Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9d023a52-54e3-44dc-bba9-27b3b31c1f3a.roa
File:                     9d023a52-54e3-44dc-bba9-27b3b31c1f3a.roa (raw, json)
Hash identifier:          W2HqOBn/FG2w0x2wTizAJEwpkBvn6AaSXo4lBJO442U=
Subject key identifier:   54:8D:07:49:50:2D:2E:4D:6B:AE:1B:8C:01:57:EE:8F:71:B4:A0:2D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5F221BFFB6D82215DD441E74A52C6B9E8D8DA895
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9d023a52-54e3-44dc-bba9-27b3b31c1f3a.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.137.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:22:1b:ff:b6:d8:22:15:dd:44:1e:74:a5:2c:6b:9e:8d:8d:a8:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=ee63533d05db4eb21582f1016c410ae9b324926cbdd3b0f9f07ad6022e91eecf, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:8b:b9:e7:a4:f2:c6:05:41:fe:b4:1d:df:ad:
                    89:ea:f1:6a:31:30:6f:14:d9:d6:ea:16:94:d0:b6:
                    9e:c1:e9:ba:ff:b1:d0:fd:22:5e:28:bb:dd:5b:26:
                    98:68:ca:02:d1:6f:0e:f7:29:6d:55:f1:df:2e:14:
                    91:7a:55:aa:b6:fb:1e:34:e1:85:b6:01:31:d4:be:
                    10:9e:aa:74:f3:dc:ff:13:62:f0:60:9a:b2:ae:2e:
                    00:48:eb:ac:f8:5b:e4:e0:4f:a1:6e:3b:cc:64:34:
                    61:a4:b9:65:20:6e:19:23:11:6a:a3:16:9b:ac:8c:
                    ff:3c:a0:ad:1a:e5:67:1b:ef:96:09:a4:c5:66:43:
                    9a:41:a0:42:9a:5e:29:20:3d:ce:fc:be:da:44:5e:
                    60:76:23:67:e8:05:20:7e:49:4b:86:4b:8e:ac:8e:
                    24:78:cf:14:aa:4a:16:b6:cc:d0:9a:0f:14:d8:64:
                    0d:62:ae:89:97:3a:bd:6b:0e:7e:4c:ab:bd:8a:fa:
                    3f:e2:41:25:41:8f:b0:f5:0e:b9:5b:f6:c5:98:c2:
                    53:15:30:29:51:85:27:94:71:5a:d1:2a:0c:74:d1:
                    b4:76:8a:67:ac:a0:2c:81:3e:39:e0:af:1a:9c:30:
                    66:8b:e7:11:0d:36:7a:d6:d5:1d:97:41:9e:ff:e0:
                    c8:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:8D:07:49:50:2D:2E:4D:6B:AE:1B:8C:01:57:EE:8F:71:B4:A0:2D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9d023a52-54e3-44dc-bba9-27b3b31c1f3a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.137.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d9:6e:74:04:34:dc:4c:99:3c:de:07:ba:8c:b2:d2:05:34:9c:
         48:00:46:d0:b0:1e:ce:a3:c7:0b:f4:39:3c:f2:8e:39:2f:23:
         ca:47:df:8a:1a:f5:10:53:e9:98:13:71:55:a8:43:f6:11:8f:
         d0:ad:fc:45:91:fd:05:25:cd:f1:a5:1d:2d:74:a5:b2:8b:c2:
         3f:2b:7f:49:cc:e6:70:30:6c:08:a6:94:6e:18:f5:cb:42:e3:
         84:db:a2:52:7a:e4:2e:3c:3a:57:50:0c:1c:06:16:81:37:d1:
         18:d0:48:94:1b:4e:4f:f6:90:bf:0b:c6:c8:ce:c6:4f:10:02:
         f7:b3:d6:34:a8:ff:91:7c:b0:ef:14:5e:c6:82:e3:01:3d:a0:
         4d:0c:0c:83:21:9c:ec:0e:50:74:9f:6d:ef:67:1e:d4:05:6a:
         98:5c:19:53:e0:01:bc:4a:6d:f8:48:60:4a:ad:74:62:37:bf:
         da:2c:92:07:db:ce:03:0e:a9:4c:4e:48:25:e1:c2:fe:43:fe:
         d1:f9:3e:00:cb:9e:e9:4e:29:15:e9:15:50:df:65:4e:28:06:
         87:c4:a8:9a:76:f4:5c:b8:74:7f:09:3c:b6:6f:e1:31:dd:49:
         66:22:74:ca:58:02:96:37:4d:80:3b:38:fb:c5:8f:9a:52:96:
         36:e6:81:91
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXyIb/7bYIhXdRB50pSxrno2NqJUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BlZTYzNTMzZDA1ZGI0ZWIyMTU4MmYxMDE2YzQxMGFlOWIz
MjQ5MjZjYmRkM2IwZjlmMDdhZDYwMjJlOTFlZWNmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCbi7nnpPLGBUH+tB3frYnq8WoxMG8U2dbqFpTQtp7B6br/
sdD9Il4ou91bJphoygLRbw73KW1V8d8uFJF6Vaq2+x404YW2ATHUvhCeqnTz3P8T
YvBgmrKuLgBI66z4W+TgT6FuO8xkNGGkuWUgbhkjEWqjFpusjP88oK0a5Wcb75YJ
pMVmQ5pBoEKaXikgPc78vtpEXmB2I2foBSB+SUuGS46sjiR4zxSqSha2zNCaDxTY
ZA1iromXOr1rDn5Mq72K+j/iQSVBj7D1Drlb9sWYwlMVMClRhSeUcVrRKgx00bR2
imesoCyBPjngrxqcMGaL5xENNnrW1R2XQZ7/4MhfAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUVI0HSVAtLk1rrhuMAVfuj3G0oC0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzlkMDIzYTUyLTU0ZTMtNDRkYy1iYmE5LTI3YjNiMzFjMWYzYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTYkwDQYJKoZIhvcNAQELBQADggEBANludAQ03EyZPN4Huoyy0gU0nEgA
RtCwHs6jxwv0OTzyjjkvI8pH34oa9RBT6ZgTcVWoQ/YRj9Ct/EWR/QUlzfGlHS10
pbKLwj8rf0nM5nAwbAimlG4Y9ctC44TbolJ65C48OldQDBwGFoE30RjQSJQbTk/2
kL8LxsjOxk8QAvez1jSo/5F8sO8UXsaC4wE9oE0MDIMhnOwOUHSfbe9nHtQFaphc
GVPgAbxKbfhIYEqtdGI3v9oskgfbzgMOqUxOSCXhwv5D/tH5PgDLnulOKRXpFVDf
ZU4oBofEqJp29Fy4dH8JPLZv4THdSWYidMpYApY3TYA7OPvFj5pSljbmgZE=
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:05:39 2024 by rpki-client on console-ams.rpki-client.org