Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6970ee68-7cee-4fc8-a6f8-ea86fa23d461.roa
File:                     6970ee68-7cee-4fc8-a6f8-ea86fa23d461.roa (raw, json)
Hash identifier:          +7qN3hIZPYmO4GAENEZxNhaF+Af+tAN5dRnmNemrqJU=
Subject key identifier:   F0:E0:36:C4:F7:FC:03:56:A7:0B:92:50:5A:06:6E:32:00:DD:16:B8
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4B7C0D50147A4EDDC948C7529F3A560DDF791864
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6970ee68-7cee-4fc8-a6f8-ea86fa23d461.roa
Signing time:             Tue 03 Dec 2024 00:00:00 +0000
ROA not before:           Tue 03 Dec 2024 00:00:00 +0000
ROA not after:            Tue 07 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.252.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 05 Dec 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:7c:0d:50:14:7a:4e:dd:c9:48:c7:52:9f:3a:56:0d:df:79:18:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec  3 00:00:00 2024 GMT
            Not After : Jan  7 23:59:59 2025 GMT
        Subject: serialNumber=1649b3c3ea8533daa64af0b8c90b1b830d22e0f4e64c9b71f43bfc0bddb23214, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:1c:3c:f3:49:94:b4:37:a1:1f:ca:a3:a7:37:
                    94:ac:aa:11:8e:a5:3e:02:8f:3b:6f:0b:f5:6e:a2:
                    74:09:36:37:05:7d:dc:14:70:d9:c9:68:4c:2c:df:
                    c8:97:30:96:eb:2f:56:33:4e:4a:b9:ac:88:e8:6d:
                    70:bb:ea:a8:6d:b1:ff:4b:91:5c:d1:5f:37:47:80:
                    b2:de:73:c9:fc:d5:52:7a:0f:e0:7f:0d:ab:16:a2:
                    06:f7:8b:54:2c:38:ef:48:04:94:95:7f:43:6e:5a:
                    bd:09:c3:5f:5f:bb:3a:84:27:55:c8:47:75:c7:8b:
                    a1:46:f6:c8:47:14:84:f0:3e:28:20:fe:ec:e7:7a:
                    6b:d3:8e:6b:2d:cb:74:79:ed:88:34:a7:e5:07:49:
                    f8:83:e5:af:4c:a1:1f:39:5d:55:2b:e4:c8:5e:4f:
                    df:1f:87:b9:70:35:cf:3c:bf:90:10:0c:96:31:57:
                    70:f3:8b:81:f0:04:67:13:83:80:50:e2:f6:fa:0b:
                    c5:d1:bd:c9:08:2a:59:45:b5:95:2d:11:38:51:43:
                    9a:f4:38:60:9e:89:34:2d:84:ea:20:d0:c7:d8:83:
                    e1:17:30:1a:42:45:a9:33:9d:67:aa:79:2a:06:a5:
                    1f:83:e7:bf:af:4a:39:6e:2a:2d:5d:bb:f3:b5:6a:
                    91:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:E0:36:C4:F7:FC:03:56:A7:0B:92:50:5A:06:6E:32:00:DD:16:B8
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6970ee68-7cee-4fc8-a6f8-ea86fa23d461.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.252.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:0d:a2:b8:b8:b5:4b:85:b8:8c:74:a3:dc:81:21:58:60:74:
         a7:1c:6a:c8:6e:35:bc:13:a6:65:d2:d4:a9:09:d8:4b:da:ef:
         8d:9d:c4:f5:b7:49:6f:89:cd:15:7b:f1:20:b1:4b:d7:4b:76:
         7c:49:01:8d:24:75:db:ee:8c:30:b2:cd:43:39:34:62:9a:6f:
         76:8f:47:2c:7b:fb:c9:6e:73:38:6e:21:b2:bc:8b:59:f2:bf:
         07:cb:50:8c:33:56:bb:25:9b:0f:d2:8f:23:7d:20:a4:85:ce:
         12:ba:59:d6:eb:33:e2:d3:f5:96:5a:98:b7:e2:0f:cc:97:a3:
         74:f2:05:5a:4b:7f:00:52:28:19:2e:d4:a7:75:19:80:d2:a7:
         84:e4:09:89:aa:10:cc:06:92:65:3c:aa:c3:48:b9:82:47:71:
         1a:a8:17:d1:17:b6:17:3d:0e:a2:b9:da:ee:f5:82:41:57:91:
         1c:20:42:92:07:ab:1b:3c:d6:39:5e:8f:70:e1:5d:94:f1:36:
         8c:66:b6:f4:49:44:2d:ae:62:e8:a0:e3:e0:35:4c:01:ab:c1:
         30:cb:67:8a:eb:2b:4a:84:e3:d8:ae:48:3b:a4:50:99:2f:42:
         fc:e4:49:38:8e:fb:5b:d3:01:da:16:0e:fe:dc:a4:1b:a5:49:
         95:2b:60:9e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUS3wNUBR6Tt3JSMdSnzpWDd95GGQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAzMDAwMDAwWhcNMjUwMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0AxNjQ5YjNjM2VhODUzM2RhYTY0YWYwYjhjOTBiMWI4MzBk
MjJlMGY0ZTY0YzliNzFmNDNiZmMwYmRkYjIzMjE0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC8HDzzSZS0N6EfyqOnN5SsqhGOpT4CjztvC/VuonQJNjcF
fdwUcNnJaEws38iXMJbrL1YzTkq5rIjobXC76qhtsf9LkVzRXzdHgLLec8n81VJ6
D+B/DasWogb3i1QsOO9IBJSVf0NuWr0Jw19fuzqEJ1XIR3XHi6FG9shHFITwPigg
/uznemvTjmsty3R57Yg0p+UHSfiD5a9MoR85XVUr5MheT98fh7lwNc88v5AQDJYx
V3Dzi4HwBGcTg4BQ4vb6C8XRvckIKllFtZUtEThRQ5r0OGCeiTQthOog0MfYg+EX
MBpCRakznWeqeSoGpR+D57+vSjluKi1du/O1apGpAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU8OA2xPf8A1anC5JQWgZuMgDdFrgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY5NzBlZTY4LTdjZWUtNGZjOC1hNmY4LWVhODZmYTIzZDQ2MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTfwwDQYJKoZIhvcNAQELBQADggEBACkNori4tUuFuIx0o9yBIVhgdKcc
ashuNbwTpmXS1KkJ2Eva742dxPW3SW+JzRV78SCxS9dLdnxJAY0kddvujDCyzUM5
NGKab3aPRyx7+8luczhuIbK8i1nyvwfLUIwzVrslmw/SjyN9IKSFzhK6WdbrM+LT
9ZZamLfiD8yXo3TyBVpLfwBSKBku1Kd1GYDSp4TkCYmqEMwGkmU8qsNIuYJHcRqo
F9EXthc9DqK52u71gkFXkRwgQpIHqxs81jlej3DhXZTxNoxmtvRJRC2uYuig4+A1
TAGrwTDLZ4rrK0qE49iuSDukUJkvQvzkSTiO+1vTAdoWDv7cpBulSZUrYJ4=
-----END CERTIFICATE-----
Generated at Wed Dec 4 01:22:00 2024 by rpki-client on console-ams.rpki-client.org