Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/89e4ba23-91ab-40dd-ba19-bcc55063a417.roa
File:                     89e4ba23-91ab-40dd-ba19-bcc55063a417.roa (raw, json)
Hash identifier:          7zx+3km7rdBGlKDBZs7S0sEwSsQ8sc2S58gvXt3j31o=
Subject key identifier:   03:12:3C:57:3C:96:7E:EE:4E:A3:E9:05:0A:08:EB:E9:84:4B:93:D9
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       448CF1D235A3B370D498D809B0F2400982B256D6
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/89e4ba23-91ab-40dd-ba19-bcc55063a417.roa
Signing time:             Mon 02 Dec 2024 00:00:00 +0000
ROA not before:           Mon 02 Dec 2024 00:00:00 +0000
ROA not after:            Mon 06 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.83.76.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 12 Dec 2024 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:8c:f1:d2:35:a3:b3:70:d4:98:d8:09:b0:f2:40:09:82:b2:56:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec  2 00:00:00 2024 GMT
            Not After : Jan  6 23:59:59 2025 GMT
        Subject: serialNumber=bfae0daa625fdc6876d9d18539f1be0d516094cb9e225d0a467c37c17c4bd99c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:c5:14:3d:13:b9:c3:94:07:56:dc:a3:79:6c:
                    df:2a:67:be:89:2e:e1:c6:c7:2d:b1:3f:11:7a:18:
                    38:df:b1:98:0e:b3:ee:fb:4c:12:49:5f:85:da:02:
                    95:25:75:0d:2c:22:91:d7:e0:d9:73:1f:c9:5c:50:
                    be:f6:4b:ec:c7:d4:eb:f9:74:55:e5:4d:35:bd:66:
                    41:21:df:c5:d2:47:22:56:05:49:da:4f:39:80:fd:
                    3c:20:91:6d:e2:62:cd:72:f4:68:5a:3b:57:4e:94:
                    f2:ac:f3:26:3c:6d:da:34:0f:48:37:4e:63:6a:9e:
                    28:3f:a9:0e:f1:ed:75:d4:4a:ae:5d:3c:97:4e:8d:
                    93:0d:3c:5b:38:01:38:2b:4e:5d:63:51:c7:9a:c5:
                    d2:d7:c7:78:cc:d4:92:07:8d:cd:7c:15:f1:87:11:
                    8b:38:db:6d:a4:1f:78:1b:82:4b:dd:56:e4:8c:cc:
                    a5:cb:eb:eb:f5:ee:a3:9a:0f:cc:8a:a9:6c:12:06:
                    ee:41:ba:76:80:37:61:9a:15:c7:c5:e5:b8:62:bf:
                    b4:45:ef:ab:6a:80:24:82:6c:91:ea:f5:36:6b:6e:
                    84:a8:24:b9:b2:45:fa:90:76:dc:e7:41:93:7a:5c:
                    4a:e2:27:94:f6:26:f0:9a:4c:17:f9:8e:c4:59:5c:
                    1a:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:12:3C:57:3C:96:7E:EE:4E:A3:E9:05:0A:08:EB:E9:84:4B:93:D9
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/89e4ba23-91ab-40dd-ba19-bcc55063a417.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.83.76.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2d:eb:31:82:1e:f9:e9:08:52:de:e0:b4:e3:0e:20:8d:5b:74:
         68:ee:7f:9f:80:64:83:34:be:a4:a9:cc:3d:98:c5:fa:64:ce:
         51:23:02:85:9c:ff:9e:58:6d:36:3b:10:20:4a:7a:a9:73:9d:
         9c:5c:e2:0e:de:b4:be:2f:56:03:90:97:62:97:18:5b:2c:f2:
         49:70:68:fd:4a:83:1c:17:25:e5:78:d2:9f:b3:19:0a:21:00:
         e3:e0:81:b0:91:fe:69:6a:7a:cf:d7:a4:74:c5:a1:65:de:19:
         26:b0:37:74:b6:8d:f1:4d:4b:ce:12:70:02:d4:3b:c4:fc:ee:
         de:dc:f5:c7:16:0d:c0:48:cd:2b:a2:88:04:02:1e:17:c5:76:
         5b:53:65:88:83:50:2a:46:e0:73:10:a1:66:41:67:32:93:bb:
         34:5b:3a:06:ca:34:12:4f:df:55:d1:68:8e:19:47:16:db:c8:
         f9:32:65:9b:f8:89:77:de:67:4a:46:1c:bd:7d:d0:e9:1a:bd:
         6f:32:86:94:0f:ac:26:0e:0b:dc:66:dc:13:38:3f:4a:a3:cf:
         2f:e8:9c:b4:a8:47:32:9d:a5:20:a2:e6:32:9d:1d:ab:2c:31:
         03:45:97:fe:c6:70:fb:5a:e6:f4:3e:d7:14:ab:53:72:70:9f:
         6b:14:77:bb
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURIzx0jWjs3DUmNgJsPJACYKyVtYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAyMDAwMDAwWhcNMjUwMTA2MjM1OTU5
WjB6MUkwRwYDVQQFE0BiZmFlMGRhYTYyNWZkYzY4NzZkOWQxODUzOWYxYmUwZDUx
NjA5NGNiOWUyMjVkMGE0NjdjMzdjMTdjNGJkOTljMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCfxRQ9E7nDlAdW3KN5bN8qZ76JLuHGxy2xPxF6GDjfsZgO
s+77TBJJX4XaApUldQ0sIpHX4NlzH8lcUL72S+zH1Ov5dFXlTTW9ZkEh38XSRyJW
BUnaTzmA/TwgkW3iYs1y9GhaO1dOlPKs8yY8bdo0D0g3TmNqnig/qQ7x7XXUSq5d
PJdOjZMNPFs4ATgrTl1jUceaxdLXx3jM1JIHjc18FfGHEYs4222kH3gbgkvdVuSM
zKXL6+v17qOaD8yKqWwSBu5BunaAN2GaFcfF5bhiv7RF76tqgCSCbJHq9TZrboSo
JLmyRfqQdtznQZN6XEriJ5T2JvCaTBf5jsRZXBoZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUAxI8VzyWfu5Oo+kFCgjr6YRLk9kwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzg5ZTRiYTIzLTkxYWItNDBkZC1iYTE5LWJjYzU1MDYzYTQxNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJjU0wwDQYJKoZIhvcNAQELBQADggEBAC3rMYIe+ekIUt7gtOMOII1bdGju
f5+AZIM0vqSpzD2YxfpkzlEjAoWc/55YbTY7ECBKeqlznZxc4g7etL4vVgOQl2KX
GFss8klwaP1KgxwXJeV40p+zGQohAOPggbCR/mlqes/XpHTFoWXeGSawN3S2jfFN
S84ScALUO8T87t7c9ccWDcBIzSuiiAQCHhfFdltTZYiDUCpG4HMQoWZBZzKTuzRb
OgbKNBJP31XRaI4ZRxbbyPkyZZv4iXfeZ0pGHL190OkavW8yhpQPrCYOC9xm3BM4
P0qjzy/onLSoRzKdpSCi5jKdHassMQNFl/7GcPta5vQ+1xSrU3Jwn2sUd7s=
-----END CERTIFICATE-----
Generated at Wed Dec 11 00:54:34 2024 by rpki-client on console-ams.rpki-client.org