Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7d8956ca-c7c5-4819-a13e-59940ce8965b.roa
File:                     7d8956ca-c7c5-4819-a13e-59940ce8965b.roa (raw, json)
Hash identifier:          7/J0Bi0bn83PoBpLWSFmcT21CZiXYKCxS7Z00wqdxZY=
Subject key identifier:   A5:9C:9A:CA:FE:B4:BE:9C:C1:04:7E:01:46:82:56:14:38:A3:91:41
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3EEBECAE7A6900DC5F8B9B91B7F74F1A0AFABF17
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7d8956ca-c7c5-4819-a13e-59940ce8965b.roa
Signing time:             Mon 02 Dec 2024 00:00:00 +0000
ROA not before:           Mon 02 Dec 2024 00:00:00 +0000
ROA not after:            Mon 06 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.55.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 11 Dec 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:eb:ec:ae:7a:69:00:dc:5f:8b:9b:91:b7:f7:4f:1a:0a:fa:bf:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec  2 00:00:00 2024 GMT
            Not After : Jan  6 23:59:59 2025 GMT
        Subject: serialNumber=34869a808eb955038577988107e7eccbdaa1aad7f70af25b2534e8c0f4f63c88, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:15:6c:05:cf:c1:f4:a6:e8:9d:34:17:7b:d2:
                    5f:2d:b2:0d:ab:e8:2f:25:77:3d:26:7a:85:17:01:
                    96:a3:39:43:5d:1e:48:b0:c1:ec:39:c7:e8:4d:f4:
                    ca:0c:54:9c:11:75:46:c7:d4:15:41:8c:62:46:d8:
                    07:f0:a2:eb:02:77:5b:88:85:dc:8e:10:86:2f:f9:
                    4a:90:f8:f0:d5:a3:29:fb:d1:9b:61:5b:b7:10:65:
                    25:8d:02:f2:7f:f1:d7:44:08:dd:bc:19:ef:37:70:
                    c5:83:b0:99:be:3e:3b:bf:79:ed:5f:d4:b9:17:cb:
                    c1:ad:0d:e4:e2:9b:a9:a5:7c:43:3b:bd:33:69:ed:
                    01:1a:0c:bf:6e:93:3f:3b:e2:82:67:93:d9:2b:ba:
                    0a:3f:09:97:dd:54:ce:c3:ae:62:16:15:e8:04:22:
                    82:45:9b:a7:b9:b2:c1:43:8c:07:a7:3d:45:8a:86:
                    27:f9:dc:d4:99:a8:0a:d9:93:0f:c0:09:db:30:c9:
                    67:f1:8e:28:d8:47:01:ae:36:c7:b0:42:fc:35:54:
                    ca:cd:70:ea:df:f6:7e:9e:99:c9:32:27:48:98:36:
                    37:0d:af:13:95:39:09:27:b3:37:be:f2:56:f4:28:
                    c5:66:b9:c3:20:e7:c9:af:ee:4a:79:f7:e3:3e:8f:
                    b9:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:9C:9A:CA:FE:B4:BE:9C:C1:04:7E:01:46:82:56:14:38:A3:91:41
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7d8956ca-c7c5-4819-a13e-59940ce8965b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.55.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         01:b0:45:d5:5e:cb:bc:9d:79:9b:a1:7a:19:7b:eb:94:05:fc:
         6e:14:44:ff:1f:07:8b:0b:b0:f3:dd:a0:23:c4:7d:36:76:25:
         9c:a6:c9:51:02:1d:ea:f9:00:94:b3:ea:d3:98:ab:41:f8:96:
         8b:7f:4f:5e:f8:cb:6a:45:72:17:e9:e3:ca:3a:49:c3:ef:43:
         19:a6:af:26:5b:f2:4f:77:a7:bb:4c:9c:88:b6:d7:5c:75:24:
         07:4c:a6:21:4c:af:4f:5a:ff:3f:c5:a6:85:3f:d6:a7:2f:d8:
         c0:42:64:48:6e:36:e3:df:3f:b2:f1:83:5c:b1:04:54:f5:35:
         5a:c6:df:71:68:0e:79:0e:c5:01:7d:83:e4:89:27:61:4a:59:
         3d:7c:67:e2:a6:3b:94:4f:ed:bf:44:7b:96:9d:28:06:4b:23:
         fa:1a:97:23:26:8a:f9:f5:6f:10:a1:72:44:6c:04:f0:9d:6f:
         30:47:2f:72:c6:74:d7:49:68:1d:51:a9:5b:2b:3d:88:b2:f4:
         81:62:fc:9c:65:36:84:ba:70:7b:d3:2c:e6:0a:f0:54:f7:e3:
         83:e0:e6:e0:c5:b6:6d:6f:58:73:6f:7b:dd:e5:06:0f:b4:40:
         5f:22:95:b5:8f:17:2b:49:0d:59:8a:be:8d:78:50:f5:ea:b8:
         2b:d3:e6:52
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUPuvsrnppANxfi5uRt/dPGgr6vxcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAyMDAwMDAwWhcNMjUwMTA2MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNDg2OWE4MDhlYjk1NTAzODU3Nzk4ODEwN2U3ZWNjYmRh
YTFhYWQ3ZjcwYWYyNWIyNTM0ZThjMGY0ZjYzYzg4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCiFWwFz8H0puidNBd70l8tsg2r6C8ldz0meoUXAZajOUNd
Hkiwwew5x+hN9MoMVJwRdUbH1BVBjGJG2AfwousCd1uIhdyOEIYv+UqQ+PDVoyn7
0ZthW7cQZSWNAvJ/8ddECN28Ge83cMWDsJm+Pju/ee1f1LkXy8GtDeTim6mlfEM7
vTNp7QEaDL9ukz874oJnk9krugo/CZfdVM7DrmIWFegEIoJFm6e5ssFDjAenPUWK
hif53NSZqArZkw/ACdswyWfxjijYRwGuNsewQvw1VMrNcOrf9n6emckyJ0iYNjcN
rxOVOQknsze+8lb0KMVmucMg58mv7kp59+M+j7nnAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUpZyayv60vpzBBH4BRoJWFDijkUEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdkODk1NmNhLWM3YzUtNDgxOS1hMTNlLTU5OTQwY2U4OTY1Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4NzANBgkqhkiG9w0BAQsFAAOCAQEAAbBF1V7LvJ15m6F6GXvrlAX8bhRE
/x8Hiwuw892gI8R9NnYlnKbJUQId6vkAlLPq05irQfiWi39PXvjLakVyF+njyjpJ
w+9DGaavJlvyT3enu0yciLbXXHUkB0ymIUyvT1r/P8WmhT/Wpy/YwEJkSG42498/
svGDXLEEVPU1WsbfcWgOeQ7FAX2D5IknYUpZPXxn4qY7lE/tv0R7lp0oBksj+hqX
IyaK+fVvEKFyRGwE8J1vMEcvcsZ010loHVGpWys9iLL0gWL8nGU2hLpwe9Ms5grw
VPfjg+Dm4MW2bW9Yc2973eUGD7RAXyKVtY8XK0kNWYq+jXhQ9eq4K9PmUg==
-----END CERTIFICATE-----
Generated at Tue Dec 10 06:55:51 2024 by rpki-client on console-fra.rpki-client.org