU0ZGViZGMyZWM5OWRj
NmY5ZTM2ZjQ2YThjMWNkOGFmZTZjY2MwZDMwMGNkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCYLtU2ses4gNMi/cMG/rHMWXSJy1rvRHQaO9rjOC5irlDI
nUKu/DRhJ0nfg5A90jI5+PVFXQt3XRFrm1ovkN6Z7oD+SXvVAHgAMj4xtpK30gIN
xanWJosKYwON1cSw7U95cFbgCoHplAfIyXMEJ58R8PSgni1b1HdmyFndim5x83Yh
T9AA688c+6r/mon3EPR+8B/v1o7GV87o5rGn0tBEF4NIpb1Nhg15qaDcZhVlxAfB
cRuKVVgPxWlOIBb3a9Kx2Ge+ggT70rr1dRgHztxKFrsW1rMeVvLiADCRnB3FLCtu
SOJAA+OAh8L599uMdgsBchYXIPfHmdvLLhAJjodPAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUJcO7kdlsPWyUISjQ+lNDJ9VovkEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQ3YTk1YjJkLWIzOTAtNDU0ZC1iN2ZlLTYxZjBiZTdlMTNhZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCDfzANBgkqhkiG9w0BAQsFAAOCAQEAe+fIEBUXhrPy6lx7iR95aSYcyVpA
2bDpc+1g4XL+qSp7CbfBAG6unkr/FitQyBbIMQAFCBWHOmNOMvB2nc41bXodJURz
jeDCQkdrPQ1ABUo11Js62pbUhUsdaBZwYZcwcaP9BR6Oe2PXev0VmpRq/7j/1sGx
ByGdNTZGrCqy/lEaD8mKZx4ANFd+P+wzgzyJNS7ixdaUvdPiQkrQms124OZnHQjs
Q1vCNrL6krc+FuEnUAk91xX8VVh680rAw//FLng8dIREG6iKjpPUMHtLrMiYlPpX
fI9HuiAFhC/qhe7W2DWx02ibYXgYQOFMIiGx3UgjNJOtSM4EieNWQhVWvg==
-----END CERTIFICATE-----
Generated at Tue Dec 10 06:25:13 2024 by rpki-client on console-ams.rpki-client.org