Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9a3a05cb-960b-4688-8311-ee8f2b959d5c.roa
File:                     9a3a05cb-960b-4688-8311-ee8f2b959d5c.roa (raw, json)
Hash identifier:          V97eXlXuPF2TxPancqOYrgY2GG79/nky9qQQlMsRCgw=
Subject key identifier:   0C:2A:02:98:07:3F:A2:E8:14:9C:A9:9C:12:79:E7:A1:40:6C:31:29
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       41727729F7D39DB56889EBE697937067D6608014
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9a3a05cb-960b-4688-8311-ee8f2b959d5c.roa
Signing time:             Tue 05 Nov 2024 00:00:00 +0000
ROA not before:           Tue 05 Nov 2024 00:00:00 +0000
ROA not after:            Tue 10 Dec 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        66.165.64.0/18 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 08 Nov 2024 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:72:77:29:f7:d3:9d:b5:68:89:eb:e6:97:93:70:67:d6:60:80:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  5 00:00:00 2024 GMT
            Not After : Dec 10 23:59:59 2024 GMT
        Subject: serialNumber=b925ced3faf0acd76f718651f48c180e6e3aa50b12f1350b76e893e5a985cbaa, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:a6:03:b8:ca:8a:80:f6:1c:8e:0d:07:b6:49:
                    1e:59:54:84:38:7e:a6:64:27:f0:9c:04:1f:1f:40:
                    8f:82:34:da:44:d5:03:82:b2:b7:3b:c5:c2:10:6b:
                    4e:c3:9c:3f:b5:ba:50:81:4e:0f:d4:b5:36:d0:7f:
                    7c:a1:e6:02:f4:ca:6e:2a:bb:72:36:95:da:15:7f:
                    6f:b2:23:ad:f1:27:f4:2b:c9:85:47:47:30:05:23:
                    2f:5e:07:d5:6c:88:38:18:71:45:d2:47:f7:61:49:
                    7b:16:9e:a6:36:e0:1a:61:f7:a7:eb:63:ba:e2:df:
                    25:d3:cb:33:80:d2:73:7a:30:22:cd:3c:e2:de:96:
                    d3:e6:11:2f:e4:13:85:a4:81:c8:e5:17:a5:ad:8d:
                    e0:97:56:2b:ed:ea:fc:1f:b2:0a:cf:5c:7c:d9:b6:
                    2e:5f:25:f4:77:e6:a2:63:14:de:ee:3b:65:c7:11:
                    b6:e3:2b:19:46:06:e5:e2:0e:35:d3:df:34:c0:81:
                    37:7f:b1:7c:df:0e:72:80:96:dc:0f:79:ee:12:70:
                    bb:54:9e:ef:f5:e4:14:22:ab:2b:38:76:f7:63:af:
                    a4:c4:76:5a:d2:dc:fb:01:78:db:bc:1a:02:76:87:
                    ac:fb:97:15:97:76:af:95:12:8e:20:5d:22:88:19:
                    57:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:2A:02:98:07:3F:A2:E8:14:9C:A9:9C:12:79:E7:A1:40:6C:31:29
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9a3a05cb-960b-4688-8311-ee8f2b959d5c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.165.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         ac:c0:9d:d0:9c:0a:44:0d:f8:3e:88:1b:8d:b2:ab:0e:c6:2f:
         6f:23:ec:c9:dc:e2:60:92:63:fc:31:42:94:b9:8e:26:4b:7c:
         25:5f:b8:77:f0:31:e2:cb:65:88:2a:4c:b0:66:43:20:73:03:
         01:ce:39:68:65:e2:0c:58:54:df:43:f5:d6:72:35:58:dc:4c:
         e6:53:17:68:53:1c:24:99:5a:31:14:9c:e5:69:38:59:a6:7b:
         8d:9a:c5:7d:6c:a4:14:28:6f:70:16:7d:05:b1:1e:e9:fa:ec:
         f5:17:0d:4a:48:42:39:ab:13:52:70:4b:71:92:73:00:37:3c:
         2c:25:c3:c4:2a:51:1d:82:4a:40:90:d0:dd:a6:da:68:ee:fc:
         06:97:57:68:56:fd:4a:76:57:c8:1d:59:78:d0:29:c0:13:bc:
         38:ff:9a:cc:89:a7:2c:41:8a:92:8f:77:c4:c2:c5:e8:60:40:
         1c:06:f9:00:ed:5c:de:fd:22:27:04:b8:d2:44:a0:5d:30:45:
         ea:c6:2e:dc:36:ac:9e:e4:00:69:91:36:be:fd:c8:2f:22:c2:
         34:60:b1:95:af:03:57:56:60:82:db:9a:b1:94:7c:2a:6d:2f:
         80:4b:f4:dc:21:36:c8:56:ec:33:42:68:79:2c:16:9d:8e:40:
         16:8b:af:32
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQXJ3KffTnbVoievml5NwZ9ZggBQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMTA1MDAwMDAwWhcNMjQxMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BiOTI1Y2VkM2ZhZjBhY2Q3NmY3MTg2NTFmNDhjMTgwZTZl
M2FhNTBiMTJmMTM1MGI3NmU4OTNlNWE5ODVjYmFhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCjpgO4yoqA9hyODQe2SR5ZVIQ4fqZkJ/CcBB8fQI+CNNpE
1QOCsrc7xcIQa07DnD+1ulCBTg/UtTbQf3yh5gL0ym4qu3I2ldoVf2+yI63xJ/Qr
yYVHRzAFIy9eB9VsiDgYcUXSR/dhSXsWnqY24Bph96frY7ri3yXTyzOA0nN6MCLN
POLeltPmES/kE4WkgcjlF6WtjeCXVivt6vwfsgrPXHzZti5fJfR35qJjFN7uO2XH
EbbjKxlGBuXiDjXT3zTAgTd/sXzfDnKAltwPee4ScLtUnu/15BQiqys4dvdjr6TE
dlrS3PsBeNu8GgJ2h6z7lxWXdq+VEo4gXSKIGVdNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUDCoCmAc/ougUnKmcEnnnoUBsMSkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzlhM2EwNWNiLTk2MGItNDY4OC04MzExLWVlOGYyYjk1OWQ1Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZCpUAwDQYJKoZIhvcNAQELBQADggEBAKzAndCcCkQN+D6IG42yqw7GL28j
7Mnc4mCSY/wxQpS5jiZLfCVfuHfwMeLLZYgqTLBmQyBzAwHOOWhl4gxYVN9D9dZy
NVjcTOZTF2hTHCSZWjEUnOVpOFmme42axX1spBQob3AWfQWxHun67PUXDUpIQjmr
E1JwS3GScwA3PCwlw8QqUR2CSkCQ0N2m2mju/AaXV2hW/Up2V8gdWXjQKcATvDj/
msyJpyxBipKPd8TCxehgQBwG+QDtXN79IicEuNJEoF0wRerGLtw2rJ7kAGmRNr79
yC8iwjRgsZWvA1dWYILbmrGUfCptL4BL9NwhNshW7DNCaHksFp2OQBaLrzI=
-----END CERTIFICATE-----
Generated at Thu Nov 7 02:07:45 2024 by rpki-client on console-ams.rpki-client.org