Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8c1a18f2-6db7-414e-af5f-943e93d34d77.roa
File:                     8c1a18f2-6db7-414e-af5f-943e93d34d77.roa (raw, json)
Hash identifier:          asM7bMqTI+hke0tT20PN+Kd3XB+GXRf+HI44D/MsrgY=
Subject key identifier:   85:F3:2E:F5:04:A2:75:34:68:C4:4F:55:55:AD:FB:BB:5D:C9:9A:6F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       19B02043CF79406B4621A620191E68309E91EFE7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8c1a18f2-6db7-414e-af5f-943e93d34d77.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        151.134.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:b0:20:43:cf:79:40:6b:46:21:a6:20:19:1e:68:30:9e:91:ef:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=b86c07e2de0e389678e496b9b567750cdad117aceb41326d3b92cb5dc1510d24, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:3e:31:cf:6e:20:60:7b:70:00:69:e3:fd:06:
                    23:09:97:9c:93:5e:71:c9:16:e8:09:7e:d8:d7:17:
                    fb:9b:f6:66:2f:0a:69:bb:de:e2:f5:34:7b:8d:10:
                    fc:69:5d:10:b5:3c:94:81:55:2a:03:e7:d1:af:04:
                    1b:2e:3d:ac:3e:32:df:9c:f6:1f:7f:3c:8f:da:d4:
                    b4:76:08:80:af:51:bb:b1:da:6b:a0:5e:2d:85:d5:
                    43:8e:a4:36:6e:4a:fe:48:a6:fa:32:98:2d:a6:52:
                    43:b9:5c:1c:bf:cb:26:c5:53:3d:9f:af:c8:7e:5c:
                    60:42:68:71:e4:e5:88:ee:b4:7c:69:d4:44:78:9a:
                    b4:6b:46:bd:cc:43:68:fb:ec:1e:eb:0b:23:f4:ca:
                    3f:af:41:3e:91:36:e1:5a:fe:ae:ca:e9:b9:93:bd:
                    b8:5e:fd:8d:ff:a5:5b:04:04:46:29:88:e5:a2:37:
                    c2:41:49:67:1b:b8:c6:05:bd:19:2c:a0:d7:74:5c:
                    ba:bd:b3:cd:62:19:ff:2c:83:26:da:b7:07:5f:73:
                    0f:a4:28:c1:e3:d1:62:d4:8a:44:76:82:3b:e4:53:
                    03:b1:41:ec:2e:72:61:8b:ca:8d:c0:cc:f7:a5:a5:
                    6c:48:c4:14:58:94:9e:c0:78:c3:22:e8:da:01:73:
                    0d:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:F3:2E:F5:04:A2:75:34:68:C4:4F:55:55:AD:FB:BB:5D:C9:9A:6F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8c1a18f2-6db7-414e-af5f-943e93d34d77.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  151.134.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         92:06:87:54:85:87:8e:aa:17:af:71:af:73:27:89:27:14:68:
         de:4a:d4:85:3f:37:17:45:8b:34:bf:80:ed:46:01:b9:ce:a6:
         c3:8d:fa:31:ad:e8:0f:07:ba:ba:5b:9a:63:61:f0:fc:90:ae:
         d4:19:14:c5:13:95:5d:12:9c:7d:51:5e:9d:54:1e:f3:d4:d0:
         dd:2b:27:45:bd:9f:0d:24:ed:71:0a:c2:ad:94:d1:f5:30:13:
         a7:2c:8d:a2:c4:6d:7e:24:15:5a:e6:0b:d8:16:6a:46:a8:39:
         d0:57:71:28:e0:d1:f6:c5:4a:d8:1d:cb:a9:15:9f:e7:32:1d:
         65:0a:a5:01:31:44:e6:c1:77:93:85:62:61:b0:6c:ff:d3:3e:
         08:5f:a9:ce:ec:04:ef:a0:f1:3c:ea:86:56:36:44:98:6d:97:
         de:56:3a:66:8b:08:a7:c7:72:0b:8a:e8:90:d5:f6:06:62:29:
         d8:6e:b1:e8:95:fc:33:63:2c:b8:5e:68:d8:3b:3b:c3:90:e7:
         02:84:fd:ea:e2:ba:42:8d:02:9b:67:ff:4b:db:a5:b5:4f:9a:
         0d:5f:6c:bc:93:97:56:a6:2e:04:a9:48:72:2f:2b:b9:e7:ed:
         09:6d:2c:11:73:e1:1a:31:09:eb:33:8a:f3:32:9f:b7:d6:51:
         a2:5f:59:a3
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUGbAgQ895QGtGIaYgGR5oMJ6R7+cwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BiODZjMDdlMmRlMGUzODk2NzhlNDk2YjliNTY3NzUwY2Rh
ZDExN2FjZWI0MTMyNmQzYjkyY2I1ZGMxNTEwZDI0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDlPjHPbiBge3AAaeP9BiMJl5yTXnHJFugJftjXF/ub9mYv
Cmm73uL1NHuNEPxpXRC1PJSBVSoD59GvBBsuPaw+Mt+c9h9/PI/a1LR2CICvUbux
2mugXi2F1UOOpDZuSv5IpvoymC2mUkO5XBy/yybFUz2fr8h+XGBCaHHk5YjutHxp
1ER4mrRrRr3MQ2j77B7rCyP0yj+vQT6RNuFa/q7K6bmTvbhe/Y3/pVsEBEYpiOWi
N8JBSWcbuMYFvRksoNd0XLq9s81iGf8sgybatwdfcw+kKMHj0WLUikR2gjvkUwOx
QewucmGLyo3AzPelpWxIxBRYlJ7AeMMi6NoBcw2dAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUhfMu9QSidTRoxE9VVa37u13Jmm8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhjMWExOGYyLTZkYjctNDE0ZS1hZjVmLTk0M2U5M2QzNGQ3Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCXhjANBgkqhkiG9w0BAQsFAAOCAQEAkgaHVIWHjqoXr3GvcyeJJxRo3krU
hT83F0WLNL+A7UYBuc6mw436Ma3oDwe6uluaY2Hw/JCu1BkUxROVXRKcfVFenVQe
89TQ3SsnRb2fDSTtcQrCrZTR9TATpyyNosRtfiQVWuYL2BZqRqg50FdxKODR9sVK
2B3LqRWf5zIdZQqlATFE5sF3k4ViYbBs/9M+CF+pzuwE76DxPOqGVjZEmG2X3lY6
ZosIp8dyC4rokNX2BmIp2G6x6JX8M2MsuF5o2Ds7w5DnAoT96uK6Qo0Cm2f/S9ul
tU+aDV9svJOXVqYuBKlIci8rueftCW0sEXPhGjEJ6zOK8zKft9ZRol9Zow==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:37:09 2024 by rpki-client on console-fra.rpki-client.org