Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6f718dea-880d-40c3-a253-e556b2dee1c6.roa
File:                     6f718dea-880d-40c3-a253-e556b2dee1c6.roa (raw, json)
Hash identifier:          925b8uLll/4zK8ZK5g7web42s2UGIOH8WGQc3sqE8bk=
Subject key identifier:   23:2A:7B:68:0D:3F:05:C8:6E:BE:6D:F7:DE:BD:3C:47:1C:A1:AF:F5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       496C89CC804585AE09F1B3A0E8F09554B9417D79
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6f718dea-880d-40c3-a253-e556b2dee1c6.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        56.243.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:6c:89:cc:80:45:85:ae:09:f1:b3:a0:e8:f0:95:54:b9:41:7d:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=0101d2b2a90621f67c7a8272ed8c9f037cd7b05b1ffe876fd1a1150ea52eea17, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:21:e4:98:d3:4f:a1:6c:2d:bb:9f:05:24:91:
                    5e:cb:69:93:44:0e:de:f7:ae:3d:a0:e6:53:a9:82:
                    90:3d:7d:41:03:52:c5:18:f6:69:f7:af:45:6e:c7:
                    6c:d7:f1:ea:b3:c6:e0:4d:01:4a:4d:1e:6f:42:07:
                    e9:e2:28:25:87:b8:fa:11:cc:fe:5e:21:8c:ea:77:
                    ad:55:81:56:14:cf:17:f0:c2:0e:42:ba:f0:fd:d8:
                    f4:aa:d3:06:28:1c:09:ec:89:c8:51:f5:af:aa:0f:
                    34:97:7b:42:5e:7f:4b:2b:5d:15:1a:e3:fe:be:41:
                    76:40:e4:aa:f3:6d:3c:a5:2c:4d:65:86:67:fd:e3:
                    f7:93:d0:82:e7:53:9a:3b:85:11:fd:c0:5c:dc:86:
                    1c:ab:ea:0f:e4:b3:2a:b7:f1:d3:6a:e8:c1:4c:1f:
                    2d:43:ea:96:1a:c5:28:f4:80:ea:fd:49:20:05:e3:
                    6c:9a:52:f5:5d:ec:d5:15:1d:80:ad:5c:8b:9f:51:
                    73:54:8b:ec:a0:ee:50:87:5e:d8:cd:46:10:37:51:
                    e8:1d:c8:16:c1:c0:c2:89:82:01:60:44:df:34:22:
                    f9:26:99:38:3e:82:8d:85:e4:f0:f8:cd:1c:45:6f:
                    72:ff:f4:3f:02:56:98:61:ac:ba:ce:9c:bd:01:e2:
                    78:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:2A:7B:68:0D:3F:05:C8:6E:BE:6D:F7:DE:BD:3C:47:1C:A1:AF:F5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6f718dea-880d-40c3-a253-e556b2dee1c6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.243.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         5c:58:51:dd:66:9c:6f:44:56:40:f8:90:bb:2e:e7:50:71:d1:
         87:ba:3b:34:56:47:77:ef:57:4b:ae:6e:67:eb:a1:e6:23:63:
         91:e7:59:62:6a:9f:8b:05:81:77:91:21:ac:af:d8:43:21:24:
         ef:60:b3:b0:4a:a5:0d:4f:1a:17:61:da:b5:0d:b9:be:0e:ff:
         be:b8:8c:b3:d8:47:f4:91:38:71:a8:17:31:54:56:80:c5:d2:
         e5:86:db:65:f2:1f:9e:bf:45:24:be:33:27:aa:b1:50:28:19:
         e6:be:8d:cf:c2:ff:f2:e3:39:d2:e8:69:75:28:2c:15:cc:f2:
         48:e5:16:51:17:b6:7a:71:4e:ad:e6:d0:bf:eb:af:b3:ea:1e:
         61:7c:91:b8:12:e9:c2:66:6e:41:bc:e0:cd:07:f8:21:23:60:
         75:a8:ff:30:1c:80:40:61:71:24:29:98:69:ee:5f:07:08:7c:
         a7:7f:32:c3:6b:bd:ab:2c:4c:26:4a:b2:0b:28:05:34:ab:d6:
         1e:35:fd:ff:0a:cd:cd:f5:fd:b4:f2:17:cb:52:3e:4d:dc:7b:
         8c:03:3b:56:2f:bc:98:9d:e3:91:0c:44:25:5a:da:81:16:bb:
         b9:d0:06:c9:18:a7:f5:f8:43:5f:ce:e5:0c:ac:1a:75:9a:5c:
         71:c5:48:23
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUSWyJzIBFha4J8bOg6PCVVLlBfXkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0AwMTAxZDJiMmE5MDYyMWY2N2M3YTgyNzJlZDhjOWYwMzdj
ZDdiMDViMWZmZTg3NmZkMWExMTUwZWE1MmVlYTE3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCoIeSY00+hbC27nwUkkV7LaZNEDt73rj2g5lOpgpA9fUED
UsUY9mn3r0Vux2zX8eqzxuBNAUpNHm9CB+niKCWHuPoRzP5eIYzqd61VgVYUzxfw
wg5CuvD92PSq0wYoHAnsichR9a+qDzSXe0Jef0srXRUa4/6+QXZA5KrzbTylLE1l
hmf94/eT0ILnU5o7hRH9wFzchhyr6g/ksyq38dNq6MFMHy1D6pYaxSj0gOr9SSAF
42yaUvVd7NUVHYCtXIufUXNUi+yg7lCHXtjNRhA3UegdyBbBwMKJggFgRN80Ivkm
mTg+go2F5PD4zRxFb3L/9D8CVphhrLrOnL0B4nhFAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUIyp7aA0/Bchuvm333r08Rxyhr/UwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZmNzE4ZGVhLTg4MGQtNDBjMy1hMjUzLWU1NTZiMmRlZTFjNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA48zANBgkqhkiG9w0BAQsFAAOCAQEAXFhR3Wacb0RWQPiQuy7nUHHRh7o7
NFZHd+9XS65uZ+uh5iNjkedZYmqfiwWBd5EhrK/YQyEk72CzsEqlDU8aF2HatQ25
vg7/vriMs9hH9JE4cagXMVRWgMXS5YbbZfIfnr9FJL4zJ6qxUCgZ5r6Nz8L/8uM5
0uhpdSgsFczySOUWURe2enFOrebQv+uvs+oeYXyRuBLpwmZuQbzgzQf4ISNgdaj/
MByAQGFxJCmYae5fBwh8p38yw2u9qyxMJkqyCygFNKvWHjX9/wrNzfX9tPIXy1I+
Tdx7jAM7Vi+8mJ3jkQxEJVragRa7udAGyRin9fhDX87lDKwadZpcccVIIw==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:17:16 2024 by rpki-client on console-ams.rpki-client.org