Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/980e8bc3-7bcd-46fb-8c14-cb075b8a677c.roa
File:                     980e8bc3-7bcd-46fb-8c14-cb075b8a677c.roa (raw, json)
Hash identifier:          K6lQDX1on8voGUGbi0WboF4C2sZYPeKOiTtNE9raa5I=
Subject key identifier:   34:DB:0A:0D:88:DF:3F:5E:E9:93:28:18:FB:AA:67:72:F0:55:8F:A5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       553A457F5B3CA24A81CB75D7A1DC8C966E56C6DA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/980e8bc3-7bcd-46fb-8c14-cb075b8a677c.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        99.82.128.0/18 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:3a:45:7f:5b:3c:a2:4a:81:cb:75:d7:a1:dc:8c:96:6e:56:c6:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=ea8f828234bd8a0e5e7b1bd9e472b5b33c38d16079ca2d5062c0b0688ac9bad6, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:f9:9e:33:9c:6d:cd:a4:c1:14:0d:43:71:e7:
                    bd:37:75:3b:53:57:bc:f2:ef:e2:4d:b2:25:e4:47:
                    a8:96:e1:d2:6b:19:21:c8:ed:dd:9e:bf:68:6c:81:
                    c3:e7:ba:07:e6:72:06:3a:6e:c7:f2:ad:1b:d5:a0:
                    5c:d7:c4:62:36:36:03:b5:4f:ef:ed:23:bd:7a:e3:
                    63:f5:14:c6:f7:07:ce:dd:17:fb:68:45:ba:28:b3:
                    6b:81:91:2c:f2:5a:5a:4b:7f:7b:fd:32:10:80:81:
                    4c:08:32:2e:42:3e:f2:a2:cc:7e:f1:04:50:21:ab:
                    25:94:1c:08:0a:6e:5a:1d:db:a3:c5:8a:b1:69:a0:
                    c4:d3:85:f5:97:fd:30:cc:f8:8b:a7:e5:7f:7e:b5:
                    2c:9f:5e:12:1e:15:a6:e9:d0:eb:05:28:cb:bf:da:
                    40:63:7f:ea:25:64:1d:82:4c:55:55:22:33:63:c7:
                    f5:0b:a4:4e:00:85:a4:0a:b6:f1:f9:c7:8c:7d:e5:
                    23:4b:ee:84:03:50:34:28:3b:fb:79:5b:24:51:0e:
                    7e:06:aa:c1:2f:62:ec:5a:62:30:18:bc:8a:f5:bf:
                    92:23:2f:1b:13:ae:97:37:2d:66:45:04:6d:c9:7f:
                    de:24:22:69:9f:23:bf:c5:ad:0d:b2:9e:d2:bc:f3:
                    e1:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:DB:0A:0D:88:DF:3F:5E:E9:93:28:18:FB:AA:67:72:F0:55:8F:A5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/980e8bc3-7bcd-46fb-8c14-cb075b8a677c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.82.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         35:05:af:ff:bc:be:17:ad:b8:e2:ab:70:2b:89:55:1f:bd:75:
         c2:fb:b0:33:ba:b5:20:b5:d3:0f:fd:64:ff:d6:2d:c0:21:ee:
         07:cd:1f:78:5c:15:45:88:dc:39:75:6e:6f:7e:74:a3:51:4f:
         3b:ec:29:90:87:e7:90:c1:85:17:7d:5a:2e:12:00:dd:d4:1d:
         fc:23:e4:86:51:53:7a:e5:de:48:8d:11:81:f2:b4:34:b4:40:
         ff:af:b9:1f:43:af:fa:2e:80:1f:7d:7a:ad:ab:3f:a0:ba:d7:
         48:de:7f:19:21:b2:f1:13:61:74:ca:d6:95:95:5d:07:3c:e1:
         e0:67:80:cc:e2:04:ce:01:e7:cd:32:15:21:61:5a:ec:3f:ab:
         a7:00:f5:b3:c6:87:50:62:03:aa:02:a5:7e:1d:9d:3c:e6:cb:
         b1:c1:8d:1d:cc:6e:9e:49:98:7f:d6:89:22:b5:21:b2:23:38:
         8d:5a:13:fb:43:48:ee:92:e0:9a:1f:00:53:f8:a9:f6:57:ef:
         bf:4c:40:a8:55:30:4e:94:20:af:d0:16:6c:1a:3c:ef:f3:27:
         70:53:1d:54:3f:cb:46:10:3f:98:03:7d:45:2a:ff:f4:4d:54:
         9c:8e:58:d9:6c:e6:1d:49:eb:94:be:22:ee:bb:ed:6f:fb:ef:
         a7:b4:57:5c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVTpFf1s8okqBy3XXodyMlm5WxtowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BlYThmODI4MjM0YmQ4YTBlNWU3YjFiZDllNDcyYjViMzNj
MzhkMTYwNzljYTJkNTA2MmMwYjA2ODhhYzliYWQ2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCP+Z4znG3NpMEUDUNx5703dTtTV7zy7+JNsiXkR6iW4dJr
GSHI7d2ev2hsgcPnugfmcgY6bsfyrRvVoFzXxGI2NgO1T+/tI71642P1FMb3B87d
F/toRboos2uBkSzyWlpLf3v9MhCAgUwIMi5CPvKizH7xBFAhqyWUHAgKblod26PF
irFpoMTThfWX/TDM+Iun5X9+tSyfXhIeFabp0OsFKMu/2kBjf+olZB2CTFVVIjNj
x/ULpE4AhaQKtvH5x4x95SNL7oQDUDQoO/t5WyRRDn4GqsEvYuxaYjAYvIr1v5Ij
LxsTrpc3LWZFBG3Jf94kImmfI7/FrQ2yntK88+HBAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUNNsKDYjfP17pkygY+6pncvBVj6UwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk4MGU4YmMzLTdiY2QtNDZmYi04YzE0LWNiMDc1YjhhNjc3Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZjUoAwDQYJKoZIhvcNAQELBQADggEBADUFr/+8vhetuOKrcCuJVR+9dcL7
sDO6tSC10w/9ZP/WLcAh7gfNH3hcFUWI3Dl1bm9+dKNRTzvsKZCH55DBhRd9Wi4S
AN3UHfwj5IZRU3rl3kiNEYHytDS0QP+vuR9Dr/ougB99eq2rP6C610jefxkhsvET
YXTK1pWVXQc84eBngMziBM4B580yFSFhWuw/q6cA9bPGh1BiA6oCpX4dnTzmy7HB
jR3Mbp5JmH/WiSK1IbIjOI1aE/tDSO6S4JofAFP4qfZX779MQKhVME6UIK/QFmwa
PO/zJ3BTHVQ/y0YQP5gDfUUq//RNVJyOWNls5h1J65S+Iu677W/776e0V1w=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:37:12 2024 by rpki-client on console-fra.rpki-client.org