Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/482e401f-8bd4-49bd-aa37-5a143d94fa53.roa
File:                     482e401f-8bd4-49bd-aa37-5a143d94fa53.roa (raw, json)
Hash identifier:          uMQQamA2KFLl4I2vB3PgNU42+K8i9WvIFiEuRK9K2TY=
Subject key identifier:   BD:B9:AC:4E:66:0C:F5:D5:69:02:97:38:02:60:00:73:B8:85:7C:16
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0C1C7A00CFF7340959A738F851576FC4E47E49E6
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/482e401f-8bd4-49bd-aa37-5a143d94fa53.roa
Signing time:             Tue 05 Nov 2024 00:00:00 +0000
ROA not before:           Tue 05 Nov 2024 00:00:00 +0000
ROA not after:            Tue 10 Dec 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        64.252.108.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 25 Nov 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:1c:7a:00:cf:f7:34:09:59:a7:38:f8:51:57:6f:c4:e4:7e:49:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  5 00:00:00 2024 GMT
            Not After : Dec 10 23:59:59 2024 GMT
        Subject: serialNumber=4ca315c7dc6c217ba81b0b78b7f2bec86900c3bca42043aa599b1a0d8a953606, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:6c:df:e4:40:3c:c2:a1:8f:b9:65:fd:fb:5a:
                    52:ff:0b:c6:86:2f:70:7f:e4:87:0f:d5:ea:e9:7f:
                    d0:b7:ac:b6:6a:1c:a2:2b:5c:96:02:5d:c7:b0:01:
                    fa:53:6d:c1:39:16:82:44:6c:1c:2c:e4:4e:a8:e2:
                    40:91:7c:8c:77:f2:34:42:ad:d6:db:34:68:ca:9d:
                    ec:f3:ad:a7:a6:96:ed:9e:cb:48:07:d5:ec:eb:99:
                    9b:78:2d:e8:91:21:e1:8d:f3:a8:7f:19:94:98:07:
                    16:1a:05:55:b3:48:db:61:7f:df:f2:7a:e5:64:16:
                    23:08:d2:64:c2:5b:10:38:0f:3f:80:97:9b:8d:5b:
                    a3:e0:36:3a:36:90:e2:ef:b9:c2:75:90:b7:74:7d:
                    af:54:51:59:2f:34:3b:af:11:6d:cd:6c:9a:4e:a0:
                    27:bf:fd:69:0a:bd:6d:93:2f:45:c8:5d:e3:65:b3:
                    1b:4f:7a:d4:60:a0:be:46:ff:02:a1:15:3c:ff:41:
                    1c:f7:a5:06:e3:5f:17:13:3a:e2:1a:1f:ea:58:ce:
                    85:51:18:30:af:1e:c8:f0:1f:b9:c6:d6:2b:18:84:
                    3f:b7:1c:3b:c7:82:ad:20:21:f1:e1:51:e3:70:e4:
                    d9:e1:90:b4:46:c4:64:03:78:e9:8e:d4:7b:56:16:
                    04:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:B9:AC:4E:66:0C:F5:D5:69:02:97:38:02:60:00:73:B8:85:7C:16
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/482e401f-8bd4-49bd-aa37-5a143d94fa53.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.252.108.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b3:43:eb:1b:b9:05:27:94:02:77:6a:fe:fd:7f:fe:43:7b:38:
         34:8b:4d:c7:e4:96:d7:54:13:6b:3d:ee:7e:8b:d1:e7:69:07:
         d1:f7:9f:05:d6:c8:a3:c1:86:45:22:8b:83:aa:2f:67:e1:09:
         fe:60:e0:f4:79:e4:9c:b7:10:0b:ef:d1:3a:30:35:eb:ad:f0:
         f9:3d:d0:fe:9a:5c:f6:f1:98:ae:f9:8d:ec:d9:78:65:ae:5a:
         70:8c:06:a0:e9:95:f5:cf:d9:09:a5:8b:4f:39:31:bc:d0:eb:
         69:34:29:40:b3:64:3d:21:df:57:cb:fc:e4:fb:1c:68:19:e2:
         00:71:bc:ca:2c:d7:12:03:63:4b:9d:fd:5a:94:ea:f4:4a:43:
         70:0a:90:7c:cc:5d:7d:2b:01:00:2e:64:35:69:c6:47:77:94:
         d0:af:ef:a3:ed:60:63:ef:80:73:22:0d:ac:0e:19:89:e5:df:
         e6:0a:34:ab:09:b5:e0:cf:44:25:cd:47:7d:a0:dc:c0:8a:9d:
         1a:cf:af:d7:64:43:42:30:9f:ff:22:df:d9:cf:54:37:06:f5:
         ef:8b:fc:6d:a7:a9:29:dd:e5:9e:17:3b:74:b2:e5:fc:2a:e1:
         70:c1:0e:20:12:33:1e:13:92:f7:5b:67:ed:37:a5:71:b3:24:
         0b:85:4e:d1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDBx6AM/3NAlZpzj4UVdvxOR+SeYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMTA1MDAwMDAwWhcNMjQxMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A0Y2EzMTVjN2RjNmMyMTdiYTgxYjBiNzhiN2YyYmVjODY5
MDBjM2JjYTQyMDQzYWE1OTliMWEwZDhhOTUzNjA2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC5bN/kQDzCoY+5Zf37WlL/C8aGL3B/5IcP1erpf9C3rLZq
HKIrXJYCXcewAfpTbcE5FoJEbBws5E6o4kCRfIx38jRCrdbbNGjKnezzraemlu2e
y0gH1ezrmZt4LeiRIeGN86h/GZSYBxYaBVWzSNthf9/yeuVkFiMI0mTCWxA4Dz+A
l5uNW6PgNjo2kOLvucJ1kLd0fa9UUVkvNDuvEW3NbJpOoCe//WkKvW2TL0XIXeNl
sxtPetRgoL5G/wKhFTz/QRz3pQbjXxcTOuIaH+pYzoVRGDCvHsjwH7nG1isYhD+3
HDvHgq0gIfHhUeNw5NnhkLRGxGQDeOmO1HtWFgQdAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUvbmsTmYM9dVpApc4AmAAc7iFfBYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQ4MmU0MDFmLThiZDQtNDliZC1hYTM3LTVhMTQzZDk0ZmE1My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABA/GwwDQYJKoZIhvcNAQELBQADggEBALND6xu5BSeUAndq/v1//kN7ODSL
TcfkltdUE2s97n6L0edpB9H3nwXWyKPBhkUii4OqL2fhCf5g4PR55Jy3EAvv0Tow
Neut8Pk90P6aXPbxmK75jezZeGWuWnCMBqDplfXP2Qmli085MbzQ62k0KUCzZD0h
31fL/OT7HGgZ4gBxvMos1xIDY0ud/VqU6vRKQ3AKkHzMXX0rAQAuZDVpxkd3lNCv
76PtYGPvgHMiDawOGYnl3+YKNKsJteDPRCXNR32g3MCKnRrPr9dkQ0Iwn/8i39nP
VDcG9e+L/G2nqSnd5Z4XO3Sy5fwq4XDBDiASMx4TkvdbZ+03pXGzJAuFTtE=
-----END CERTIFICATE-----
Generated at Sun Nov 24 03:17:00 2024 by rpki-client on console-ams.rpki-client.org