Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/78823995-1ea3-458b-919e-48e1b3b2cfc4.roa
File:                     78823995-1ea3-458b-919e-48e1b3b2cfc4.roa (raw, json)
Hash identifier:          NFwihwZT1mPv+r0dindtdspTnDEBfGKc58x87JjnT1w=
Subject key identifier:   04:46:12:6C:34:F7:12:DA:0F:C7:A3:36:12:FE:B4:9B:07:9C:8B:31
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1B54807476D295170F2AE653F0D02038A58B40F1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/78823995-1ea3-458b-919e-48e1b3b2cfc4.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        129.30.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:54:80:74:76:d2:95:17:0f:2a:e6:53:f0:d0:20:38:a5:8b:40:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=e3003990dbb7a549d941cb5d32f9fde63d1ca8d327ea190fe7e5b3e3c7644a80, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:7e:1c:9a:1b:c8:89:62:46:a6:b0:d8:4b:36:
                    0b:3d:d7:a7:af:e4:a8:26:d6:c2:14:dd:f0:67:c7:
                    42:3d:90:23:8f:fe:ce:93:ed:ab:13:c3:3a:62:5b:
                    1f:e8:ee:56:bb:dd:79:8b:59:de:f7:e7:83:1f:39:
                    db:d6:c4:9f:e8:8f:52:de:92:fa:0f:2b:d6:03:b4:
                    18:93:93:58:7d:5e:6a:22:b1:6f:8b:4a:dc:f4:a1:
                    53:d5:89:71:c9:bc:a4:d4:08:35:f7:16:4f:93:27:
                    64:76:71:7b:51:50:ed:ff:91:ed:8e:66:d9:df:bb:
                    a4:a4:9b:66:1f:b8:ea:3d:37:dc:71:9f:88:65:0a:
                    ab:7e:0b:46:8f:f0:d4:19:ef:1c:71:52:71:ce:71:
                    2f:15:51:3d:32:b0:04:69:81:e2:33:c7:e7:3f:d6:
                    12:94:14:b9:15:53:36:f9:61:a7:dd:25:dc:8c:2a:
                    28:4e:08:c0:13:25:a4:c4:02:d6:ea:77:7a:7c:e2:
                    87:04:49:2e:88:d6:d9:cb:8b:76:75:4c:a2:24:a6:
                    d4:11:c5:b7:bc:c5:42:07:81:07:fa:87:cf:fc:7f:
                    7b:2d:79:a4:0b:fa:6f:86:06:87:b7:16:61:12:f7:
                    5f:5f:35:e1:4b:71:40:3d:c9:f3:b3:ce:5b:e9:71:
                    2a:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:46:12:6C:34:F7:12:DA:0F:C7:A3:36:12:FE:B4:9B:07:9C:8B:31
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/78823995-1ea3-458b-919e-48e1b3b2cfc4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  129.30.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         86:9c:11:94:71:4f:58:a2:04:bb:f1:5a:34:c2:66:a0:e8:33:
         27:f8:f0:56:92:be:d3:d4:41:5b:fb:ce:5e:e2:be:02:25:d2:
         d4:23:6c:7d:09:7f:4e:07:a7:d0:61:d9:b1:9c:52:63:06:79:
         b0:f6:6a:b2:99:4e:d3:d9:f5:0e:9a:66:09:29:08:8f:0a:9f:
         bb:f0:c7:51:11:cc:c5:8d:37:45:b8:e7:35:31:4a:aa:4d:de:
         2c:30:dd:d7:39:22:dc:2b:1e:01:b1:bd:67:17:3b:ea:53:64:
         08:36:7f:a9:71:d2:9d:89:46:a1:6a:84:4f:6e:d4:0e:ed:52:
         e3:11:34:9e:48:22:1f:6d:ec:b4:be:37:18:61:f5:88:67:98:
         0b:9f:86:2c:09:27:34:fb:e5:ed:c7:64:51:8a:00:56:62:1c:
         e5:46:6c:64:62:25:90:4d:d4:0c:4b:57:a4:e2:5e:b2:05:24:
         0f:fa:68:23:41:d0:73:b5:f4:60:32:31:2c:fe:8e:25:34:73:
         38:51:69:49:f3:fa:ba:c4:e6:91:cf:0d:84:25:af:67:17:d2:
         f6:2c:b0:e1:ed:11:f7:13:12:b8:27:ac:1f:59:d3:f7:d3:8f:
         5d:db:9d:eb:d8:7c:0a:f3:6f:f3:f2:37:94:42:6c:8e:52:6f:
         5c:d4:47:2c
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUG1SAdHbSlRcPKuZT8NAgOKWLQPEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BlMzAwMzk5MGRiYjdhNTQ5ZDk0MWNiNWQzMmY5ZmRlNjNk
MWNhOGQzMjdlYTE5MGZlN2U1YjNlM2M3NjQ0YTgwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCZfhyaG8iJYkamsNhLNgs916ev5Kgm1sIU3fBnx0I9kCOP
/s6T7asTwzpiWx/o7la73XmLWd7354MfOdvWxJ/oj1LekvoPK9YDtBiTk1h9Xmoi
sW+LStz0oVPViXHJvKTUCDX3Fk+TJ2R2cXtRUO3/ke2OZtnfu6Skm2YfuOo9N9xx
n4hlCqt+C0aP8NQZ7xxxUnHOcS8VUT0ysARpgeIzx+c/1hKUFLkVUzb5YafdJdyM
KihOCMATJaTEAtbqd3p84ocESS6I1tnLi3Z1TKIkptQRxbe8xUIHgQf6h8/8f3st
eaQL+m+GBoe3FmES919fNeFLcUA9yfOzzlvpcSqVAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUBEYSbDT3EtoPx6M2Ev60mwecizEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc4ODIzOTk1LTFlYTMtNDU4Yi05MTllLTQ4ZTFiM2IyY2ZjNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCBHjANBgkqhkiG9w0BAQsFAAOCAQEAhpwRlHFPWKIEu/FaNMJmoOgzJ/jw
VpK+09RBW/vOXuK+AiXS1CNsfQl/Tgen0GHZsZxSYwZ5sPZqsplO09n1DppmCSkI
jwqfu/DHURHMxY03RbjnNTFKqk3eLDDd1zki3CseAbG9Zxc76lNkCDZ/qXHSnYlG
oWqET27UDu1S4xE0nkgiH23stL43GGH1iGeYC5+GLAknNPvl7cdkUYoAVmIc5UZs
ZGIlkE3UDEtXpOJesgUkD/poI0HQc7X0YDIxLP6OJTRzOFFpSfP6usTmkc8NhCWv
ZxfS9iyw4e0R9xMSuCesH1nT99OPXdud69h8CvNv8/I3lEJsjlJvXNRHLA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:37:04 2024 by rpki-client on console-fra.rpki-client.org