Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7bfdfc37-13e7-4b3d-b083-7c1d8cf07ad8.roa
File:                     7bfdfc37-13e7-4b3d-b083-7c1d8cf07ad8.roa (raw, json)
Hash identifier:          16r7JTaff9uwGWMEY+GAIrvDZO0uGJmgLWOp+1xfgTI=
Subject key identifier:   59:62:33:97:0F:C3:66:9E:E1:DA:6B:78:C7:6F:76:47:97:0C:D3:C8
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4D655DCB5A67CBAC47DC5ECEF4356C2D8EBA0D75
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7bfdfc37-13e7-4b3d-b083-7c1d8cf07ad8.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        16.53.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:65:5d:cb:5a:67:cb:ac:47:dc:5e:ce:f4:35:6c:2d:8e:ba:0d:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=2b96a20375d6e09a32a1a4f02f372380d8e622ec67294e409c54b3153fc6b036, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:3d:c6:d5:5e:2a:ff:1e:d9:c4:7a:dd:16:ae:
                    da:4d:56:aa:af:c7:df:b4:57:20:48:a1:b6:7f:b5:
                    6e:fc:21:c2:22:24:3f:10:34:12:3a:72:cb:5b:43:
                    89:8d:32:35:71:7b:00:a9:66:67:7f:2f:87:a1:cd:
                    28:e8:34:a5:2d:f6:1b:dc:04:41:42:f1:32:19:d9:
                    51:52:e1:87:61:aa:4c:2b:c4:c8:a1:0a:7a:e1:ce:
                    e1:f2:d1:42:6e:ce:72:a1:2d:15:32:be:06:3c:3f:
                    20:32:c7:54:fe:83:47:b0:46:2a:8d:25:2e:34:91:
                    da:e2:92:35:ec:3b:b8:da:2b:bf:05:28:c7:04:c0:
                    f6:03:07:0b:bc:b4:b8:ad:65:51:9b:77:c1:ab:c2:
                    a6:97:b9:70:36:8c:e0:07:3b:d8:ec:6a:2d:11:d2:
                    59:19:e6:21:94:47:91:1c:d4:5e:3e:52:9f:14:f7:
                    c2:3d:16:87:5a:c0:5d:f1:e1:31:9e:4f:54:ff:3d:
                    a5:3a:02:99:8a:2f:25:80:a0:f9:a4:17:96:e1:ad:
                    46:51:e7:ed:f4:c2:ba:9c:df:a9:a7:60:5c:0b:76:
                    ce:98:13:db:64:3c:70:ef:79:20:ab:83:65:a6:40:
                    dd:82:8a:21:e7:a0:a4:6f:bf:e6:9d:2b:e7:e8:b9:
                    a3:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:62:33:97:0F:C3:66:9E:E1:DA:6B:78:C7:6F:76:47:97:0C:D3:C8
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7bfdfc37-13e7-4b3d-b083-7c1d8cf07ad8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.53.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         c0:a2:b0:44:85:a8:58:f5:51:f8:6c:da:d2:b3:1d:8e:d0:e8:
         55:d8:70:9c:51:14:53:57:01:b8:f1:8a:5e:26:15:fc:d6:3a:
         90:18:56:72:7b:4b:54:56:26:f6:86:d3:b7:26:a8:f5:8f:98:
         6f:12:ab:a1:f9:e1:10:23:96:d0:59:5f:9d:d0:d8:aa:23:2f:
         66:09:d3:bf:8a:57:35:11:2f:56:b6:18:5a:3e:db:d6:47:f0:
         3b:35:34:89:e9:31:08:4b:42:c9:94:b8:b2:da:aa:f4:37:5a:
         bd:80:7c:0b:4c:92:ac:7b:e0:df:56:ab:63:0e:3e:af:bb:4e:
         70:90:24:fe:95:9f:d7:a1:a7:90:ad:75:db:6e:be:43:f4:a6:
         80:6a:0e:67:ce:55:e6:1d:2b:01:0c:d3:8e:09:51:b4:b1:64:
         39:dd:3a:48:5f:68:42:9c:20:f7:9c:2e:99:72:30:3f:db:16:
         c6:1e:bf:75:79:51:45:d7:b9:5d:83:14:ef:83:32:a3:04:19:
         83:59:ba:ef:f5:0a:d8:0c:c9:43:1d:6d:fd:28:aa:4f:c8:18:
         4d:9b:eb:d7:f2:5b:d6:25:30:3d:3a:19:22:37:19:9e:0b:9c:
         53:ef:25:7a:24:5f:14:ca:95:0f:13:51:b1:d6:a6:a3:40:36:
         44:43:6f:1e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUTWVdy1pny6xH3F7O9DVsLY66DXUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0AyYjk2YTIwMzc1ZDZlMDlhMzJhMWE0ZjAyZjM3MjM4MGQ4
ZTYyMmVjNjcyOTRlNDA5YzU0YjMxNTNmYzZiMDM2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCxPcbVXir/HtnEet0WrtpNVqqvx9+0VyBIobZ/tW78IcIi
JD8QNBI6cstbQ4mNMjVxewCpZmd/L4ehzSjoNKUt9hvcBEFC8TIZ2VFS4Ydhqkwr
xMihCnrhzuHy0UJuznKhLRUyvgY8PyAyx1T+g0ewRiqNJS40kdrikjXsO7jaK78F
KMcEwPYDBwu8tLitZVGbd8GrwqaXuXA2jOAHO9jsai0R0lkZ5iGUR5Ec1F4+Up8U
98I9FodawF3x4TGeT1T/PaU6ApmKLyWAoPmkF5bhrUZR5+30wrqc36mnYFwLds6Y
E9tkPHDveSCrg2WmQN2CiiHnoKRvv+adK+fouaPzAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUWWIzlw/DZp7h2mt4x292R5cM08gwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdiZmRmYzM3LTEzZTctNGIzZC1iMDgzLTdjMWQ4Y2YwN2FkOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQNTANBgkqhkiG9w0BAQsFAAOCAQEAwKKwRIWoWPVR+Gza0rMdjtDoVdhw
nFEUU1cBuPGKXiYV/NY6kBhWcntLVFYm9obTtyao9Y+YbxKrofnhECOW0FlfndDY
qiMvZgnTv4pXNREvVrYYWj7b1kfwOzU0iekxCEtCyZS4stqq9DdavYB8C0ySrHvg
31arYw4+r7tOcJAk/pWf16GnkK11226+Q/SmgGoOZ85V5h0rAQzTjglRtLFkOd06
SF9oQpwg95wumXIwP9sWxh6/dXlRRde5XYMU74MyowQZg1m67/UK2AzJQx1t/Siq
T8gYTZvr1/Jb1iUwPToZIjcZngucU+8leiRfFMqVDxNRsdamo0A2RENvHg==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:17:19 2024 by rpki-client on console-ams.rpki-client.org