Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5a577e49-2663-4f75-8a4f-8e3a12046599.roa
File:                     5a577e49-2663-4f75-8a4f-8e3a12046599.roa (raw, json)
Hash identifier:          qrzrM4o+75Z5DNv2ifgswoRlWpMTQuUiUvLVCAAzA2Y=
Subject key identifier:   16:76:E1:3E:42:FA:77:C7:72:2A:F6:D3:F1:FA:A1:E9:59:14:82:79
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2BDBAE42712AD3100A6A46E13B98C10793397829
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5a577e49-2663-4f75-8a4f-8e3a12046599.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        16.177.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:db:ae:42:71:2a:d3:10:0a:6a:46:e1:3b:98:c1:07:93:39:78:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=f1f19843f9f262b8cb2cafef0006c9f739e6c5caeca5e2d13f7bd54c8cde487e, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:4b:7e:7d:3d:b6:76:4b:e8:2c:34:1a:6a:f7:
                    91:87:25:19:a4:fc:5c:ae:71:35:19:a7:0c:72:5b:
                    1a:cb:4b:db:6a:fa:e5:e1:45:ca:34:f2:1d:5a:8f:
                    71:c4:bf:b7:6c:f6:f7:5d:e4:5c:b3:b6:31:55:8f:
                    ae:32:d6:31:18:3c:b5:3a:a2:6d:85:02:2c:b4:2b:
                    2b:53:75:58:a5:1c:d6:1e:79:dd:72:69:db:02:36:
                    f8:53:4e:c2:f5:7a:ad:28:4c:15:1c:d1:3b:b9:ba:
                    ca:9f:89:06:f8:a1:33:99:84:e1:50:ba:ac:91:a8:
                    63:e7:0a:48:98:92:f0:d4:13:cb:ec:e4:84:f3:77:
                    28:0d:00:53:79:75:93:07:a6:a0:d5:70:4f:f9:f9:
                    8c:b4:7e:d2:aa:11:5b:91:8c:31:b9:bb:39:8a:83:
                    4a:f4:e9:34:b8:3a:6f:48:57:32:a7:8e:20:59:ed:
                    17:05:4e:c2:5b:04:55:2f:75:fb:92:ac:4f:7c:67:
                    11:56:1a:0d:5f:0c:3f:4f:dd:59:df:e5:82:03:90:
                    be:26:2c:d6:05:7d:82:2f:93:3f:d7:3c:a3:01:96:
                    e9:2d:57:93:38:e1:cb:26:90:c5:15:b3:66:21:d1:
                    de:f5:ac:13:62:49:2f:3a:ba:98:45:3f:c5:b3:53:
                    81:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:76:E1:3E:42:FA:77:C7:72:2A:F6:D3:F1:FA:A1:E9:59:14:82:79
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5a577e49-2663-4f75-8a4f-8e3a12046599.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.177.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         4b:06:27:90:d6:18:8f:f0:69:4d:fc:50:7e:34:eb:26:b9:bc:
         61:0a:6c:dc:c6:dc:36:a9:15:34:64:65:1a:67:88:21:12:90:
         ea:2a:8f:fb:5a:e7:26:6d:51:63:53:16:f7:49:6d:72:0b:00:
         97:fc:e2:d6:f5:55:f5:57:09:3d:ab:46:4b:1e:f4:ef:90:41:
         4f:3f:f2:cf:98:dc:6d:e8:4d:e0:c2:1a:e6:df:dd:f7:7b:b3:
         01:9a:e6:6d:05:fd:d7:a0:ad:56:06:42:43:15:cb:ff:c6:4c:
         f0:bb:09:bc:eb:33:82:79:61:98:3e:c3:06:64:ec:56:7f:cb:
         e4:92:33:07:82:1a:32:4b:6b:72:bc:4e:ea:7c:2f:6b:0c:22:
         d9:c4:5a:d0:ea:97:86:e7:4f:55:7a:3d:9f:65:aa:57:d5:90:
         ad:f2:33:63:65:5b:de:27:6c:7c:90:e1:cb:f0:73:24:71:36:
         e0:9c:dd:c2:86:a7:e4:2a:13:45:88:43:88:26:04:18:62:32:
         28:14:e0:21:d3:19:67:59:fa:11:59:f1:87:85:1b:aa:8f:4a:
         f7:c4:6b:7f:e0:29:13:f1:8d:b7:57:61:d8:0d:11:c2:68:23:
         6a:ee:9b:c2:85:20:25:76:3c:37:71:f2:f2:43:09:09:0d:c9:
         e0:3f:b0:11
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUK9uuQnEq0xAKakbhO5jBB5M5eCkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BmMWYxOTg0M2Y5ZjI2MmI4Y2IyY2FmZWYwMDA2YzlmNzM5
ZTZjNWNhZWNhNWUyZDEzZjdiZDU0YzhjZGU0ODdlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDNS359PbZ2S+gsNBpq95GHJRmk/FyucTUZpwxyWxrLS9tq
+uXhRco08h1aj3HEv7ds9vdd5FyztjFVj64y1jEYPLU6om2FAiy0KytTdVilHNYe
ed1yadsCNvhTTsL1eq0oTBUc0Tu5usqfiQb4oTOZhOFQuqyRqGPnCkiYkvDUE8vs
5ITzdygNAFN5dZMHpqDVcE/5+Yy0ftKqEVuRjDG5uzmKg0r06TS4Om9IVzKnjiBZ
7RcFTsJbBFUvdfuSrE98ZxFWGg1fDD9P3Vnf5YIDkL4mLNYFfYIvkz/XPKMBlukt
V5M44csmkMUVs2Yh0d71rBNiSS86uphFP8WzU4FRAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUFnbhPkL6d8dyKvbT8fqh6VkUgnkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzVhNTc3ZTQ5LTI2NjMtNGY3NS04YTRmLThlM2ExMjA0NjU5OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQsTANBgkqhkiG9w0BAQsFAAOCAQEASwYnkNYYj/BpTfxQfjTrJrm8YQps
3MbcNqkVNGRlGmeIIRKQ6iqP+1rnJm1RY1MW90ltcgsAl/zi1vVV9VcJPatGSx70
75BBTz/yz5jcbehN4MIa5t/d93uzAZrmbQX916CtVgZCQxXL/8ZM8LsJvOszgnlh
mD7DBmTsVn/L5JIzB4IaMktrcrxO6nwvawwi2cRa0OqXhudPVXo9n2WqV9WQrfIz
Y2Vb3idsfJDhy/BzJHE24Jzdwoan5CoTRYhDiCYEGGIyKBTgIdMZZ1n6EVnxh4Ub
qo9K98Rrf+ApE/GNt1dh2A0Rwmgjau6bwoUgJXY8N3Hy8kMJCQ3J4D+wEQ==
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:05:25 2024 by rpki-client on console-ams.rpki-client.org