Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a7394021-9836-482a-9aee-b9491cee84b5.roa
File:                     a7394021-9836-482a-9aee-b9491cee84b5.roa (raw, json)
Hash identifier:          soE7QcOUJQ0cxr+4JC+VksYkY+fK9y51ROZqoWSq8rk=
Subject key identifier:   58:6F:67:0F:89:13:53:3B:20:B4:79:04:2B:77:AC:8B:F1:54:18:9A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0EC69941B233676162F05ED3F3861FD3E3E472CB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a7394021-9836-482a-9aee-b9491cee84b5.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        99.150.104.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:c6:99:41:b2:33:67:61:62:f0:5e:d3:f3:86:1f:d3:e3:e4:72:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=b481135ddc4cddc5a5d73babd2ad0a5468929930cf78e15dbe08199517a12a04, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:2b:a7:1e:f7:5c:76:10:9e:e6:52:10:25:6b:
                    50:a4:23:76:c0:2c:d9:09:18:73:a2:2f:50:49:53:
                    07:d9:d0:fc:ce:22:80:dc:15:c3:8f:5b:45:cb:48:
                    9f:10:6b:b8:b1:89:76:1f:b3:b6:b0:b7:73:cb:54:
                    0a:2b:b3:84:3f:1c:00:76:10:d2:98:d6:aa:68:9c:
                    14:4e:d7:7d:6e:7f:96:5f:b0:1f:c7:ea:f2:18:d9:
                    ce:5b:cd:21:52:c1:f9:80:5c:8b:14:cd:24:84:55:
                    76:65:8d:ce:67:f0:ef:6b:37:f6:76:81:2b:28:fc:
                    bf:87:19:41:55:ca:d4:5d:1d:8a:8b:35:b3:26:66:
                    7d:20:5b:50:e6:cd:3e:ff:f6:00:e0:f1:d0:a5:82:
                    e4:8f:cf:95:d9:97:45:26:54:4d:fc:32:60:7d:8a:
                    e4:30:30:1b:ed:31:cf:03:2f:36:18:07:f7:64:97:
                    50:29:09:c6:5e:9a:d4:47:7c:de:c0:16:cd:5d:15:
                    63:f8:01:46:c3:dc:36:a8:58:ea:08:80:50:4c:fd:
                    ee:3c:4a:a5:9a:c1:60:8e:ac:82:5a:de:0d:e5:0d:
                    c5:9a:7a:f6:50:76:c1:95:ed:d3:91:90:0d:53:41:
                    73:f0:ac:b8:1e:2c:89:cb:b3:49:e0:ac:bc:db:2a:
                    fd:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:6F:67:0F:89:13:53:3B:20:B4:79:04:2B:77:AC:8B:F1:54:18:9A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a7394021-9836-482a-9aee-b9491cee84b5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.150.104.0/21

    Signature Algorithm: sha256WithRSAEncryption
         3c:d5:ff:f5:6a:57:1a:ac:71:e3:94:15:35:81:a2:ed:ed:c4:
         1c:74:ab:83:0d:af:95:c4:de:f6:71:d6:44:97:74:e8:84:53:
         95:b7:16:7e:9d:0b:8e:83:90:82:44:d3:4c:80:db:44:aa:de:
         aa:77:41:1e:02:87:5a:f3:f8:d9:d8:18:92:40:c3:7c:14:fd:
         95:5c:2d:2b:93:8d:34:22:56:a7:7f:29:dc:81:31:ed:a8:19:
         5d:4b:f9:ee:ec:82:eb:c4:78:3b:79:72:77:f6:95:0b:66:06:
         a9:76:fb:1e:0b:03:8e:5f:8a:0b:dd:09:8f:0e:9d:b4:c1:b9:
         f8:6b:bf:78:30:3c:90:d8:3a:19:9f:65:5b:26:e0:8e:8a:e1:
         ea:b1:b1:6c:e4:13:e8:af:52:b3:c8:10:cb:55:2d:15:92:c5:
         9b:8a:f7:ad:98:e9:47:06:9f:95:56:1e:72:6e:d0:fd:3b:0f:
         1b:20:6d:8a:b6:41:ac:eb:94:f4:82:77:07:34:04:5a:dd:61:
         e3:24:6d:9b:23:3c:81:8d:81:78:f0:fb:2c:f0:f2:51:2e:c4:
         59:d5:fc:be:9d:4d:7f:64:e6:5d:ff:aa:ea:48:ee:c6:e1:e0:
         a3:74:af:2a:de:f7:83:27:b8:2b:ba:09:d2:9f:ab:14:36:a3:
         c7:9b:d9:56
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDsaZQbIzZ2Fi8F7T84Yf0+PkcsswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BiNDgxMTM1ZGRjNGNkZGM1YTVkNzNiYWJkMmFkMGE1NDY4
OTI5OTMwY2Y3OGUxNWRiZTA4MTk5NTE3YTEyYTA0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDHK6ce91x2EJ7mUhAla1CkI3bALNkJGHOiL1BJUwfZ0PzO
IoDcFcOPW0XLSJ8Qa7ixiXYfs7awt3PLVAors4Q/HAB2ENKY1qponBRO131uf5Zf
sB/H6vIY2c5bzSFSwfmAXIsUzSSEVXZljc5n8O9rN/Z2gSso/L+HGUFVytRdHYqL
NbMmZn0gW1DmzT7/9gDg8dClguSPz5XZl0UmVE38MmB9iuQwMBvtMc8DLzYYB/dk
l1ApCcZemtRHfN7AFs1dFWP4AUbD3DaoWOoIgFBM/e48SqWawWCOrIJa3g3lDcWa
evZQdsGV7dORkA1TQXPwrLgeLInLs0ngrLzbKv03AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUWG9nD4kTUzsgtHkEK3esi/FUGJowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E3Mzk0MDIxLTk4MzYtNDgyYS05YWVlLWI5NDkxY2VlODRiNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANjlmgwDQYJKoZIhvcNAQELBQADggEBADzV//VqVxqsceOUFTWBou3txBx0
q4MNr5XE3vZx1kSXdOiEU5W3Fn6dC46DkIJE00yA20Sq3qp3QR4Ch1rz+NnYGJJA
w3wU/ZVcLSuTjTQiVqd/KdyBMe2oGV1L+e7sguvEeDt5cnf2lQtmBql2+x4LA45f
igvdCY8OnbTBufhrv3gwPJDYOhmfZVsm4I6K4eqxsWzkE+ivUrPIEMtVLRWSxZuK
962Y6UcGn5VWHnJu0P07DxsgbYq2QazrlPSCdwc0BFrdYeMkbZsjPIGNgXjw+yzw
8lEuxFnV/L6dTX9k5l3/qupI7sbh4KN0ryre94MnuCu6CdKfqxQ2o8eb2VY=
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:05:41 2024 by rpki-client on console-ams.rpki-client.org