Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9a0b22a0-ba9a-4be1-b539-8dc4983ff1e3.roa
File:                     9a0b22a0-ba9a-4be1-b539-8dc4983ff1e3.roa (raw, json)
Hash identifier:          /9ovRgLnui8kU06DlNnVwW5/gfCAsSfZ7V+pNAQ1mho=
Subject key identifier:   94:DB:43:86:0C:58:21:A8:EE:51:02:B1:44:4A:F8:95:79:AD:EA:73
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       60E22DBFB4DE5C66374CE588D51FF0985F12F442
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9a0b22a0-ba9a-4be1-b539-8dc4983ff1e3.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        16.135.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:e2:2d:bf:b4:de:5c:66:37:4c:e5:88:d5:1f:f0:98:5f:12:f4:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=c70dde572cd371ccb6f789ba49c5c85838c2bc62067a86e9dc60c9bf7b5dc42c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:5b:13:3a:da:1d:9f:0a:c2:f4:c5:fa:ad:a9:
                    92:9c:e3:29:ad:9d:2e:39:80:55:3a:36:9b:d4:33:
                    bf:e9:a1:18:5d:5e:91:72:89:6d:be:b6:73:68:ba:
                    f9:fd:bb:3e:1c:b7:17:48:af:8b:99:ad:22:01:1c:
                    b2:a0:b1:32:d7:4d:39:b2:04:2b:48:7c:ed:a0:e6:
                    57:0c:71:36:2c:77:aa:f1:f5:1a:50:02:6f:0c:4a:
                    8f:db:a3:3a:9b:95:50:78:75:a5:86:88:3f:ee:db:
                    f6:2c:2b:00:ca:5e:1b:33:26:59:c6:92:69:5b:63:
                    a2:87:2a:81:51:58:ba:14:d9:45:4c:73:02:48:2e:
                    b8:4c:4e:e9:aa:33:e2:74:98:d3:ff:6c:94:b1:d6:
                    6a:d3:cc:11:7b:9e:19:30:d7:48:d8:f3:f8:d8:f7:
                    4e:48:5a:38:ba:26:f8:6b:31:1c:b8:ed:7b:bf:ed:
                    c4:fb:43:12:86:5f:4f:da:63:b6:af:cc:1b:de:79:
                    f3:bf:3b:f4:9d:19:0b:07:37:af:99:3e:9b:51:f6:
                    f4:aa:8b:cc:49:c6:82:3c:c5:7e:87:00:2f:3b:d5:
                    28:52:55:02:2c:f8:ff:65:60:b2:71:9f:13:b7:c4:
                    35:0e:ac:f6:1f:80:f8:43:0a:61:88:e0:e6:7e:ce:
                    33:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:DB:43:86:0C:58:21:A8:EE:51:02:B1:44:4A:F8:95:79:AD:EA:73
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9a0b22a0-ba9a-4be1-b539-8dc4983ff1e3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.135.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         a7:7c:e5:bd:88:e9:41:27:5f:41:10:c4:5c:22:49:14:9c:0a:
         df:29:69:30:a9:80:57:c3:c2:29:0a:0f:1e:21:dd:75:63:a4:
         e7:71:ed:4f:7b:47:53:f0:d8:1f:8d:17:f7:76:ca:e0:f6:63:
         e7:f3:ca:2c:e3:58:98:69:af:31:99:bf:a6:26:db:ff:90:bc:
         89:5f:aa:e3:34:d6:c6:68:08:63:84:c6:54:33:19:94:3c:a6:
         a4:f2:4d:47:b4:b7:ee:25:23:68:e9:19:f1:a4:86:6a:4a:7a:
         a2:1a:02:da:2e:27:1e:95:39:4b:b1:45:d9:c8:57:45:fd:d6:
         93:07:82:e1:26:07:2a:92:0c:4a:68:92:28:f3:64:b2:5a:a7:
         a0:73:31:6a:20:4e:9c:e9:96:6f:24:93:5d:a2:5f:6f:2f:45:
         aa:ab:76:c0:a5:13:4a:b4:c4:f7:0f:c5:32:22:44:79:bb:c9:
         d5:e5:9e:09:5b:97:dd:0e:7c:19:b3:e5:0a:b4:55:a5:be:65:
         31:30:a8:0a:90:52:ec:46:83:9a:59:f8:6a:2c:a7:a4:de:29:
         cf:13:83:6e:01:fe:fe:62:cb:92:1f:c5:66:8f:d9:49:94:da:
         32:68:a6:e7:f8:26:26:dd:6f:1c:63:1d:3d:9d:20:05:04:32:
         1c:86:71:4f
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUYOItv7TeXGY3TOWI1R/wmF8S9EIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BjNzBkZGU1NzJjZDM3MWNjYjZmNzg5YmE0OWM1Yzg1ODM4
YzJiYzYyMDY3YTg2ZTlkYzYwYzliZjdiNWRjNDJjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQClWxM62h2fCsL0xfqtqZKc4ymtnS45gFU6NpvUM7/poRhd
XpFyiW2+tnNouvn9uz4ctxdIr4uZrSIBHLKgsTLXTTmyBCtIfO2g5lcMcTYsd6rx
9RpQAm8MSo/bozqblVB4daWGiD/u2/YsKwDKXhszJlnGkmlbY6KHKoFRWLoU2UVM
cwJILrhMTumqM+J0mNP/bJSx1mrTzBF7nhkw10jY8/jY905IWji6JvhrMRy47Xu/
7cT7QxKGX0/aY7avzBveefO/O/SdGQsHN6+ZPptR9vSqi8xJxoI8xX6HAC871ShS
VQIs+P9lYLJxnxO3xDUOrPYfgPhDCmGI4OZ+zjMVAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUlNtDhgxYIajuUQKxREr4lXmt6nMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzlhMGIyMmEwLWJhOWEtNGJlMS1iNTM5LThkYzQ5ODNmZjFlMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQhzANBgkqhkiG9w0BAQsFAAOCAQEAp3zlvYjpQSdfQRDEXCJJFJwK3ylp
MKmAV8PCKQoPHiHddWOk53HtT3tHU/DYH40X93bK4PZj5/PKLONYmGmvMZm/pibb
/5C8iV+q4zTWxmgIY4TGVDMZlDympPJNR7S37iUjaOkZ8aSGakp6ohoC2i4nHpU5
S7FF2chXRf3WkweC4SYHKpIMSmiSKPNkslqnoHMxaiBOnOmWbySTXaJfby9Fqqt2
wKUTSrTE9w/FMiJEebvJ1eWeCVuX3Q58GbPlCrRVpb5lMTCoCpBS7EaDmln4aiyn
pN4pzxODbgH+/mLLkh/FZo/ZSZTaMmim5/gmJt1vHGMdPZ0gBQQyHIZxTw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:05:38 2024 by rpki-client on console-ams.rpki-client.org