Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/696c1b1e-0246-458d-a96e-56b6b29e333d.roa
File:                     696c1b1e-0246-458d-a96e-56b6b29e333d.roa (raw, json)
Hash identifier:          khUyle23twT4UdD7sLsmipCNvM7m2inCIYXXBIdaL6Q=
Subject key identifier:   DE:CE:BD:0E:0E:C4:A8:E8:5B:90:2C:EC:31:F4:F2:D2:52:A0:0A:63
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6A3105D7883D3FDE2FA7B998E51B0999AF755254
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/696c1b1e-0246-458d-a96e-56b6b29e333d.roa
Signing time:             Sat 16 Mar 2024 00:00:00 +0000
ROA not before:           Sat 16 Mar 2024 00:00:00 +0000
ROA not after:            Sat 20 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        16.70.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:31:05:d7:88:3d:3f:de:2f:a7:b9:98:e5:1b:09:99:af:75:52:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 16 00:00:00 2024 GMT
            Not After : Apr 20 23:59:59 2024 GMT
        Subject: serialNumber=1d7d15c7ac9001f80c260d61845779c5d8785d01c2cd76bd256cfb456f146f65, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:ac:50:9f:dc:55:b1:4e:5e:78:49:b3:0a:70:
                    85:db:26:1a:15:6b:08:b7:85:bf:5a:c1:48:d6:a2:
                    a8:d3:c7:2b:0e:81:a7:e3:c2:9e:69:09:10:68:8a:
                    96:b1:e3:a5:d7:89:c5:ff:4a:45:8e:3c:47:a0:67:
                    91:47:70:05:64:73:43:80:ed:29:a4:af:6a:d2:60:
                    26:d5:17:c7:c2:eb:26:57:be:7a:a5:d6:ce:9c:39:
                    71:d0:ae:01:e6:06:6a:49:aa:c0:77:f2:a4:a4:90:
                    1a:df:0e:f3:73:b3:9c:c4:28:04:b4:7e:61:5b:76:
                    64:8d:a7:f3:b6:6d:e0:13:ef:9d:c0:c5:b1:19:a3:
                    e4:90:ad:f0:02:63:25:a0:31:c4:34:90:ca:a9:dd:
                    bf:b1:24:e9:5e:ee:ff:cb:5f:b4:7c:b0:5e:47:3f:
                    45:40:df:b9:04:a7:90:28:10:cf:1d:d5:f3:ec:30:
                    f7:d8:4c:bc:d9:63:c3:87:25:9e:d0:85:bd:8c:82:
                    c8:bd:0c:f8:0a:2e:25:5e:9a:03:f2:3a:c8:94:90:
                    28:ce:e5:6a:1c:95:38:78:fe:7a:de:eb:08:12:93:
                    0c:77:06:0c:95:74:3c:10:94:bb:de:49:a9:53:17:
                    16:d1:39:38:ac:c3:73:50:05:1f:5e:a3:fb:6f:42:
                    12:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:CE:BD:0E:0E:C4:A8:E8:5B:90:2C:EC:31:F4:F2:D2:52:A0:0A:63
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/696c1b1e-0246-458d-a96e-56b6b29e333d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.70.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         98:6e:88:f5:e6:26:3e:41:03:ce:5a:53:90:a6:58:db:68:f1:
         14:2b:93:ba:1c:eb:c6:b7:b7:2d:f9:10:81:28:c7:7d:10:5a:
         e5:22:6c:2a:52:ab:74:02:ae:5c:53:50:3f:45:88:25:55:2a:
         ef:c4:68:6a:8f:09:22:54:ed:3e:19:89:f4:76:b2:f8:e2:02:
         c6:77:0e:51:ea:49:47:bc:0f:7f:e5:f8:fd:98:72:2d:04:39:
         58:7e:57:8a:5c:4f:62:74:e6:d3:93:30:93:61:fb:2e:a2:f1:
         04:0a:26:db:8a:d1:b4:0e:ff:10:a6:29:71:a3:af:ea:19:83:
         e7:ce:17:d3:ae:32:be:e7:a2:68:98:b6:62:fd:46:ec:86:52:
         a3:b9:fb:35:bf:39:fb:55:08:d0:ee:06:8e:22:6e:32:65:da:
         5a:45:2f:c8:f8:97:a1:c5:60:4f:de:95:07:d5:11:d8:1d:57:
         19:4d:82:de:c2:d9:a9:e3:d5:ad:43:d8:d7:4e:8f:48:f9:f4:
         4d:55:2c:ee:4a:62:3e:ca:1f:ed:46:a6:11:bd:37:39:ea:a6:
         51:2b:bf:45:56:77:8e:51:a4:bf:49:80:4f:ad:c2:e2:51:ab:
         01:24:f7:be:5f:ba:bc:d8:ca:5d:52:0d:b6:a8:37:96:ee:15:
         e1:ec:c5:99
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUajEF14g9P94vp7mY5RsJma91UlQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE2MDAwMDAwWhcNMjQwNDIwMjM1OTU5
WjB6MUkwRwYDVQQFE0AxZDdkMTVjN2FjOTAwMWY4MGMyNjBkNjE4NDU3NzljNWQ4
Nzg1ZDAxYzJjZDc2YmQyNTZjZmI0NTZmMTQ2ZjY1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4rFCf3FWxTl54SbMKcIXbJhoVawi3hb9awUjWoqjTxysO
gafjwp5pCRBoipax46XXicX/SkWOPEegZ5FHcAVkc0OA7Smkr2rSYCbVF8fC6yZX
vnql1s6cOXHQrgHmBmpJqsB38qSkkBrfDvNzs5zEKAS0fmFbdmSNp/O2beAT753A
xbEZo+SQrfACYyWgMcQ0kMqp3b+xJOle7v/LX7R8sF5HP0VA37kEp5AoEM8d1fPs
MPfYTLzZY8OHJZ7Qhb2Mgsi9DPgKLiVemgPyOsiUkCjO5WoclTh4/nre6wgSkwx3
BgyVdDwQlLveSalTFxbROTisw3NQBR9eo/tvQhLrAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU3s69Dg7EqOhbkCzsMfTy0lKgCmMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY5NmMxYjFlLTAyNDYtNDU4ZC1hOTZlLTU2YjZiMjllMzMzZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQRjANBgkqhkiG9w0BAQsFAAOCAQEAmG6I9eYmPkEDzlpTkKZY22jxFCuT
uhzrxre3LfkQgSjHfRBa5SJsKlKrdAKuXFNQP0WIJVUq78Roao8JIlTtPhmJ9Hay
+OICxncOUepJR7wPf+X4/ZhyLQQ5WH5XilxPYnTm05Mwk2H7LqLxBAom24rRtA7/
EKYpcaOv6hmD584X064yvueiaJi2Yv1G7IZSo7n7Nb85+1UI0O4GjiJuMmXaWkUv
yPiXocVgT96VB9UR2B1XGU2C3sLZqePVrUPY106PSPn0TVUs7kpiPsof7UamEb03
OeqmUSu/RVZ3jlGkv0mAT63C4lGrAST3vl+6vNjKXVINtqg3lu4V4ezFmQ==
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:05:28 2024 by rpki-client on console-ams.rpki-client.org