Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98aa5ac4-1895-4aa6-9175-1ee3bda2890d.roa
File:                     98aa5ac4-1895-4aa6-9175-1ee3bda2890d.roa (raw, json)
Hash identifier:          fMD/ryHVMxz43cQh0T9o7z36L6tX6smSWaB5QeUJ9kU=
Subject key identifier:   43:44:D9:D2:33:2D:52:99:1F:32:26:E4:5B:97:FB:FD:45:DD:E5:FE
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6166558A7FA9C5CAD133FA339A303DA624CCD01F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98aa5ac4-1895-4aa6-9175-1ee3bda2890d.roa
Signing time:             Tue 03 Dec 2024 00:00:00 +0000
ROA not before:           Tue 03 Dec 2024 00:00:00 +0000
ROA not after:            Tue 07 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        64.252.116.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 13 Dec 2024 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:66:55:8a:7f:a9:c5:ca:d1:33:fa:33:9a:30:3d:a6:24:cc:d0:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec  3 00:00:00 2024 GMT
            Not After : Jan  7 23:59:59 2025 GMT
        Subject: serialNumber=712fad375a18fc0ea8309518b602b7b447e9e65eaf0836136f1f5455a33b5c75, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:72:68:52:4a:d5:bd:02:a7:af:49:6a:9c:de:
                    d1:06:31:f4:84:2e:3d:fe:d4:a3:4b:12:24:6d:a7:
                    44:b5:b8:b1:36:d2:39:25:38:0e:82:d0:11:fa:5d:
                    f3:94:b5:f7:bc:91:e4:e4:b0:35:61:dd:ff:40:1b:
                    7a:a4:89:ca:ef:90:ee:f9:33:67:d4:51:d8:0a:b0:
                    5a:18:b3:1c:2c:26:eb:5d:35:55:eb:9c:11:e1:6b:
                    0c:92:16:2c:de:9a:cd:39:8b:97:85:07:32:10:4a:
                    ad:49:74:e6:be:5d:cb:be:48:d0:3a:73:40:87:55:
                    4d:a9:e9:7e:b2:57:7e:d9:1b:1f:6a:54:cf:ad:3c:
                    b7:97:9c:5f:3b:25:3d:41:17:c3:4c:bb:0d:49:c8:
                    9a:f4:50:cd:d2:65:bc:8e:ab:53:e8:d7:36:2f:b8:
                    35:cc:9b:6a:d6:a0:14:15:73:f1:f7:78:81:40:29:
                    60:8f:f2:4b:00:83:b9:7a:b6:e0:ce:e5:b8:ca:e8:
                    ba:a1:18:24:56:fd:1a:d7:ba:74:ae:6b:21:62:ad:
                    f2:d7:88:61:e6:cd:c2:e0:94:8e:e4:e7:84:da:d2:
                    f9:ce:90:00:f7:67:f5:70:5c:c0:50:3d:8e:c7:77:
                    1d:94:6a:f2:7c:6c:66:64:b2:e3:59:b4:5f:14:29:
                    b1:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:44:D9:D2:33:2D:52:99:1F:32:26:E4:5B:97:FB:FD:45:DD:E5:FE
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98aa5ac4-1895-4aa6-9175-1ee3bda2890d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.252.116.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:c0:4b:d9:49:a4:ec:7c:e2:bf:3e:c7:c3:dc:e9:7a:15:de:
         6f:bc:f0:f1:10:c5:49:2b:91:21:14:dd:0e:7a:d9:48:0c:dd:
         ce:dc:cc:66:69:cf:08:42:d2:b6:bd:63:01:04:80:7b:b1:bf:
         35:a6:9b:24:f4:a3:70:b4:28:8e:d5:37:4c:67:23:6e:7e:59:
         9c:16:f1:97:82:16:d5:16:11:af:84:17:f7:b8:b5:4d:d4:29:
         e0:e5:ee:7e:2f:6e:6a:3a:b1:9c:56:b3:e4:c4:0d:3e:dc:cd:
         10:86:18:94:7f:f2:2b:d6:38:23:6c:a8:ac:d3:5f:1e:8e:13:
         7d:10:79:ca:c5:47:a7:09:e0:68:55:01:9a:bf:ac:95:dc:75:
         51:e9:0a:18:21:e9:b6:b3:69:d2:c6:14:42:3e:34:fb:f8:fb:
         21:63:6b:2d:31:93:bc:f8:28:32:44:f1:1c:24:99:f5:a8:c3:
         63:8a:61:93:17:19:a9:c8:99:71:79:fb:05:10:bf:15:fa:ec:
         5f:81:95:f9:07:b7:76:93:8f:84:cd:98:a1:f0:1e:c7:d4:5b:
         39:ca:5d:46:23:bf:83:9f:9d:1c:d6:dd:73:da:7a:9f:31:ec:
         0d:51:b9:b7:88:1b:8f:bb:6f:b0:7d:91:a7:46:b8:13:a4:09:
         1a:f9:ba:5b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYWZVin+pxcrRM/ozmjA9piTM0B8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAzMDAwMDAwWhcNMjUwMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A3MTJmYWQzNzVhMThmYzBlYTgzMDk1MThiNjAyYjdiNDQ3
ZTllNjVlYWYwODM2MTM2ZjFmNTQ1NWEzM2I1Yzc1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDJcmhSStW9AqevSWqc3tEGMfSELj3+1KNLEiRtp0S1uLE2
0jklOA6C0BH6XfOUtfe8keTksDVh3f9AG3qkicrvkO75M2fUUdgKsFoYsxwsJutd
NVXrnBHhawySFizems05i5eFBzIQSq1JdOa+Xcu+SNA6c0CHVU2p6X6yV37ZGx9q
VM+tPLeXnF87JT1BF8NMuw1JyJr0UM3SZbyOq1Po1zYvuDXMm2rWoBQVc/H3eIFA
KWCP8ksAg7l6tuDO5bjK6LqhGCRW/RrXunSuayFirfLXiGHmzcLglI7k54Ta0vnO
kAD3Z/VwXMBQPY7Hdx2UavJ8bGZksuNZtF8UKbGNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUQ0TZ0jMtUpkfMibkW5f7/UXd5f4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk4YWE1YWM0LTE4OTUtNGFhNi05MTc1LTFlZTNiZGEyODkwZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABA/HQwDQYJKoZIhvcNAQELBQADggEBACzAS9lJpOx84r8+x8Pc6XoV3m+8
8PEQxUkrkSEU3Q562UgM3c7czGZpzwhC0ra9YwEEgHuxvzWmmyT0o3C0KI7VN0xn
I25+WZwW8ZeCFtUWEa+EF/e4tU3UKeDl7n4vbmo6sZxWs+TEDT7czRCGGJR/8ivW
OCNsqKzTXx6OE30QecrFR6cJ4GhVAZq/rJXcdVHpChgh6bazadLGFEI+NPv4+yFj
ay0xk7z4KDJE8RwkmfWow2OKYZMXGanImXF5+wUQvxX67F+BlfkHt3aTj4TNmKHw
HsfUWznKXUYjv4OfnRzW3XPaep8x7A1RubeIG4+7b7B9kadGuBOkCRr5uls=
-----END CERTIFICATE-----
Generated at Wed Dec 11 21:56:09 2024 by rpki-client on console-fra.rpki-client.org