Route Origin Authorization 

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9e1dac0e-397d-4118-877c-faab44e55c10.roa
File:                     9e1dac0e-397d-4118-877c-faab44e55c10.roa (raw, json)
Hash identifier:          tYFbFqXoIUAdf57/1uq3v8prZ7bNp7k9Cg1ExFQXeto=
Subject key identifier:   68:D2:E1:D2:36:3B:C1:08:25:CE:3A:9D:3B:68:72:BE:C7:3D:AE:91
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       577E9D0BD264DD70B40C3D563270BC25813B79AF
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9e1dac0e-397d-4118-877c-faab44e55c10.roa
Signing time:             Fri 01 Nov 2024 00:00:00 +0000
ROA not before:           Fri 01 Nov 2024 00:00:00 +0000
ROA not after:            Fri 06 Dec 2024 23:59:59 +0000
asID:                     14618
IP address blocks:        40.216.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 23 Nov 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:7e:9d:0b:d2:64:dd:70:b4:0c:3d:56:32:70:bc:25:81:3b:79:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  1 00:00:00 2024 GMT
            Not After : Dec  6 23:59:59 2024 GMT
        Subject: serialNumber=dd1b343277ca77c928f2e72155b2ed63ee0286a16c98bde795d4112a5205afdb, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:3f:1b:0f:bc:be:75:87:51:1d:e6:3e:95:07:
                    b1:6a:f8:44:cc:f0:da:f2:51:c3:c1:ca:4f:d8:ab:
                    65:05:3f:11:e9:b1:4c:ca:bd:dc:25:ec:01:70:0b:
                    d9:0b:fd:60:7d:6f:29:4f:7c:00:82:50:4c:93:32:
                    3b:9c:e4:96:36:a7:dc:63:7d:d3:20:19:90:4f:e2:
                    a6:2e:8d:30:48:cb:b9:e0:e1:a8:e1:30:bf:61:c1:
                    db:70:65:7d:45:19:b2:f7:67:12:99:45:55:8d:bb:
                    22:72:44:db:55:1f:e7:2c:83:b3:85:c2:53:8f:6f:
                    9b:99:cb:4c:09:1d:c9:b7:1b:9d:67:df:9e:30:92:
                    6f:59:a9:5c:09:78:45:83:ac:e0:31:8a:0a:e5:d9:
                    ad:dc:5e:40:1e:0e:11:42:60:58:ef:37:b8:12:3b:
                    51:ff:98:9a:5a:52:53:2b:a7:bf:bd:c5:8f:85:43:
                    48:54:7c:88:40:43:6a:5e:18:cd:5f:c5:fd:94:0f:
                    98:17:3c:b7:b7:ed:67:53:29:c1:12:35:35:74:6a:
                    41:d0:33:84:27:97:65:00:7e:7d:6d:32:d9:d3:31:
                    9a:74:23:43:ca:cf:e4:f0:db:b1:7c:9b:e7:41:d0:
                    b1:d9:e7:1d:ea:ae:25:68:fa:5c:b1:61:69:dd:9c:
                    10:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:D2:E1:D2:36:3B:C1:08:25:CE:3A:9D:3B:68:72:BE:C7:3D:AE:91
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9e1dac0e-397d-4118-877c-faab44e55c10.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  40.216.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         b5:77:2e:97:8c:52:88:e3:d3:b8:c1:f0:34:ea:1b:79:63:1b:
         e4:85:f9:f2:d7:be:70:95:b9:9f:2e:6d:94:75:b8:55:76:3e:
         cf:ce:bb:63:31:8b:d9:43:1c:2a:8f:97:4e:6c:f4:61:b0:6a:
         64:e3:88:a0:3f:0a:05:4f:e2:15:d0:61:56:89:02:61:36:86:
         78:ab:73:5a:71:d4:2a:f0:fd:c7:10:18:9d:40:38:12:da:6d:
         23:d2:72:2d:ca:3e:3a:27:2c:67:ed:85:13:d2:d3:64:c0:5f:
         8d:46:8b:63:c5:6b:d6:76:cd:ec:bc:4c:15:db:b9:3c:72:48:
         c2:b4:0d:fe:9f:42:30:20:af:f0:ea:7b:14:de:4c:25:6c:bb:
         79:03:bc:0c:25:0e:4e:3b:b7:8c:c2:69:8b:e3:c5:1a:43:9c:
         33:09:19:9c:f6:3b:14:11:ba:13:f2:1b:4f:e4:d2:02:3c:87:
         96:97:3f:dc:b7:c5:1f:c2:85:3f:ab:fe:db:77:ff:ae:9f:41:
         37:6e:5f:6f:aa:48:17:41:b0:e7:80:f3:0b:ff:4b:53:90:dd:
         f9:e0:ff:fb:43:bb:fe:78:75:c2:ee:b4:b5:95:75:57:69:d6:
         e3:ce:3e:ab:c4:1b:f7:dc:5d:4c:63:29:5c:33:75:ef:0f:3b:
         74:b7:53:cf
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUV36dC9Jk3XC0DD1WMnC8JYE7ea8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMTAxMDAwMDAwWhcNMjQxMjA2MjM1OTU5
WjB6MUkwRwYDVQQFE0BkZDFiMzQzMjc3Y2E3N2M5MjhmMmU3MjE1NWIyZWQ2M2Vl
MDI4NmExNmM5OGJkZTc5NWQ0MTEyYTUyMDVhZmRiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCXPxsPvL51h1Ed5j6VB7Fq+ETM8NryUcPByk/Yq2UFPxHp
sUzKvdwl7AFwC9kL/WB9bylPfACCUEyTMjuc5JY2p9xjfdMgGZBP4qYujTBIy7ng
4ajhML9hwdtwZX1FGbL3ZxKZRVWNuyJyRNtVH+csg7OFwlOPb5uZy0wJHcm3G51n
354wkm9ZqVwJeEWDrOAxigrl2a3cXkAeDhFCYFjvN7gSO1H/mJpaUlMrp7+9xY+F
Q0hUfIhAQ2peGM1fxf2UD5gXPLe37WdTKcESNTV0akHQM4Qnl2UAfn1tMtnTMZp0
I0PKz+Tw27F8m+dB0LHZ5x3qriVo+lyxYWndnBAhAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUaNLh0jY7wQglzjqdO2hyvsc9rpEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzllMWRhYzBlLTM5N2QtNDExOC04NzdjLWZhYWI0NGU1NWMxMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAo2DANBgkqhkiG9w0BAQsFAAOCAQEAtXcul4xSiOPTuMHwNOobeWMb5IX5
8te+cJW5ny5tlHW4VXY+z867YzGL2UMcKo+XTmz0YbBqZOOIoD8KBU/iFdBhVokC
YTaGeKtzWnHUKvD9xxAYnUA4EtptI9JyLco+OicsZ+2FE9LTZMBfjUaLY8Vr1nbN
7LxMFdu5PHJIwrQN/p9CMCCv8Op7FN5MJWy7eQO8DCUOTju3jMJpi+PFGkOcMwkZ
nPY7FBG6E/IbT+TSAjyHlpc/3LfFH8KFP6v+23f/rp9BN25fb6pIF0Gw54DzC/9L
U5Dd+eD/+0O7/nh1wu60tZV1V2nW484+q8Qb99xdTGMpXDN17w87dLdTzw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:19 2024 by rpki-client on console-fra.rpki-client.org