Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9467035e-ac22-4ed7-bdeb-771152f3e853.roa
File:                     9467035e-ac22-4ed7-bdeb-771152f3e853.roa (raw, json)
Hash identifier:          J7Kb+wt90YCbvtZrX0uZUXoSuvPQVYEIwEdTmt36eoM=
Subject key identifier:   93:0F:CB:DD:1B:AA:7C:A6:DF:D2:3A:9B:1F:82:EE:E1:AF:A9:96:BB
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1689A3EFB4B9FEAA921246A1FC4118655BC50ED0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9467035e-ac22-4ed7-bdeb-771152f3e853.roa
Signing time:             Fri 01 Nov 2024 00:00:00 +0000
ROA not before:           Fri 01 Nov 2024 00:00:00 +0000
ROA not after:            Fri 06 Dec 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        170.68.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 23 Nov 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:89:a3:ef:b4:b9:fe:aa:92:12:46:a1:fc:41:18:65:5b:c5:0e:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  1 00:00:00 2024 GMT
            Not After : Dec  6 23:59:59 2024 GMT
        Subject: serialNumber=ac8588b35220bccdac99d9786eccc95e07dbdace51288800ae4e1b9ee637b4fd, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:02:e0:8b:7f:53:4c:0d:95:1b:6f:cc:b2:74:
                    f3:7e:57:8d:3b:28:e5:21:b8:d8:71:6a:03:08:1f:
                    3e:fb:b0:c1:9a:53:ce:e1:09:bb:1e:c0:e5:0e:c7:
                    d4:65:ef:c5:99:1e:88:f9:73:f7:1f:dc:f2:19:7b:
                    10:18:5f:3e:10:9c:8f:76:fa:be:2c:20:c2:30:48:
                    07:15:23:82:97:dd:62:ea:d3:af:2d:32:1d:2c:0e:
                    d8:7a:ef:b5:56:3a:9b:fd:9a:40:16:6b:63:d2:be:
                    ff:38:9e:0d:30:41:8d:75:a4:ca:df:7a:dc:b4:3d:
                    b4:ea:94:b5:94:54:22:c0:1c:fa:49:65:53:31:28:
                    60:69:07:d2:33:5b:8d:00:fa:da:b5:62:1b:d0:7f:
                    fa:e6:39:ab:16:eb:1b:75:4c:91:83:e6:99:9c:15:
                    58:4c:54:dd:c1:28:5a:e4:a0:53:8c:cf:8f:1c:2f:
                    bf:e7:57:9c:c7:fb:8e:5e:4b:c9:5d:e8:ab:45:2d:
                    22:9d:90:aa:d4:3b:a0:8a:26:4a:94:6c:0d:76:17:
                    d8:4a:18:c4:73:ae:23:48:18:b2:ac:db:87:59:39:
                    b8:27:57:48:57:f7:23:60:65:23:24:dc:4b:ef:cc:
                    73:8a:a3:56:c0:9c:6b:45:60:1f:6a:4e:f3:7b:b7:
                    3e:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:0F:CB:DD:1B:AA:7C:A6:DF:D2:3A:9B:1F:82:EE:E1:AF:A9:96:BB
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9467035e-ac22-4ed7-bdeb-771152f3e853.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.68.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         bf:2e:5e:22:f7:22:9f:de:1f:48:f8:72:27:a5:5b:9e:a1:58:
         cb:75:13:ac:1e:de:88:c0:04:4d:23:a1:34:b6:ca:7d:05:9a:
         49:e4:09:56:3c:15:06:85:7c:a9:23:3a:2e:b5:73:86:71:9b:
         50:41:4a:c7:15:c7:c1:a5:86:cd:8c:85:33:f6:33:0e:93:40:
         5c:7f:74:0d:7d:9a:50:7f:6e:87:8f:da:78:30:0f:79:5b:ca:
         6c:29:ef:c2:01:fe:ac:ab:73:b6:ee:13:81:a6:3b:e7:41:2c:
         08:b1:3f:1d:1b:cf:90:ec:79:94:26:90:8e:ee:0d:6b:f7:e1:
         b3:47:61:e5:e2:05:4c:95:0b:56:b3:d5:d7:54:d8:c9:dc:e1:
         41:ec:52:31:58:26:4d:8d:49:a1:4c:3c:17:78:09:27:3c:c1:
         85:3b:69:c7:ac:75:af:b8:bc:53:3f:25:3a:d0:94:97:e1:85:
         e2:3f:06:a3:f1:3d:b2:a9:f1:2e:5f:5f:3a:56:d6:61:3d:2b:
         be:4e:91:6b:59:b3:b8:60:05:99:c0:e3:30:13:7f:71:18:62:
         0b:fb:9a:8a:2c:a5:69:47:47:c9:eb:9d:59:a1:24:8e:91:b2:
         40:d2:d9:7a:52:6b:66:f6:f5:cd:22:5a:c4:ca:de:48:f2:06:
         d2:9c:e3:4e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUFomj77S5/qqSEkah/EEYZVvFDtAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMTAxMDAwMDAwWhcNMjQxMjA2MjM1OTU5
WjB6MUkwRwYDVQQFE0BhYzg1ODhiMzUyMjBiY2NkYWM5OWQ5Nzg2ZWNjYzk1ZTA3
ZGJkYWNlNTEyODg4MDBhZTRlMWI5ZWU2MzdiNGZkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCgAuCLf1NMDZUbb8yydPN+V407KOUhuNhxagMIHz77sMGa
U87hCbsewOUOx9Rl78WZHoj5c/cf3PIZexAYXz4QnI92+r4sIMIwSAcVI4KX3WLq
068tMh0sDth677VWOpv9mkAWa2PSvv84ng0wQY11pMrfety0PbTqlLWUVCLAHPpJ
ZVMxKGBpB9IzW40A+tq1YhvQf/rmOasW6xt1TJGD5pmcFVhMVN3BKFrkoFOMz48c
L7/nV5zH+45eS8ld6KtFLSKdkKrUO6CKJkqUbA12F9hKGMRzriNIGLKs24dZObgn
V0hX9yNgZSMk3EvvzHOKo1bAnGtFYB9qTvN7tz7tAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUkw/L3RuqfKbf0jqbH4Lu4a+plrswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk0NjcwMzVlLWFjMjItNGVkNy1iZGViLTc3MTE1MmYzZTg1My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCqRDANBgkqhkiG9w0BAQsFAAOCAQEAvy5eIvcin94fSPhyJ6VbnqFYy3UT
rB7eiMAETSOhNLbKfQWaSeQJVjwVBoV8qSM6LrVzhnGbUEFKxxXHwaWGzYyFM/Yz
DpNAXH90DX2aUH9uh4/aeDAPeVvKbCnvwgH+rKtztu4TgaY750EsCLE/HRvPkOx5
lCaQju4Na/fhs0dh5eIFTJULVrPV11TYydzhQexSMVgmTY1JoUw8F3gJJzzBhTtp
x6x1r7i8Uz8lOtCUl+GF4j8Go/E9sqnxLl9fOlbWYT0rvk6Ra1mzuGAFmcDjMBN/
cRhiC/uaiiylaUdHyeudWaEkjpGyQNLZelJrZvb1zSJaxMreSPIG0pzjTg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:17 2024 by rpki-client on console-fra.rpki-client.org