Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/87f2d17b-bc00-4f7a-b7e8-788558dd25ae.roa
File:                     87f2d17b-bc00-4f7a-b7e8-788558dd25ae.roa (raw, json)
Hash identifier:          i8x+4MWcy8LJ5q8ze4VK/F190YStJGkhNvu8WRkljXc=
Subject key identifier:   1C:BD:46:70:E8:43:A0:31:9C:70:CF:05:47:61:9B:03:4C:4C:B4:E8
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       499A856B08768B1266E49F2EC938956CED05B3BA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/87f2d17b-bc00-4f7a-b7e8-788558dd25ae.roa
Signing time:             Mon 18 Mar 2024 00:00:00 +0000
ROA not before:           Mon 18 Mar 2024 00:00:00 +0000
ROA not after:            Mon 22 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        149.44.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:9a:85:6b:08:76:8b:12:66:e4:9f:2e:c9:38:95:6c:ed:05:b3:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 18 00:00:00 2024 GMT
            Not After : Apr 22 23:59:59 2024 GMT
        Subject: serialNumber=26153da0316816ec8ff9d95c9e2f507e4ab0e7eec0115095225b663a4f064c3a, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:8e:3f:04:ea:40:da:67:bf:c8:14:f4:00:7a:
                    ea:f8:c9:bb:63:28:e5:b1:61:57:f0:1b:5d:4d:6d:
                    6d:b0:ad:bb:48:c0:2e:71:c5:be:44:5f:ee:2a:9f:
                    f2:8f:50:02:21:51:b3:90:14:63:7f:32:03:0b:9a:
                    b3:26:46:0c:fb:a2:de:f4:fb:90:c2:98:ff:ab:95:
                    52:48:ec:10:87:4a:09:3c:29:8c:54:73:81:fc:25:
                    af:53:37:b8:e4:a1:34:0e:b4:25:6f:cb:15:06:65:
                    90:95:f0:12:60:19:95:9c:b8:fd:f1:1e:bc:e8:24:
                    df:73:8a:f9:9b:45:f8:47:26:9b:ad:5a:58:89:a4:
                    06:4b:4e:3f:cc:c4:81:d7:29:c5:00:2e:70:0c:18:
                    b1:76:a6:12:d9:c5:a1:78:34:0b:b3:52:c9:e4:38:
                    6a:fb:c5:0e:ee:94:75:b3:a9:b0:cb:b4:f6:9a:fe:
                    60:91:ae:95:fb:59:0a:0d:aa:5e:29:91:66:31:1d:
                    5b:07:fb:8a:43:28:c7:6a:6e:2e:c7:db:70:e3:3e:
                    fb:81:0c:a0:8e:df:6d:96:7d:2a:55:46:e7:fd:f1:
                    f9:b2:fd:b2:f4:1c:4f:bc:57:03:ea:a5:4e:7f:36:
                    df:8f:62:bf:d7:61:b4:f8:02:45:92:ba:49:73:f6:
                    6e:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:BD:46:70:E8:43:A0:31:9C:70:CF:05:47:61:9B:03:4C:4C:B4:E8
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/87f2d17b-bc00-4f7a-b7e8-788558dd25ae.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  149.44.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         72:62:3d:8d:4b:ea:dd:f8:f5:db:ad:9a:9f:ff:6c:dc:47:d3:
         63:c8:77:2d:22:ee:f0:d6:96:d0:f5:2a:2e:de:fa:94:4d:ce:
         43:1d:17:4f:3f:67:97:34:9e:ee:4e:79:f3:4a:73:f7:d1:15:
         bc:c2:8d:ff:f9:9c:80:78:43:3a:47:e7:81:1a:cb:26:e7:d6:
         7f:a9:61:da:f9:86:bf:e6:95:87:b2:f2:cf:02:48:e1:b5:7b:
         e0:49:d5:5f:3f:67:9e:ef:18:32:45:1d:91:e6:57:a6:b6:3d:
         71:2d:5a:29:52:1e:0b:3b:16:a3:81:0a:c8:e7:84:0e:2d:bf:
         fd:2f:db:11:71:26:7d:1c:30:e4:b6:f8:a8:83:87:66:ad:6a:
         ec:20:b6:5a:67:cb:11:3a:5d:42:6a:08:17:05:9a:14:13:ff:
         a1:3f:eb:02:83:da:17:30:0b:ca:44:0b:b5:71:a7:aa:84:ee:
         d3:e9:f8:bd:35:4d:d5:13:19:b3:72:27:d8:52:cd:21:1b:eb:
         d3:0c:65:00:e1:6c:65:9f:15:f6:e9:08:68:10:c3:86:ed:6b:
         18:34:53:bb:3b:ab:35:70:9b:9e:ce:10:97:0f:f1:62:92:dd:
         ee:21:b1:81:f4:f2:83:10:2c:4c:9e:67:a6:19:04:84:bf:c2:
         66:68:3f:6b
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUSZqFawh2ixJm5J8uyTiVbO0Fs7owDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE4MDAwMDAwWhcNMjQwNDIyMjM1OTU5
WjB6MUkwRwYDVQQFE0AyNjE1M2RhMDMxNjgxNmVjOGZmOWQ5NWM5ZTJmNTA3ZTRh
YjBlN2VlYzAxMTUwOTUyMjViNjYzYTRmMDY0YzNhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDcjj8E6kDaZ7/IFPQAeur4ybtjKOWxYVfwG11NbW2wrbtI
wC5xxb5EX+4qn/KPUAIhUbOQFGN/MgMLmrMmRgz7ot70+5DCmP+rlVJI7BCHSgk8
KYxUc4H8Ja9TN7jkoTQOtCVvyxUGZZCV8BJgGZWcuP3xHrzoJN9zivmbRfhHJput
WliJpAZLTj/MxIHXKcUALnAMGLF2phLZxaF4NAuzUsnkOGr7xQ7ulHWzqbDLtPaa
/mCRrpX7WQoNql4pkWYxHVsH+4pDKMdqbi7H23DjPvuBDKCO322WfSpVRuf98fmy
/bL0HE+8VwPqpU5/Nt+PYr/XYbT4AkWSuklz9m6VAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUHL1GcOhDoDGccM8FR2GbA0xMtOgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzg3ZjJkMTdiLWJjMDAtNGY3YS1iN2U4LTc4ODU1OGRkMjVhZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCVLDANBgkqhkiG9w0BAQsFAAOCAQEAcmI9jUvq3fj1262an/9s3EfTY8h3
LSLu8NaW0PUqLt76lE3OQx0XTz9nlzSe7k5580pz99EVvMKN//mcgHhDOkfngRrL
JufWf6lh2vmGv+aVh7LyzwJI4bV74EnVXz9nnu8YMkUdkeZXprY9cS1aKVIeCzsW
o4EKyOeEDi2//S/bEXEmfRww5Lb4qIOHZq1q7CC2WmfLETpdQmoIFwWaFBP/oT/r
AoPaFzALykQLtXGnqoTu0+n4vTVN1RMZs3In2FLNIRvr0wxlAOFsZZ8V9ukIaBDD
hu1rGDRTuzurNXCbns4Qlw/xYpLd7iGxgfTygxAsTJ5nphkEhL/CZmg/aw==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:17:22 2024 by rpki-client on console-ams.rpki-client.org