Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7c0842d7-9731-43b2-aeaa-fff79b41c3dd.roa
File:                     7c0842d7-9731-43b2-aeaa-fff79b41c3dd.roa (raw, json)
Hash identifier:          xJOK2viong7FwGH3vtN05xteRaPPIayDh1RW734xTVQ=
Subject key identifier:   99:C8:29:48:14:29:1A:1A:5D:CE:94:77:C3:2E:C9:5A:9D:EF:30:7B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       24D456BBAA96A355164020694A3277379E7C53C5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7c0842d7-9731-43b2-aeaa-fff79b41c3dd.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        70.232.88.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:d4:56:bb:aa:96:a3:55:16:40:20:69:4a:32:77:37:9e:7c:53:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=915ca3056266a60cc9b57a62c322fb3f8e021e250afe748cc14601de5ea7ad9c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:e5:01:8d:61:7e:fa:c8:9b:ce:42:4d:c2:7b:
                    4b:60:31:30:c3:43:0c:64:42:2d:f5:80:16:04:eb:
                    bb:e8:b1:cc:51:4a:b6:73:cd:c8:26:a4:e8:9e:df:
                    71:f0:0f:a5:08:15:5e:f1:67:e9:64:93:28:97:06:
                    7e:31:39:76:68:92:40:27:2c:7d:c1:6f:ff:49:10:
                    20:53:bb:af:df:ed:e0:fe:90:29:c6:e9:d7:ef:39:
                    89:3c:4b:c4:8e:82:da:b0:7b:3f:52:7f:48:7c:2c:
                    eb:61:15:fb:64:49:95:95:84:bc:a2:1a:09:ee:f9:
                    63:ff:4f:58:08:b5:35:b7:eb:21:9e:21:a2:be:e2:
                    cb:8f:04:c6:2f:72:09:3e:73:eb:78:f0:9a:0b:94:
                    45:c5:d3:8d:51:eb:d7:38:6c:df:57:cb:18:03:ee:
                    4c:9e:2d:32:54:5d:85:35:26:6a:0e:8d:9e:cb:3e:
                    0c:77:73:c1:ad:49:2f:18:05:dc:f6:e5:5b:92:3f:
                    24:44:18:df:62:b2:98:86:c3:ee:c6:84:48:a5:1e:
                    34:40:bb:75:7c:29:b4:46:c1:6c:c1:b5:87:bf:db:
                    77:19:8d:21:2b:d5:b3:80:a3:a8:21:98:46:76:95:
                    a9:3c:32:62:14:8f:ee:f7:69:5a:54:b1:87:39:e8:
                    ba:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:C8:29:48:14:29:1A:1A:5D:CE:94:77:C3:2E:C9:5A:9D:EF:30:7B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7c0842d7-9731-43b2-aeaa-fff79b41c3dd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  70.232.88.0/22

    Signature Algorithm: sha256WithRSAEncryption
         26:c0:aa:98:1b:b5:fc:7c:36:93:8a:9b:41:18:ab:3f:5d:b3:
         a6:fd:54:3c:81:31:7a:ca:f6:b9:44:1b:58:67:50:36:45:5d:
         e7:fb:23:43:9e:f5:5a:3e:8b:01:a6:35:d7:c4:b3:46:f6:ca:
         c7:26:30:1f:b5:40:48:ea:20:f4:d7:f4:b0:74:b9:4f:6f:b4:
         a0:a8:06:2e:55:a5:20:d4:d8:d6:05:ae:d8:a1:c5:bb:2d:0e:
         40:4c:10:c8:2e:96:87:f3:8c:a3:46:20:2d:3e:d3:e3:5c:45:
         71:f9:2b:69:de:ab:53:09:b4:fb:2d:e6:e7:b3:5f:6b:b6:58:
         58:65:be:2f:40:35:be:b4:62:99:93:a8:c8:26:12:26:35:a8:
         07:1a:bd:43:24:bd:13:05:dc:a0:48:5c:2d:46:1f:5f:a0:fb:
         2d:26:2f:8b:11:60:37:75:92:3e:d7:09:ea:c5:76:d7:3d:73:
         3d:e4:5b:eb:35:0a:38:82:6f:43:1f:1a:f5:69:d3:a4:f5:20:
         4f:5b:76:81:09:df:d6:4a:20:8b:d6:f5:fd:44:95:6f:f7:91:
         84:d9:ea:92:e7:b4:77:00:6a:67:fb:3b:ec:b9:8d:f3:0f:31:
         b8:d6:00:28:a9:ac:64:00:f1:9b:5b:34:cc:8d:87:ad:09:f5:
         a1:64:63:73
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJNRWu6qWo1UWQCBpSjJ3N558U8UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A5MTVjYTMwNTYyNjZhNjBjYzliNTdhNjJjMzIyZmIzZjhl
MDIxZTI1MGFmZTc0OGNjMTQ2MDFkZTVlYTdhZDljMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCe5QGNYX76yJvOQk3Ce0tgMTDDQwxkQi31gBYE67voscxR
SrZzzcgmpOie33HwD6UIFV7xZ+lkkyiXBn4xOXZokkAnLH3Bb/9JECBTu6/f7eD+
kCnG6dfvOYk8S8SOgtqwez9Sf0h8LOthFftkSZWVhLyiGgnu+WP/T1gItTW36yGe
IaK+4suPBMYvcgk+c+t48JoLlEXF041R69c4bN9XyxgD7kyeLTJUXYU1JmoOjZ7L
Pgx3c8GtSS8YBdz25VuSPyREGN9ispiGw+7GhEilHjRAu3V8KbRGwWzBtYe/23cZ
jSEr1bOAo6ghmEZ2lak8MmIUj+73aVpUsYc56LqZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUmcgpSBQpGhpdzpR3wy7JWp3vMHswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdjMDg0MmQ3LTk3MzEtNDNiMi1hZWFhLWZmZjc5YjQxYzNkZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJG6FgwDQYJKoZIhvcNAQELBQADggEBACbAqpgbtfx8NpOKm0EYqz9ds6b9
VDyBMXrK9rlEG1hnUDZFXef7I0Oe9Vo+iwGmNdfEs0b2yscmMB+1QEjqIPTX9LB0
uU9vtKCoBi5VpSDU2NYFrtihxbstDkBMEMgulofzjKNGIC0+0+NcRXH5K2neq1MJ
tPst5uezX2u2WFhlvi9ANb60YpmTqMgmEiY1qAcavUMkvRMF3KBIXC1GH1+g+y0m
L4sRYDd1kj7XCerFdtc9cz3kW+s1CjiCb0MfGvVp06T1IE9bdoEJ39ZKIIvW9f1E
lW/3kYTZ6pLntHcAamf7O+y5jfMPMbjWACiprGQA8ZtbNMyNh60J9aFkY3M=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:17:19 2024 by rpki-client on console-ams.rpki-client.org