Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7c0d17be-256c-4d26-83ba-b3ae68aeef6b.roa
File:                     7c0d17be-256c-4d26-83ba-b3ae68aeef6b.roa (raw, json)
Hash identifier:          oy4UlICXh/i3vCjtE+DQ3OepB9JESJ83LN6X8Xy40sU=
Subject key identifier:   BA:E7:3D:A9:09:3B:DF:45:CE:93:B4:9A:3B:01:2E:E2:C4:34:FD:C7
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7DCF2EB2772B5156815E4F98CA39423F50CCE585
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7c0d17be-256c-4d26-83ba-b3ae68aeef6b.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        104.255.56.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:cf:2e:b2:77:2b:51:56:81:5e:4f:98:ca:39:42:3f:50:cc:e5:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=e4623cdbc61e3eb72b08eb75aa7cf84a3693f17b7f0a5242455f5d803db5bc6d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:54:13:5d:dc:08:30:0d:9c:8d:48:eb:82:04:
                    d5:63:9d:96:72:a0:b4:04:57:40:39:c6:c0:ff:9c:
                    91:49:c8:5f:4f:96:54:cc:36:30:0c:ed:f2:1d:9f:
                    1e:fe:b8:18:0b:72:7a:e8:d7:80:01:e4:93:1f:56:
                    a9:6d:32:3d:f6:42:af:0a:35:f0:ee:0f:76:a7:f2:
                    1b:ae:18:d6:67:c9:82:7c:71:65:35:d2:d4:a3:f7:
                    50:65:84:3a:12:d5:52:e3:f0:dd:ea:3b:aa:b2:c2:
                    9d:07:6d:dc:a6:41:a1:1c:80:4e:2e:35:eb:dc:25:
                    62:81:ef:50:e5:ca:f8:d3:e0:c2:e8:c2:6b:e6:02:
                    6e:45:b0:b4:49:33:be:ac:d6:c7:8a:9e:fc:bd:da:
                    71:21:3a:6f:a2:d0:0c:2d:a4:5d:80:7e:18:87:f6:
                    d0:6e:d2:6b:65:23:8f:7d:1e:99:ef:87:97:15:e5:
                    67:3c:d6:44:f0:52:00:68:e8:84:bc:82:5c:02:a3:
                    a3:e8:45:29:db:72:80:a7:6b:3a:1e:43:96:b6:99:
                    c2:4e:9c:3b:aa:df:31:31:4a:59:e6:39:ba:cf:f2:
                    47:31:79:2d:dd:b4:79:df:9e:21:07:c5:9a:af:9b:
                    a1:54:c6:e8:3b:42:53:89:23:47:13:05:50:e2:f0:
                    93:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:E7:3D:A9:09:3B:DF:45:CE:93:B4:9A:3B:01:2E:E2:C4:34:FD:C7
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7c0d17be-256c-4d26-83ba-b3ae68aeef6b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.255.56.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:17:4c:1a:79:6c:62:5a:59:f4:12:93:93:ef:9c:63:8b:6a:
         f0:3b:aa:32:ff:33:3b:c3:0d:06:4c:de:46:25:04:99:d3:85:
         1a:aa:36:35:b0:af:0f:27:da:12:71:05:5d:73:83:27:c1:33:
         5f:6b:44:b5:7e:85:03:eb:27:49:5a:59:7f:ca:e0:93:d6:9f:
         c5:e3:18:d7:83:0b:35:84:a1:6c:a5:8b:42:98:4d:32:01:61:
         61:46:c6:e6:6a:db:65:22:7c:f1:e8:5c:6c:36:31:f0:e8:3e:
         5a:cf:08:55:a9:9b:8b:58:f1:9a:6e:9e:4e:72:59:42:20:1d:
         0d:6e:2e:d4:2e:3f:4e:57:28:c0:61:c0:ad:75:48:1a:cd:3a:
         59:ce:77:cd:df:54:8b:29:4b:0b:a3:3b:cf:9e:6e:8d:49:5c:
         19:2b:8a:ef:e3:8a:4e:42:e8:e9:00:a0:58:95:e1:33:29:48:
         27:b3:f1:e2:db:f3:9a:97:c4:30:8f:0f:8c:f5:f8:6b:c1:00:
         45:9f:4c:ad:ae:97:ab:d7:66:6d:44:98:17:b5:59:f1:51:66:
         c7:37:53:e3:a4:02:f0:eb:52:c7:fb:b0:3f:98:8c:cc:15:dd:
         45:0d:d8:88:5d:2b:66:a4:e2:94:8f:4e:cf:15:a9:72:4d:7d:
         8a:3f:e6:0b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfc8usncrUVaBXk+YyjlCP1DM5YUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BlNDYyM2NkYmM2MWUzZWI3MmIwOGViNzVhYTdjZjg0YTM2
OTNmMTdiN2YwYTUyNDI0NTVmNWQ4MDNkYjViYzZkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDAVBNd3AgwDZyNSOuCBNVjnZZyoLQEV0A5xsD/nJFJyF9P
llTMNjAM7fIdnx7+uBgLcnro14AB5JMfVqltMj32Qq8KNfDuD3an8huuGNZnyYJ8
cWU10tSj91BlhDoS1VLj8N3qO6qywp0HbdymQaEcgE4uNevcJWKB71DlyvjT4MLo
wmvmAm5FsLRJM76s1seKnvy92nEhOm+i0AwtpF2AfhiH9tBu0mtlI499Hpnvh5cV
5Wc81kTwUgBo6IS8glwCo6PoRSnbcoCnazoeQ5a2mcJOnDuq3zExSlnmObrP8kcx
eS3dtHnfniEHxZqvm6FUxug7QlOJI0cTBVDi8JM5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUuuc9qQk730XOk7SaOwEu4sQ0/ccwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdjMGQxN2JlLTI1NmMtNGQyNi04M2JhLWIzYWU2OGFlZWY2Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABo/zgwDQYJKoZIhvcNAQELBQADggEBAF4XTBp5bGJaWfQSk5PvnGOLavA7
qjL/MzvDDQZM3kYlBJnThRqqNjWwrw8n2hJxBV1zgyfBM19rRLV+hQPrJ0laWX/K
4JPWn8XjGNeDCzWEoWyli0KYTTIBYWFGxuZq22UifPHoXGw2MfDoPlrPCFWpm4tY
8Zpunk5yWUIgHQ1uLtQuP05XKMBhwK11SBrNOlnOd83fVIspSwujO8+ebo1JXBkr
iu/jik5C6OkAoFiV4TMpSCez8eLb85qXxDCPD4z1+GvBAEWfTK2ul6vXZm1EmBe1
WfFRZsc3U+OkAvDrUsf7sD+YjMwV3UUN2IhdK2ak4pSPTs8VqXJNfYo/5gs=
-----END CERTIFICATE-----
Generated at Thu Mar 28 01:00:08 2024 by rpki-client on console-fra.rpki-client.org