Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/55ebf205-72ff-475a-87ff-8ebc15a46bfb.roa
File:                     55ebf205-72ff-475a-87ff-8ebc15a46bfb.roa (raw, json)
Hash identifier:          28iNYWeDkjCeHxXOzjsuIFiP3tL9+747ATsX3Po73FI=
Subject key identifier:   61:68:FF:D9:A2:1A:E6:6D:3B:01:C2:FE:A3:13:B3:8A:8D:16:81:98
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3759644D3ED553887EA87201A685318A4B4A7083
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/55ebf205-72ff-475a-87ff-8ebc15a46bfb.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        99.150.0.0/17 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:59:64:4d:3e:d5:53:88:7e:a8:72:01:a6:85:31:8a:4b:4a:70:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=9317452db92cde948eda26a2fac1153760945814e8da16f324ae321bb1fd0a40, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:9c:7b:bb:06:ee:f4:3d:fc:43:73:7f:6f:6c:
                    a2:2f:cd:25:e1:61:c5:bf:d6:aa:82:6f:29:70:c2:
                    01:6e:50:16:80:68:d8:45:4e:79:a3:47:36:44:79:
                    82:fc:5c:d5:13:c0:b0:de:95:20:38:2f:b5:bf:69:
                    71:eb:c3:de:e1:ea:79:0e:3c:04:a4:21:50:3b:29:
                    ed:ac:81:05:8b:cf:22:7d:e5:e3:c0:6b:bc:d0:bd:
                    d3:a6:81:d8:13:3d:a9:98:ce:00:0e:7c:d5:9c:91:
                    29:81:ca:49:49:78:a0:5f:c3:a2:b2:28:66:4e:ac:
                    37:e7:b1:7c:59:84:b9:6b:d4:a2:e2:00:05:38:94:
                    14:ad:0c:ee:f8:ab:95:65:48:d8:c1:51:80:41:fc:
                    d6:e7:aa:2c:aa:76:99:1c:91:af:e9:a6:1e:12:24:
                    03:b2:da:67:c9:9a:be:e8:65:72:1d:d4:71:8a:14:
                    54:b1:f9:36:d1:13:db:6c:ed:52:9f:ca:43:08:18:
                    68:99:94:ba:fe:8f:5f:c5:43:e5:2a:f6:0d:86:24:
                    f7:fe:74:38:22:c0:73:66:e6:0c:1c:69:40:cc:ad:
                    cc:94:6a:e5:c4:5e:c0:8a:cc:35:00:33:5e:f4:c7:
                    03:e2:e4:d6:5e:20:3c:eb:b7:d5:4b:65:b2:1e:7c:
                    d9:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:68:FF:D9:A2:1A:E6:6D:3B:01:C2:FE:A3:13:B3:8A:8D:16:81:98
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/55ebf205-72ff-475a-87ff-8ebc15a46bfb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.150.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         a2:59:33:f2:61:44:ec:0f:4f:93:c1:dc:08:9b:ec:61:9c:fd:
         34:fd:66:9e:85:03:1f:9c:6d:e3:f3:3d:79:d0:44:76:f4:5a:
         4d:1f:04:38:b0:2b:5b:95:79:3f:1c:8d:5d:76:33:fd:6c:05:
         98:5c:6e:64:55:5d:39:83:29:1a:a7:5a:0b:cb:92:91:89:23:
         54:a6:66:0b:7b:b3:35:0f:19:57:b3:b5:6a:af:3e:c6:47:44:
         78:21:af:4e:ba:e7:99:f9:32:2d:47:12:ae:7a:7a:08:a1:ae:
         f8:54:4e:58:af:a4:bf:2b:04:a0:00:48:4c:88:59:de:ae:a5:
         1c:69:2f:82:41:ff:7d:f7:ae:70:5f:af:9c:8d:24:54:48:97:
         7b:46:f1:5a:12:1a:48:37:1f:44:dd:b4:59:9e:49:aa:37:f4:
         6f:92:ae:51:92:32:40:b3:56:da:1a:19:8c:ee:a2:03:00:88:
         28:39:db:4c:93:27:6d:b8:dd:b3:4d:49:25:1e:7b:d6:93:b4:
         6e:9b:3e:96:ec:12:8a:02:fe:4e:a7:f4:db:d6:44:55:8a:ad:
         3b:2c:12:78:3c:b3:eb:49:6f:ef:ae:02:5c:7c:34:a6:34:19:
         2a:80:1c:65:48:2a:89:a0:45:40:50:16:02:b8:e8:5b:c4:bd:
         fb:41:fb:e8
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUN1lkTT7VU4h+qHIBpoUxiktKcIMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A5MzE3NDUyZGI5MmNkZTk0OGVkYTI2YTJmYWMxMTUzNzYw
OTQ1ODE0ZThkYTE2ZjMyNGFlMzIxYmIxZmQwYTQwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQClnHu7Bu70PfxDc39vbKIvzSXhYcW/1qqCbylwwgFuUBaA
aNhFTnmjRzZEeYL8XNUTwLDelSA4L7W/aXHrw97h6nkOPASkIVA7Ke2sgQWLzyJ9
5ePAa7zQvdOmgdgTPamYzgAOfNWckSmByklJeKBfw6KyKGZOrDfnsXxZhLlr1KLi
AAU4lBStDO74q5VlSNjBUYBB/Nbnqiyqdpkcka/pph4SJAOy2mfJmr7oZXId1HGK
FFSx+TbRE9ts7VKfykMIGGiZlLr+j1/FQ+Uq9g2GJPf+dDgiwHNm5gwcaUDMrcyU
auXEXsCKzDUAM170xwPi5NZeIDzrt9VLZbIefNmzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUYWj/2aIa5m07AcL+oxOzio0WgZgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzU1ZWJmMjA1LTcyZmYtNDc1YS04N2ZmLThlYmMxNWE0NmJmYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAdjlgAwDQYJKoZIhvcNAQELBQADggEBAKJZM/JhROwPT5PB3Aib7GGc/TT9
Zp6FAx+cbePzPXnQRHb0Wk0fBDiwK1uVeT8cjV12M/1sBZhcbmRVXTmDKRqnWgvL
kpGJI1SmZgt7szUPGVeztWqvPsZHRHghr06655n5Mi1HEq56egihrvhUTlivpL8r
BKAASEyIWd6upRxpL4JB/333rnBfr5yNJFRIl3tG8VoSGkg3H0TdtFmeSao39G+S
rlGSMkCzVtoaGYzuogMAiCg520yTJ2243bNNSSUee9aTtG6bPpbsEooC/k6n9NvW
RFWKrTssEng8s+tJb++uAlx8NKY0GSqAHGVIKomgRUBQFgK46FvEvftB++g=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:36:56 2024 by rpki-client on console-fra.rpki-client.org