Route Origin Authorization 

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8a968700-a089-4299-8b14-9a9aa6edf062.roa
File:                     8a968700-a089-4299-8b14-9a9aa6edf062.roa (raw, json)
Hash identifier:          PBh/LD4m0egTs9pjaNE0rlCrubTDrnC3sb4YhOMVk84=
Subject key identifier:   64:65:AA:C7:3F:86:90:46:97:40:BA:CE:D9:EB:CB:99:99:94:1F:E9
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       18106843F1CC6EBB0D6766D16F7D4C18340D6D5A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8a968700-a089-4299-8b14-9a9aa6edf062.roa
Signing time:             Fri 08 Nov 2024 00:00:00 +0000
ROA not before:           Fri 08 Nov 2024 00:00:00 +0000
ROA not after:            Fri 13 Dec 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        16.12.18.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 23 Nov 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:10:68:43:f1:cc:6e:bb:0d:67:66:d1:6f:7d:4c:18:34:0d:6d:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  8 00:00:00 2024 GMT
            Not After : Dec 13 23:59:59 2024 GMT
        Subject: serialNumber=7a48548430977113fe02c41f0d8a43daf78f43376c513e51aede15dce82c478a, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:10:74:04:79:c3:28:1e:20:a1:69:91:a9:f3:
                    11:a8:c3:72:93:a1:08:99:d9:3e:0b:56:90:3e:bb:
                    ef:cf:5e:3c:12:6e:40:c6:44:cf:2b:e6:3f:35:8e:
                    e8:9d:27:00:aa:86:6d:b9:48:b3:bb:f9:36:98:a3:
                    65:9a:8e:6d:b5:1a:5e:81:00:55:0a:9b:6b:37:3a:
                    6f:07:b7:82:b8:e5:c3:ef:2f:e0:62:b7:28:05:0b:
                    a3:6d:76:85:0c:72:b6:9c:e4:a1:4b:82:41:70:11:
                    9a:93:3d:c6:b3:42:22:3e:e7:03:c1:2f:6b:d3:47:
                    1e:46:6c:91:fd:4d:8e:0e:ff:ad:e2:eb:3d:e0:6b:
                    bf:2c:fd:ad:bf:2d:f8:0f:38:b7:1d:56:df:70:9a:
                    6f:1e:38:6b:b1:fd:4b:3e:ae:f2:52:8c:b5:e0:f5:
                    d0:70:b0:0c:65:a4:af:4b:b0:f5:b6:1a:2e:86:55:
                    ee:2c:fe:cf:08:10:71:f8:30:26:08:fa:c9:46:7f:
                    1a:08:6a:99:c7:8f:86:22:d6:4a:db:f0:0a:0f:26:
                    e3:d7:51:0f:c7:d8:9a:d7:9c:33:45:dd:6d:37:1c:
                    38:69:5e:e6:11:b2:3d:9e:78:6c:72:ac:b5:8b:09:
                    2a:67:ab:70:5e:76:3b:88:2d:63:b6:88:a1:98:f5:
                    c6:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:65:AA:C7:3F:86:90:46:97:40:BA:CE:D9:EB:CB:99:99:94:1F:E9
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8a968700-a089-4299-8b14-9a9aa6edf062.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.12.18.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7c:bc:97:e8:5f:87:14:a5:bc:e0:ad:35:20:b5:6c:39:7d:87:
         16:50:99:97:4e:b6:c2:ba:8b:41:cc:6c:66:39:f6:60:b6:eb:
         9f:6a:79:d8:bc:6e:bb:36:01:04:8a:58:08:11:5f:b8:8a:e5:
         d5:9c:95:06:19:22:8e:17:2f:c1:6b:ef:cd:72:58:d7:e3:bd:
         36:e1:60:5a:c6:f8:0c:82:46:2f:4f:2a:da:dd:f9:97:c0:17:
         31:aa:52:58:c0:f2:76:e2:ef:18:53:17:5f:df:cf:ba:4b:e4:
         be:92:cc:55:5c:04:ef:f9:a7:a3:e7:be:15:f2:34:90:4f:69:
         f1:86:e6:09:2f:33:7b:3d:e2:35:ca:8a:d9:5a:7e:72:cc:00:
         64:84:ca:37:13:68:f9:45:84:8e:6b:d8:e7:fe:6c:c8:c8:97:
         ed:d1:ad:d8:eb:4b:0a:26:3f:0d:95:dd:6f:dc:74:a4:f4:aa:
         d3:cd:e4:b1:e9:f0:87:cc:c3:67:1d:b1:e6:81:2d:0a:22:12:
         c2:09:8e:8f:6b:c0:91:47:35:12:0b:65:1e:f1:46:80:dd:00:
         fb:ae:2c:a0:94:26:d2:2a:32:c6:82:32:8a:e8:a3:ee:94:f8:
         cd:8b:ac:51:ea:1c:90:7b:76:ca:bf:43:1f:ab:fc:3e:14:63:
         3a:56:68:35
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUGBBoQ/HMbrsNZ2bRb31MGDQNbVowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMTA4MDAwMDAwWhcNMjQxMjEzMjM1OTU5
WjB6MUkwRwYDVQQFE0A3YTQ4NTQ4NDMwOTc3MTEzZmUwMmM0MWYwZDhhNDNkYWY3
OGY0MzM3NmM1MTNlNTFhZWRlMTVkY2U4MmM0NzhhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCQEHQEecMoHiChaZGp8xGow3KToQiZ2T4LVpA+u+/PXjwS
bkDGRM8r5j81juidJwCqhm25SLO7+TaYo2Wajm21Gl6BAFUKm2s3Om8Ht4K45cPv
L+BitygFC6NtdoUMcrac5KFLgkFwEZqTPcazQiI+5wPBL2vTRx5GbJH9TY4O/63i
6z3ga78s/a2/LfgPOLcdVt9wmm8eOGux/Us+rvJSjLXg9dBwsAxlpK9LsPW2Gi6G
Ve4s/s8IEHH4MCYI+slGfxoIapnHj4Yi1krb8AoPJuPXUQ/H2JrXnDNF3W03HDhp
XuYRsj2eeGxyrLWLCSpnq3BedjuILWO2iKGY9cZnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUZGWqxz+GkEaXQLrO2evLmZmUH+kwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhhOTY4NzAwLWEwODktNDI5OS04YjE0LTlhOWFhNmVkZjA2Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEQDBIwDQYJKoZIhvcNAQELBQADggEBAHy8l+hfhxSlvOCtNSC1bDl9hxZQ
mZdOtsK6i0HMbGY59mC2659qedi8brs2AQSKWAgRX7iK5dWclQYZIo4XL8Fr781y
WNfjvTbhYFrG+AyCRi9PKtrd+ZfAFzGqUljA8nbi7xhTF1/fz7pL5L6SzFVcBO/5
p6PnvhXyNJBPafGG5gkvM3s94jXKitlafnLMAGSEyjcTaPlFhI5r2Of+bMjIl+3R
rdjrSwomPw2V3W/cdKT0qtPN5LHp8IfMw2cdseaBLQoiEsIJjo9rwJFHNRILZR7x
RoDdAPuuLKCUJtIqMsaCMoroo+6U+M2LrFHqHJB7dsq/Qx+r/D4UYzpWaDU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:14 2024 by rpki-client on console-fra.rpki-client.org