Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6b2488b5-e385-48b9-91ea-1ba3f987ee91.roa
File:                     6b2488b5-e385-48b9-91ea-1ba3f987ee91.roa (raw, json)
Hash identifier:          eWG9WQzoKRJBzHID5kVYu/V09CsQO0gc45BuMRrHsrk=
Subject key identifier:   05:3B:BF:B9:20:38:3F:70:8F:14:06:BF:55:42:78:01:CB:0B:E5:AE
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0F81D08522EC12CA869E8A0EE097C77E5A7C827F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6b2488b5-e385-48b9-91ea-1ba3f987ee91.roa
Signing time:             Mon 28 Oct 2024 00:00:00 +0000
ROA not before:           Mon 28 Oct 2024 00:00:00 +0000
ROA not after:            Mon 02 Dec 2024 23:59:59 +0000
asID:                     8987
IP address blocks:        40.192.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 23 Nov 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:81:d0:85:22:ec:12:ca:86:9e:8a:0e:e0:97:c7:7e:5a:7c:82:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 28 00:00:00 2024 GMT
            Not After : Dec  2 23:59:59 2024 GMT
        Subject: serialNumber=910cf514d3b719be39a09121787a6fa9db9b5fe8e919f13e917ad32144fd23ea, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:a4:7b:fe:c9:5e:b3:c8:e0:eb:7c:11:44:c1:
                    0b:2b:79:18:b0:00:c6:9f:a1:39:65:b9:81:a3:df:
                    bc:49:6a:08:b3:db:1c:0b:b3:96:58:66:ec:88:47:
                    0b:3f:1e:2b:c9:83:ed:4a:a8:2b:03:13:b6:aa:87:
                    2f:c7:e1:86:e8:c1:34:ae:33:f0:b6:01:a7:07:b1:
                    0a:25:d5:00:bf:ff:4a:41:0e:19:5c:bc:4b:08:94:
                    17:fe:c1:28:b4:9b:10:fd:b4:21:8c:91:7c:8a:49:
                    1a:a8:e0:5b:40:4c:33:81:9c:06:2b:4f:c4:53:63:
                    03:95:74:c8:42:5e:30:a3:0f:e7:cb:51:34:0e:41:
                    72:58:8b:5d:99:7e:20:f6:78:56:ca:22:69:31:5f:
                    d1:6a:35:9f:cc:46:83:af:5b:8b:65:01:ed:d4:d5:
                    d3:e0:6a:ac:45:fa:38:1f:65:61:57:4e:c2:88:31:
                    de:ff:10:cf:15:ee:ee:81:3e:58:98:de:38:ce:2a:
                    df:ea:ee:c4:2c:3f:71:4e:a9:67:f3:fd:36:85:a3:
                    ee:88:c2:35:14:35:08:f3:6a:06:79:1e:af:92:5c:
                    2c:0c:b6:fd:63:30:9d:d2:ca:16:18:ce:57:39:06:
                    f7:56:bf:44:34:70:c8:27:90:fc:f7:e4:8a:eb:3d:
                    5d:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:3B:BF:B9:20:38:3F:70:8F:14:06:BF:55:42:78:01:CB:0B:E5:AE
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6b2488b5-e385-48b9-91ea-1ba3f987ee91.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  40.192.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         d0:02:30:3f:e2:6d:f0:8f:4f:68:5e:28:f4:07:40:37:28:8f:
         22:a1:28:93:ef:52:72:84:2a:b1:bd:9c:58:90:83:02:5c:ba:
         87:43:3c:15:5c:95:08:04:3e:b1:54:ab:66:8b:a0:1f:e9:39:
         d4:58:6d:9d:45:44:51:3d:45:22:1b:f2:6a:09:2c:bc:f3:6f:
         70:9d:dc:41:63:8a:37:ab:e7:a6:2c:93:e1:97:90:6b:ad:58:
         13:34:c5:48:02:e3:01:58:19:8c:5f:f1:dd:ec:06:40:90:12:
         41:7d:9f:0d:c8:84:68:5f:92:e5:d9:2c:b1:81:0c:24:3a:2a:
         07:7f:6b:a2:fe:e7:b0:74:f0:06:ea:79:d0:bb:ea:95:87:ac:
         39:45:2f:7d:e9:c6:25:5e:ce:61:8e:b8:b0:a1:19:e0:be:f7:
         07:fb:65:09:87:e3:c3:5f:3a:b3:b4:28:02:c4:84:77:fa:93:
         98:0a:69:a9:c6:29:12:b5:ed:ae:8c:75:e5:ef:87:ef:59:d7:
         7f:62:41:9b:94:2e:87:f6:2a:a3:8b:19:19:47:3e:65:f0:41:
         ed:3e:0a:6b:1b:70:c2:9f:d4:e5:59:61:8a:99:16:74:5b:34:
         9b:1a:64:95:56:91:47:40:bb:bc:f9:34:7d:68:90:9c:bc:ab:
         99:12:20:45
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUD4HQhSLsEsqGnooO4JfHflp8gn8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMDI4MDAwMDAwWhcNMjQxMjAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A5MTBjZjUxNGQzYjcxOWJlMzlhMDkxMjE3ODdhNmZhOWRi
OWI1ZmU4ZTkxOWYxM2U5MTdhZDMyMTQ0ZmQyM2VhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDipHv+yV6zyODrfBFEwQsreRiwAMafoTlluYGj37xJagiz
2xwLs5ZYZuyIRws/HivJg+1KqCsDE7aqhy/H4YbowTSuM/C2AacHsQol1QC//0pB
DhlcvEsIlBf+wSi0mxD9tCGMkXyKSRqo4FtATDOBnAYrT8RTYwOVdMhCXjCjD+fL
UTQOQXJYi12ZfiD2eFbKImkxX9FqNZ/MRoOvW4tlAe3U1dPgaqxF+jgfZWFXTsKI
Md7/EM8V7u6BPliY3jjOKt/q7sQsP3FOqWfz/TaFo+6IwjUUNQjzagZ5Hq+SXCwM
tv1jMJ3SyhYYzlc5BvdWv0Q0cMgnkPz35IrrPV25AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUBTu/uSA4P3CPFAa/VUJ4AcsL5a4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZiMjQ4OGI1LWUzODUtNDhiOS05MWVhLTFiYTNmOTg3ZWU5MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAowDANBgkqhkiG9w0BAQsFAAOCAQEA0AIwP+Jt8I9PaF4o9AdANyiPIqEo
k+9ScoQqsb2cWJCDAly6h0M8FVyVCAQ+sVSrZougH+k51FhtnUVEUT1FIhvyagks
vPNvcJ3cQWOKN6vnpiyT4ZeQa61YEzTFSALjAVgZjF/x3ewGQJASQX2fDciEaF+S
5dkssYEMJDoqB39rov7nsHTwBup50LvqlYesOUUvfenGJV7OYY64sKEZ4L73B/tl
CYfjw186s7QoAsSEd/qTmAppqcYpErXtrox15e+H71nXf2JBm5Quh/Yqo4sZGUc+
ZfBB7T4Kaxtwwp/U5VlhipkWdFs0mxpklVaRR0C7vPk0fWiQnLyrmRIgRQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:07 2024 by rpki-client on console-fra.rpki-client.org