Route Origin Authorization 

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/91d0db83-f7cb-4ba4-8999-90629aaf96d6.roa
File:                     91d0db83-f7cb-4ba4-8999-90629aaf96d6.roa (raw, json)
Hash identifier:          0vS6KhVmwAPQghtDb0dH+XDrlWKBbKDm4/BuGxBqriw=
Subject key identifier:   F9:C3:DB:D8:1F:17:41:02:42:73:6C:5A:54:F1:4D:38:48:41:F7:A3
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       65F6BF62D94C8A37083BB007D6CB9454FA29C263
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/91d0db83-f7cb-4ba4-8999-90629aaf96d6.roa
Signing time:             Tue 19 Nov 2024 00:00:00 +0000
ROA not before:           Tue 19 Nov 2024 00:00:00 +0000
ROA not after:            Tue 24 Dec 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        156.153.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 23 Nov 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:f6:bf:62:d9:4c:8a:37:08:3b:b0:07:d6:cb:94:54:fa:29:c2:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 19 00:00:00 2024 GMT
            Not After : Dec 24 23:59:59 2024 GMT
        Subject: serialNumber=54177380d8c0608ea40743bd20fbdb2522b046820b67ef23bd6cbb287ea24d9c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:bc:8f:51:74:0a:14:cb:47:25:31:3b:7a:58:
                    5a:81:16:4f:76:05:17:8c:97:7c:66:05:43:48:bb:
                    f8:99:74:b7:5b:32:35:e7:b0:85:15:a7:72:ae:24:
                    56:fc:02:d9:3e:51:d8:2e:0f:71:9d:20:98:75:e8:
                    74:29:52:88:44:7c:b5:6b:80:e6:67:32:93:75:83:
                    62:bf:9e:ac:c4:10:b7:d1:ea:5c:3c:a0:a1:07:d3:
                    be:fc:bf:8a:2b:9a:8d:e9:52:2c:04:a6:fa:f6:22:
                    62:d6:ed:e7:ea:29:f4:2d:91:52:0f:db:73:db:74:
                    8e:a8:61:be:37:b7:c4:86:49:0c:2c:d9:e3:b0:f2:
                    96:08:90:1f:43:74:f8:23:fc:a4:10:d2:82:e4:93:
                    aa:87:d4:4e:af:91:ca:6c:82:ce:3c:5e:f2:2e:7a:
                    28:44:62:0b:62:3e:20:14:48:2e:5b:94:e1:18:6b:
                    2c:8b:61:7c:74:d8:74:8e:f5:41:20:b2:7b:ae:a8:
                    4a:47:0c:5d:e4:90:5e:a3:07:35:68:c8:de:9f:da:
                    2c:bc:01:07:cb:c5:f7:9a:e1:82:72:02:1a:52:c7:
                    01:1d:b4:52:22:7d:02:56:d6:8f:0a:b4:8d:ab:ac:
                    29:fe:b3:50:a6:f2:43:eb:17:f1:ac:3a:bb:a5:02:
                    3b:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:C3:DB:D8:1F:17:41:02:42:73:6C:5A:54:F1:4D:38:48:41:F7:A3
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/91d0db83-f7cb-4ba4-8999-90629aaf96d6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.153.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         b4:e1:1a:85:32:d7:15:bf:6d:43:4a:0a:e3:19:02:6f:78:bd:
         e7:79:b4:12:17:fb:70:dc:fc:a1:a0:d3:ad:74:91:f3:ef:9e:
         86:f5:98:c4:0a:f2:5f:49:db:b2:05:e2:b5:30:f2:60:8e:b3:
         51:c0:b2:9b:7c:12:72:79:a9:df:ab:78:25:9d:99:0a:0a:28:
         88:e7:3a:9e:8d:3b:52:8c:89:05:70:64:f4:ae:7b:d6:73:22:
         25:49:51:1f:ee:9e:c4:81:b4:f9:c0:f1:72:25:26:58:85:ba:
         a7:0e:82:80:a9:69:33:77:e3:89:b0:c2:70:56:b8:8a:18:f3:
         17:a3:ef:92:d9:39:88:7f:f3:bb:b8:dc:02:13:fa:ef:4f:bb:
         bf:97:1b:0b:20:f0:e5:15:0a:d8:d3:6c:bb:fe:82:9b:89:42:
         5d:1d:c0:ba:77:a3:f8:8a:a3:1b:81:8c:ca:15:eb:ff:4e:45:
         53:b5:5c:aa:f5:93:57:8a:21:fe:6e:72:74:42:37:7c:3d:c7:
         8f:df:d0:89:f8:8c:63:66:04:6e:b4:20:e8:b6:72:35:ef:c3:
         3c:a2:b8:ab:a8:89:f0:a9:51:48:eb:47:3d:f3:f8:67:07:2c:
         af:34:9b:3e:38:70:2e:f2:8e:05:e0:15:e7:28:1c:57:ed:99:
         d7:45:5e:2d
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUZfa/YtlMijcIO7AH1suUVPopwmMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMTE5MDAwMDAwWhcNMjQxMjI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A1NDE3NzM4MGQ4YzA2MDhlYTQwNzQzYmQyMGZiZGIyNTIy
YjA0NjgyMGI2N2VmMjNiZDZjYmIyODdlYTI0ZDljMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCyvI9RdAoUy0clMTt6WFqBFk92BReMl3xmBUNIu/iZdLdb
MjXnsIUVp3KuJFb8Atk+UdguD3GdIJh16HQpUohEfLVrgOZnMpN1g2K/nqzEELfR
6lw8oKEH0778v4ormo3pUiwEpvr2ImLW7efqKfQtkVIP23PbdI6oYb43t8SGSQws
2eOw8pYIkB9DdPgj/KQQ0oLkk6qH1E6vkcpsgs48XvIueihEYgtiPiAUSC5blOEY
ayyLYXx02HSO9UEgsnuuqEpHDF3kkF6jBzVoyN6f2iy8AQfLxfea4YJyAhpSxwEd
tFIifQJW1o8KtI2rrCn+s1Cm8kPrF/GsOrulAjtfAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU+cPb2B8XQQJCc2xaVPFNOEhB96MwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzkxZDBkYjgzLWY3Y2ItNGJhNC04OTk5LTkwNjI5YWFmOTZkNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCcmTANBgkqhkiG9w0BAQsFAAOCAQEAtOEahTLXFb9tQ0oK4xkCb3i953m0
Ehf7cNz8oaDTrXSR8++ehvWYxAryX0nbsgXitTDyYI6zUcCym3wScnmp36t4JZ2Z
CgooiOc6no07UoyJBXBk9K571nMiJUlRH+6exIG0+cDxciUmWIW6pw6CgKlpM3fj
ibDCcFa4ihjzF6Pvktk5iH/zu7jcAhP670+7v5cbCyDw5RUK2NNsu/6Cm4lCXR3A
unej+IqjG4GMyhXr/05FU7VcqvWTV4oh/m5ydEI3fD3Hj9/QifiMY2YEbrQg6LZy
Ne/DPKK4q6iJ8KlRSOtHPfP4ZwcsrzSbPjhwLvKOBeAV5ygcV+2Z10VeLQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:16 2024 by rpki-client on console-fra.rpki-client.org