Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a7394021-9836-482a-9aee-b9491cee84b5.roa
File:                     a7394021-9836-482a-9aee-b9491cee84b5.roa (raw, json)
Hash identifier:          /2zotj/o/vO+XrodZZJd2wVGmZxn30kvKKm+kzhTPTo=
Subject key identifier:   C8:FB:EE:5E:38:18:FB:4A:ED:75:6E:DC:FE:5C:98:81:37:0D:F7:D4
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       17764CE27F40F9F0D4DECEDCFD5739276E66F3E6
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a7394021-9836-482a-9aee-b9491cee84b5.roa
Signing time:             Tue 05 Nov 2024 00:00:00 +0000
ROA not before:           Tue 05 Nov 2024 00:00:00 +0000
ROA not after:            Tue 10 Dec 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        99.150.104.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Dec 2024 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            17:76:4c:e2:7f:40:f9:f0:d4:de:ce:dc:fd:57:39:27:6e:66:f3:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  5 00:00:00 2024 GMT
            Not After : Dec 10 23:59:59 2024 GMT
        Subject: serialNumber=6bc01bb071fcee59bfb932e602761124e19a6d1e43cc1cb86d04f74ab2583abc, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:7e:bd:24:4f:f2:4d:bd:de:fe:c2:69:ce:91:
                    2c:9b:bf:a1:63:04:25:c1:96:21:42:58:d9:d8:d7:
                    cc:e9:9d:dd:f2:39:87:d5:5b:bb:88:8f:cc:36:6e:
                    14:61:47:ce:cd:09:98:3c:f3:ec:95:25:59:1b:a9:
                    22:7b:ee:7c:cc:82:c7:fb:36:c1:d0:2e:88:4b:c7:
                    08:65:28:c3:3b:f4:26:e6:09:cc:58:cd:00:34:ac:
                    56:a1:a5:cd:b5:c0:ee:73:71:18:df:41:79:16:aa:
                    ee:73:c3:f4:d7:8f:b8:23:e4:14:83:77:9f:20:38:
                    98:59:15:10:1a:97:98:ac:d3:b0:52:db:4e:96:9c:
                    fd:44:7c:11:42:d3:ae:54:db:a6:5c:ed:86:da:3f:
                    bd:b7:35:3c:8e:10:b0:54:ec:09:75:61:fd:97:fd:
                    bb:e5:70:9c:bd:8d:9a:a3:ad:00:a7:e4:c6:30:72:
                    da:d4:8f:a1:1e:5c:62:70:c4:03:cb:cb:99:4d:89:
                    49:58:80:16:3c:c5:cd:bf:64:d4:77:e3:80:ad:1e:
                    b3:2f:97:8f:36:9b:fa:2b:75:28:b2:fe:1b:45:b2:
                    f3:dc:cd:ca:69:ad:07:3b:9e:d6:3a:11:6f:23:f1:
                    6b:1b:2a:ee:c1:aa:47:50:ca:c2:9b:12:87:b6:3b:
                    40:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:FB:EE:5E:38:18:FB:4A:ED:75:6E:DC:FE:5C:98:81:37:0D:F7:D4
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a7394021-9836-482a-9aee-b9491cee84b5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.150.104.0/21

    Signature Algorithm: sha256WithRSAEncryption
         49:a7:ed:5e:9a:74:1a:49:b6:8e:ee:80:ca:f9:3b:2e:b2:7c:
         ac:0c:71:6b:8d:0e:2b:35:68:20:3c:7d:dc:18:a3:c8:77:55:
         81:ff:0b:1f:9b:cb:c4:fa:a8:79:18:e6:22:b6:f2:a2:60:e7:
         13:bd:6b:53:c1:ab:67:71:ca:6a:05:66:71:54:8a:d3:10:6c:
         27:b9:15:f5:03:59:9d:dd:d8:36:61:16:fd:d4:81:82:b5:c1:
         8b:a6:f3:c5:ec:a7:79:b1:63:00:f7:f8:9b:52:b1:40:c5:46:
         79:9d:8e:1d:82:cf:47:f2:5e:f3:68:e4:71:96:c4:35:fc:a0:
         89:03:3c:00:71:5f:42:16:09:5a:d9:d6:3a:3a:9d:26:01:0d:
         0b:cd:f2:ad:3a:18:0d:b6:ac:63:3f:54:34:fc:f7:99:3f:9b:
         c4:a5:4f:cc:50:31:26:06:df:99:ef:d5:b4:fc:c2:fc:5a:fe:
         9c:ef:b7:41:fa:f5:54:21:3b:0a:cf:13:5e:99:14:f9:95:ef:
         db:0f:d7:6d:32:82:98:52:55:d7:80:4b:fe:0b:3b:1d:6a:9a:
         8b:4e:43:b1:19:9b:71:6a:7f:f8:0c:79:f3:65:9a:63:1f:6b:
         63:8d:79:8a:3d:af:4e:da:5e:d3:58:57:bf:1f:05:ef:1c:98:
         b3:d0:18:f5
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUF3ZM4n9A+fDU3s7c/Vc5J25m8+YwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMTA1MDAwMDAwWhcNMjQxMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A2YmMwMWJiMDcxZmNlZTU5YmZiOTMyZTYwMjc2MTEyNGUx
OWE2ZDFlNDNjYzFjYjg2ZDA0Zjc0YWIyNTgzYWJjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCWfr0kT/JNvd7+wmnOkSybv6FjBCXBliFCWNnY18zpnd3y
OYfVW7uIj8w2bhRhR87NCZg88+yVJVkbqSJ77nzMgsf7NsHQLohLxwhlKMM79Cbm
CcxYzQA0rFahpc21wO5zcRjfQXkWqu5zw/TXj7gj5BSDd58gOJhZFRAal5is07BS
206WnP1EfBFC065U26Zc7YbaP723NTyOELBU7Al1Yf2X/bvlcJy9jZqjrQCn5MYw
ctrUj6EeXGJwxAPLy5lNiUlYgBY8xc2/ZNR344CtHrMvl482m/ordSiy/htFsvPc
zcpprQc7ntY6EW8j8WsbKu7BqkdQysKbEoe2O0DFAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUyPvuXjgY+0rtdW7c/lyYgTcN99QwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E3Mzk0MDIxLTk4MzYtNDgyYS05YWVlLWI5NDkxY2VlODRiNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANjlmgwDQYJKoZIhvcNAQELBQADggEBAEmn7V6adBpJto7ugMr5Oy6yfKwM
cWuNDis1aCA8fdwYo8h3VYH/Cx+by8T6qHkY5iK28qJg5xO9a1PBq2dxymoFZnFU
itMQbCe5FfUDWZ3d2DZhFv3UgYK1wYum88Xsp3mxYwD3+JtSsUDFRnmdjh2Cz0fy
XvNo5HGWxDX8oIkDPABxX0IWCVrZ1jo6nSYBDQvN8q06GA22rGM/VDT895k/m8Sl
T8xQMSYG35nv1bT8wvxa/pzvt0H69VQhOwrPE16ZFPmV79sP120ygphSVdeAS/4L
Ox1qmotOQ7EZm3Fqf/gMefNlmmMfa2ONeYo9r07aXtNYV78fBe8cmLPQGPU=
-----END CERTIFICATE-----
Generated at Sun Dec 1 03:30:40 2024 by rpki-client on console-ams.rpki-client.org