Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4a96787b-389c-46b2-919d-eda3b93c7241.roa
File:                     4a96787b-389c-46b2-919d-eda3b93c7241.roa (raw, json)
Hash identifier:          Y8nyFyzeZbpsWd5+X+utN4tiwXVgP5jwJv4u0ITgojk=
Subject key identifier:   8E:A8:CC:A0:5A:3E:A4:3E:D2:B2:8B:77:74:B2:D8:E3:D5:66:CC:98
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0E8EDA08054D6E7637AB9E8ACC945CB7881B0D7D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4a96787b-389c-46b2-919d-eda3b93c7241.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        99.78.144.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:8e:da:08:05:4d:6e:76:37:ab:9e:8a:cc:94:5c:b7:88:1b:0d:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=32e99023a1c0c9371dfd2a956c56d60953fb8b8d2638e28f1f0f639466587b5c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:af:41:8b:0e:13:c3:d5:b1:81:50:fd:b5:91:
                    33:02:d9:4e:ff:1c:c1:12:1b:1b:9c:12:30:f6:05:
                    20:b1:2f:e2:79:a9:3f:e4:fb:c8:28:2c:32:ed:bc:
                    d6:78:25:5e:49:f4:ff:51:56:a1:e7:dc:8c:f0:65:
                    34:27:bc:af:2b:5c:0f:61:4b:cc:ab:0b:f1:b7:9c:
                    69:21:61:61:8f:bb:69:f9:9b:dd:5b:d0:9e:b8:f6:
                    86:4a:bf:c5:f2:ff:f9:d7:65:80:e5:78:8f:22:84:
                    6c:f6:2e:d8:88:f0:66:d5:cd:14:80:c0:78:38:00:
                    6c:cf:e8:b5:97:8e:73:8a:1d:39:d1:33:6d:29:0a:
                    0c:02:12:71:5e:f5:ef:9c:38:3e:52:74:47:c7:30:
                    4f:4e:39:75:7b:9a:f0:35:12:14:e0:b1:1b:67:b5:
                    26:59:18:d8:69:e4:81:9f:03:b4:76:c6:13:91:3f:
                    1f:9e:a8:b5:f6:0f:85:a0:24:50:94:c7:7a:53:bd:
                    0b:8f:d9:ab:d5:15:a7:54:47:37:95:3d:87:39:45:
                    eb:af:73:ae:28:23:63:f2:f9:94:b3:32:c9:36:7b:
                    47:d6:43:39:a9:ec:ec:79:1b:6e:90:4b:85:a2:74:
                    49:61:ec:b0:af:6d:c5:9b:4a:d6:17:72:16:08:36:
                    c4:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:A8:CC:A0:5A:3E:A4:3E:D2:B2:8B:77:74:B2:D8:E3:D5:66:CC:98
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4a96787b-389c-46b2-919d-eda3b93c7241.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.78.144.0/21

    Signature Algorithm: sha256WithRSAEncryption
         2c:2d:89:bf:b0:7e:bf:9e:a0:c1:a6:f7:6f:b3:35:40:6f:bb:
         1c:2c:05:f5:00:02:20:31:61:61:0a:be:f3:8b:34:d6:6e:13:
         87:ec:e7:ea:c3:3a:8e:5f:36:ae:3a:c7:bd:a6:9d:64:d3:2d:
         d2:79:bd:5d:ab:2f:78:d6:a8:8b:5d:ea:ce:2d:a5:e8:31:d0:
         f0:c7:47:81:74:f7:c2:0d:89:4a:0f:95:4f:4e:5f:df:ef:c9:
         74:f5:32:3a:ca:fa:85:cd:d9:fa:77:70:e2:b7:a4:cf:45:eb:
         c8:ee:ba:5d:b4:d0:ea:44:a3:80:18:2a:71:4e:7c:8d:06:85:
         12:6d:f3:9e:1a:1e:1b:a1:bd:e7:5a:b9:40:da:06:13:13:95:
         68:82:c4:dc:1a:f7:cb:c0:f7:bc:a6:a3:3a:c2:29:16:c9:4b:
         43:08:a1:47:c6:69:5b:9a:8d:6c:1a:12:cf:cf:53:13:bd:2b:
         1a:b6:22:1f:89:80:d5:20:2e:06:a8:d9:6c:60:45:c0:8d:b9:
         e5:15:9c:e4:5e:91:bd:38:9f:c5:32:d2:a7:54:5d:76:df:14:
         48:b2:04:5b:5a:69:7b:30:4d:68:98:f9:ff:29:c5:ed:7c:64:
         b2:00:ab:a2:8d:4e:f1:54:19:f6:ac:49:4a:eb:1e:75:d2:0d:
         c0:3c:be:e4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDo7aCAVNbnY3q56KzJRct4gbDX0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0AzMmU5OTAyM2ExYzBjOTM3MWRmZDJhOTU2YzU2ZDYwOTUz
ZmI4YjhkMjYzOGUyOGYxZjBmNjM5NDY2NTg3YjVjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDWr0GLDhPD1bGBUP21kTMC2U7/HMESGxucEjD2BSCxL+J5
qT/k+8goLDLtvNZ4JV5J9P9RVqHn3IzwZTQnvK8rXA9hS8yrC/G3nGkhYWGPu2n5
m91b0J649oZKv8Xy//nXZYDleI8ihGz2LtiI8GbVzRSAwHg4AGzP6LWXjnOKHTnR
M20pCgwCEnFe9e+cOD5SdEfHME9OOXV7mvA1EhTgsRtntSZZGNhp5IGfA7R2xhOR
Px+eqLX2D4WgJFCUx3pTvQuP2avVFadURzeVPYc5Reuvc64oI2Py+ZSzMsk2e0fW
Qzmp7Ox5G26QS4WidElh7LCvbcWbStYXchYINsTrAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUjqjMoFo+pD7Ssot3dLLY49VmzJgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRhOTY3ODdiLTM4OWMtNDZiMi05MTlkLWVkYTNiOTNjNzI0MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANjTpAwDQYJKoZIhvcNAQELBQADggEBACwtib+wfr+eoMGm92+zNUBvuxws
BfUAAiAxYWEKvvOLNNZuE4fs5+rDOo5fNq46x72mnWTTLdJ5vV2rL3jWqItd6s4t
pegx0PDHR4F098INiUoPlU9OX9/vyXT1MjrK+oXN2fp3cOK3pM9F68juul200OpE
o4AYKnFOfI0GhRJt854aHhuhvedauUDaBhMTlWiCxNwa98vA97ymozrCKRbJS0MI
oUfGaVuajWwaEs/PUxO9Kxq2Ih+JgNUgLgao2WxgRcCNueUVnORekb04n8Uy0qdU
XXbfFEiyBFtaaXswTWiY+f8pxe18ZLIAq6KNTvFUGfasSUrrHnXSDcA8vuQ=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:36:53 2024 by rpki-client on console-fra.rpki-client.org