Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9979371c-139e-43af-b3f9-d87584b2cd78.roa
File:                     9979371c-139e-43af-b3f9-d87584b2cd78.roa (raw, json)
Hash identifier:          hsInpd7QJdgcvRMVqKbR9PhtvCKaWTuvyzbGx8MOeMc=
Subject key identifier:   FC:8F:8E:B7:D8:AA:A0:6A:8D:D2:30:9E:DE:FF:CA:A9:9B:BE:72:1B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       53B47F3BEBFC870DEF502A07BD5DF9925585F2C8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9979371c-139e-43af-b3f9-d87584b2cd78.roa
Signing time:             Tue 03 Dec 2024 00:00:00 +0000
ROA not before:           Tue 03 Dec 2024 00:00:00 +0000
ROA not after:            Tue 07 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.78.188.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 05 Dec 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:b4:7f:3b:eb:fc:87:0d:ef:50:2a:07:bd:5d:f9:92:55:85:f2:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec  3 00:00:00 2024 GMT
            Not After : Jan  7 23:59:59 2025 GMT
        Subject: serialNumber=7063375657291742bafb3b3a7fe1b5fd525c7fe163a953d406f331b5f6bb5a0a, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:f6:ae:e4:ad:3d:b4:6b:c6:7e:da:34:64:52:
                    c4:b9:1f:c9:55:43:61:7d:b1:34:5b:a9:47:d4:31:
                    4a:20:cd:2f:d4:00:bb:41:42:b7:e3:f7:bb:75:b2:
                    62:70:39:45:f4:ac:e4:f1:0c:b7:91:c6:48:53:35:
                    8a:64:e6:2b:b1:72:aa:5a:af:b7:28:c7:6a:6e:44:
                    f8:f7:92:a8:48:f1:52:74:cf:61:72:a9:09:94:2a:
                    35:14:fb:80:e9:93:ed:64:4c:c0:c3:00:fe:31:eb:
                    8d:e8:64:8d:5b:4f:e0:12:31:81:40:b7:32:a7:4b:
                    fb:65:df:69:45:1b:88:56:c2:0f:a8:71:36:01:dd:
                    c4:b7:fb:5f:f8:93:2c:a3:e0:fe:c6:c2:61:d1:08:
                    90:e8:9b:cb:2f:16:a7:38:ce:63:52:01:d9:f8:5c:
                    bf:c5:05:63:a8:cd:ed:73:36:bb:13:49:0c:b4:a6:
                    b6:a8:21:95:5e:37:ee:f2:10:52:5a:db:4c:e6:d2:
                    61:ec:42:f0:d4:87:c5:9b:e0:54:29:87:3c:ed:a0:
                    ac:22:92:a1:39:ff:d4:29:82:16:27:d3:2d:f7:b5:
                    d4:f3:e1:c3:3e:37:e5:21:fe:55:25:7c:cd:27:ee:
                    05:b0:f7:42:a9:d0:91:00:c1:34:59:8a:79:2b:9c:
                    df:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:8F:8E:B7:D8:AA:A0:6A:8D:D2:30:9E:DE:FF:CA:A9:9B:BE:72:1B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9979371c-139e-43af-b3f9-d87584b2cd78.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.78.188.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9f:0d:d2:33:81:1c:04:93:49:88:50:cc:5e:83:b1:fa:31:ce:
         59:06:f3:26:34:ff:fb:db:cb:1b:82:77:6d:06:e2:1a:87:08:
         90:24:05:19:23:7f:09:7d:92:c3:55:7e:55:74:2f:fb:3d:13:
         17:b2:62:4f:39:11:29:fe:02:5a:c5:5a:c8:61:52:ef:1b:5d:
         3c:13:a6:6d:1e:32:e2:e3:47:d0:f1:80:89:b9:d9:44:3d:1a:
         34:0e:f4:c5:42:8e:9f:aa:25:5d:c4:98:af:48:f8:3e:63:7c:
         5e:eb:65:3f:64:b6:00:29:6f:5e:e7:00:af:7f:8b:1e:30:0f:
         58:38:5c:a1:89:71:0b:87:73:8a:30:48:e4:69:55:fe:ea:01:
         34:de:01:ae:59:64:3c:8e:c5:7e:fb:db:da:95:3f:14:3b:a0:
         98:41:4c:93:1a:8f:be:b1:3a:4a:b9:5f:18:18:37:a3:e1:31:
         ea:46:74:f2:de:6a:2f:4b:a5:17:2c:33:b0:a6:03:84:0e:7f:
         a1:f2:02:d8:2f:33:24:4f:74:c6:49:0d:c8:01:10:2a:72:23:
         00:b9:fb:47:14:1a:00:fb:e8:e1:fc:46:0a:21:08:1d:2f:d1:
         8d:b3:b3:12:26:ee:3e:b7:2b:b3:93:19:7e:35:b1:f1:4b:51:
         e3:49:fd:60
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUU7R/O+v8hw3vUCoHvV35klWF8sgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAzMDAwMDAwWhcNMjUwMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A3MDYzMzc1NjU3MjkxNzQyYmFmYjNiM2E3ZmUxYjVmZDUy
NWM3ZmUxNjNhOTUzZDQwNmYzMzFiNWY2YmI1YTBhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC79q7krT20a8Z+2jRkUsS5H8lVQ2F9sTRbqUfUMUogzS/U
ALtBQrfj97t1smJwOUX0rOTxDLeRxkhTNYpk5iuxcqpar7cox2puRPj3kqhI8VJ0
z2FyqQmUKjUU+4Dpk+1kTMDDAP4x643oZI1bT+ASMYFAtzKnS/tl32lFG4hWwg+o
cTYB3cS3+1/4kyyj4P7GwmHRCJDom8svFqc4zmNSAdn4XL/FBWOoze1zNrsTSQy0
praoIZVeN+7yEFJa20zm0mHsQvDUh8Wb4FQphzztoKwikqE5/9QpghYn0y33tdTz
4cM+N+Uh/lUlfM0n7gWw90Kp0JEAwTRZinkrnN/zAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU/I+Ot9iqoGqN0jCe3v/KqZu+chswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk5NzkzNzFjLTEzOWUtNDNhZi1iM2Y5LWQ4NzU4NGIyY2Q3OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJjTrwwDQYJKoZIhvcNAQELBQADggEBAJ8N0jOBHASTSYhQzF6DsfoxzlkG
8yY0//vbyxuCd20G4hqHCJAkBRkjfwl9ksNVflV0L/s9ExeyYk85ESn+AlrFWshh
Uu8bXTwTpm0eMuLjR9DxgIm52UQ9GjQO9MVCjp+qJV3EmK9I+D5jfF7rZT9ktgAp
b17nAK9/ix4wD1g4XKGJcQuHc4owSORpVf7qATTeAa5ZZDyOxX7729qVPxQ7oJhB
TJMaj76xOkq5XxgYN6PhMepGdPLeai9LpRcsM7CmA4QOf6HyAtgvMyRPdMZJDcgB
ECpyIwC5+0cUGgD76OH8RgohCB0v0Y2zsxIm7j63K7OTGX41sfFLUeNJ/WA=
-----END CERTIFICATE-----
Generated at Wed Dec 4 03:48:53 2024 by rpki-client on console-fra.rpki-client.org