Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/48743620-d852-4c45-84d7-d4a7e3874270.roa
File:                     48743620-d852-4c45-84d7-d4a7e3874270.roa (raw, json)
Hash identifier:          HKLddUB8vehHGsjXZF8Zq2fmgkSEyB/J+Kd36ZyI22g=
Subject key identifier:   9E:D2:04:A4:7B:BE:28:5F:04:D8:80:60:1A:6B:4A:E6:B0:AE:45:17
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0E4A997AF63B9154F7FB2C35FE98A06D19EF2C64
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/48743620-d852-4c45-84d7-d4a7e3874270.roa
Signing time:             Sat 16 Mar 2024 00:00:00 +0000
ROA not before:           Sat 16 Mar 2024 00:00:00 +0000
ROA not after:            Sat 20 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        168.192.0.0/15 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:4a:99:7a:f6:3b:91:54:f7:fb:2c:35:fe:98:a0:6d:19:ef:2c:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 16 00:00:00 2024 GMT
            Not After : Apr 20 23:59:59 2024 GMT
        Subject: serialNumber=927097e53c76e2b8079c1c1db0529fcbc38633028f76e87aaeeec7b7a5bb35f8, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:12:6a:83:92:a0:24:d2:27:c3:08:3e:4c:34:
                    43:ec:8a:57:3d:aa:72:4c:13:5e:00:be:68:4d:ac:
                    11:58:35:e0:8d:c6:47:c0:c0:cb:3a:1a:18:e1:38:
                    2a:98:89:71:ff:fb:66:d9:b3:ec:0c:ce:66:d6:21:
                    67:9e:51:f7:a9:c6:c1:88:bb:73:26:3e:03:8c:4a:
                    ff:4e:d7:75:5a:6b:b4:46:7e:d4:b7:e0:7f:b0:26:
                    34:ca:37:e5:60:ac:ad:d9:0e:8b:f1:19:a8:c9:4a:
                    c3:ec:4a:85:3b:26:0c:87:50:fa:8c:95:20:a3:bd:
                    cf:71:37:cb:79:d0:df:c5:84:1e:f5:5c:ae:6b:da:
                    3c:50:50:ec:f8:61:c1:28:26:23:b0:d8:96:1d:cc:
                    47:37:ea:85:ee:51:ed:ab:9e:09:d3:7f:9a:fb:b4:
                    91:07:39:4e:11:32:45:62:7d:56:a5:7a:fe:ef:76:
                    ba:d5:3c:2d:86:55:4c:f9:de:cb:f0:31:c1:98:2e:
                    e5:dc:92:78:9e:00:bc:48:df:52:6f:9c:7a:5f:d7:
                    4d:6d:56:92:f5:63:27:7e:78:f9:d7:df:87:f8:d2:
                    14:3a:b0:6e:27:e5:aa:ec:ae:6f:09:a6:95:e0:db:
                    63:0f:92:ce:3c:6e:8d:a4:b1:81:e9:35:73:56:91:
                    3e:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:D2:04:A4:7B:BE:28:5F:04:D8:80:60:1A:6B:4A:E6:B0:AE:45:17
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/48743620-d852-4c45-84d7-d4a7e3874270.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.192.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         79:f1:a4:00:96:b4:0f:08:df:45:7f:1d:33:fe:18:fb:61:64:
         5e:ea:99:c9:ab:be:38:d8:69:44:b7:81:a5:71:87:44:1e:7e:
         50:3b:5c:47:5e:55:68:16:63:07:fc:39:a4:97:b8:c4:fc:92:
         82:93:13:c0:cc:e2:6d:83:15:e8:d8:b5:2b:9b:03:bb:96:a9:
         51:c9:44:01:ee:94:a2:f2:8b:47:6b:fd:00:79:fb:49:8f:f5:
         a6:45:ca:55:33:8b:0d:3c:7f:af:89:1f:30:7f:93:f5:7a:ab:
         45:9f:1c:76:57:04:32:64:20:26:58:85:00:3b:36:cb:a6:d0:
         50:c2:5c:0d:b2:6b:1a:ae:6e:f1:9f:6a:0e:9a:6d:e9:5e:57:
         12:5b:8a:ca:9b:f5:80:8b:9f:c3:cd:55:fd:75:ca:f0:38:77:
         07:8a:d3:7b:76:c1:75:47:93:83:f8:44:fd:ec:8a:9b:07:cf:
         d6:4a:94:df:b8:9d:c8:da:d0:6d:9e:10:6a:01:61:7d:cd:94:
         75:85:6d:e3:96:62:2b:7e:3b:a1:fd:01:79:b2:a2:0f:35:76:
         6d:cd:5f:1a:fd:da:0b:6a:1e:6b:7e:f8:f9:c1:1b:f0:ae:79:
         7d:86:bc:08:30:32:98:10:1b:31:42:81:65:f3:5d:c7:66:1b:
         87:50:e5:d6
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUDkqZevY7kVT3+yw1/pigbRnvLGQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE2MDAwMDAwWhcNMjQwNDIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A5MjcwOTdlNTNjNzZlMmI4MDc5YzFjMWRiMDUyOWZjYmMz
ODYzMzAyOGY3NmU4N2FhZWVlYzdiN2E1YmIzNWY4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCcEmqDkqAk0ifDCD5MNEPsilc9qnJME14AvmhNrBFYNeCN
xkfAwMs6GhjhOCqYiXH/+2bZs+wMzmbWIWeeUfepxsGIu3MmPgOMSv9O13Vaa7RG
ftS34H+wJjTKN+VgrK3ZDovxGajJSsPsSoU7JgyHUPqMlSCjvc9xN8t50N/FhB71
XK5r2jxQUOz4YcEoJiOw2JYdzEc36oXuUe2rngnTf5r7tJEHOU4RMkVifValev7v
drrVPC2GVUz53svwMcGYLuXcknieALxI31JvnHpf101tVpL1Yyd+ePnX34f40hQ6
sG4n5arsrm8JppXg22MPks48bo2ksYHpNXNWkT4PAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUntIEpHu+KF8E2IBgGmtK5rCuRRcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQ4NzQzNjIwLWQ4NTItNGM0NS04NGQ3LWQ0YTdlMzg3NDI3MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwGowDANBgkqhkiG9w0BAQsFAAOCAQEAefGkAJa0DwjfRX8dM/4Y+2FkXuqZ
yau+ONhpRLeBpXGHRB5+UDtcR15VaBZjB/w5pJe4xPySgpMTwMzibYMV6Ni1K5sD
u5apUclEAe6UovKLR2v9AHn7SY/1pkXKVTOLDTx/r4kfMH+T9XqrRZ8cdlcEMmQg
JliFADs2y6bQUMJcDbJrGq5u8Z9qDppt6V5XEluKypv1gIufw81V/XXK8Dh3B4rT
e3bBdUeTg/hE/eyKmwfP1kqU37idyNrQbZ4QagFhfc2UdYVt45ZiK347of0BebKi
DzV2bc1fGv3aC2oea374+cEb8K55fYa8CDAymBAbMUKBZfNdx2Ybh1Dl1g==
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:05:21 2024 by rpki-client on console-ams.rpki-client.org