Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a8a0b27e-fd89-434f-84c1-93cf4c39cad8.roa
File:                     a8a0b27e-fd89-434f-84c1-93cf4c39cad8.roa (raw, json)
Hash identifier:          822dMdmsNJZE++hPqIGoOXREG5XjYZN0KAFkLn/0SDM=
Subject key identifier:   B2:83:EE:0B:E5:7B:D9:6F:D4:FC:77:E1:76:82:27:47:3C:86:3F:A1
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       217C5BF7DA3A4FD78F8E3257FCB1D031A2E8E69E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a8a0b27e-fd89-434f-84c1-93cf4c39cad8.roa
Signing time:             Mon 18 Mar 2024 00:00:00 +0000
ROA not before:           Mon 18 Mar 2024 00:00:00 +0000
ROA not after:            Mon 22 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        75.101.128.0/17 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:7c:5b:f7:da:3a:4f:d7:8f:8e:32:57:fc:b1:d0:31:a2:e8:e6:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 18 00:00:00 2024 GMT
            Not After : Apr 22 23:59:59 2024 GMT
        Subject: serialNumber=898b2de9ce65e3b082299e8d4da0017eb346c766714f973a63437ebc1cc10d0c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:d9:31:7f:ac:80:e5:15:e8:e4:d5:90:c4:41:
                    5e:79:31:6f:8a:11:53:b9:7a:20:b8:a9:99:cd:8a:
                    95:0a:28:f5:bf:c6:09:b4:cb:36:ca:cb:99:73:fe:
                    c7:b3:38:25:d3:16:e5:90:a5:aa:dc:e5:62:b5:1d:
                    33:f2:58:01:ab:0b:db:9b:0d:e3:63:53:8d:6c:87:
                    bd:e1:8c:d5:09:bb:97:2b:5e:5f:20:3d:f2:7c:9c:
                    61:e3:a3:8f:ba:85:a2:11:d6:c5:e0:58:5b:e4:4f:
                    18:5e:c5:14:2f:89:de:2d:d1:34:dd:74:eb:19:91:
                    81:f2:57:68:59:45:f3:2d:2d:07:05:6a:6d:c1:84:
                    b7:71:72:24:47:fc:2b:2e:a7:d1:f0:bf:99:29:d4:
                    ef:e0:1b:7e:98:8a:31:b4:ff:aa:e3:89:1a:d6:f4:
                    47:39:95:bb:10:7a:db:94:6d:00:89:0a:1b:38:16:
                    b1:08:a9:64:a6:4c:49:7f:75:ec:4f:72:49:95:1e:
                    0a:68:f0:32:6b:b8:a4:bc:9b:70:05:0c:8f:a4:06:
                    bb:af:78:73:cf:2c:14:e8:24:6f:b9:66:f1:33:3a:
                    16:fe:8b:d6:78:43:41:1f:e3:e0:4e:a4:22:01:e5:
                    e0:7c:a9:8b:21:c0:c7:15:75:51:1c:a5:50:91:ce:
                    6e:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:83:EE:0B:E5:7B:D9:6F:D4:FC:77:E1:76:82:27:47:3C:86:3F:A1
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a8a0b27e-fd89-434f-84c1-93cf4c39cad8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  75.101.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         bf:09:44:2f:23:ba:88:0c:6c:9e:d7:e9:7b:d8:6f:e7:e7:bc:
         ea:eb:71:65:44:89:ad:aa:19:b7:c5:a3:50:4a:70:d2:4c:19:
         aa:1b:4f:11:4e:d0:76:65:97:62:cc:bd:7d:b4:10:4b:7d:e4:
         bc:66:17:16:83:e6:e2:77:ac:6d:a6:b2:2f:a5:a3:f0:e7:15:
         98:f8:b7:91:c5:1d:1c:41:b0:c6:02:1c:4d:34:bc:45:26:1c:
         ac:6d:71:24:ea:30:eb:45:f0:4f:f5:ce:d9:c2:53:1b:cd:7f:
         4c:b5:5b:f9:98:9c:8f:85:f1:ab:43:2c:6d:4b:97:b5:ab:2f:
         5b:19:5f:de:17:aa:8a:ca:72:d7:97:1b:4b:ba:46:53:2d:b2:
         22:94:a4:81:2c:cc:f8:77:2e:ca:29:a8:b9:c2:aa:62:1b:47:
         ad:12:af:ac:46:81:da:37:53:ab:4c:50:34:60:10:7b:57:dd:
         97:1b:28:52:8b:45:3e:60:1b:d8:49:50:1a:55:75:d1:77:ed:
         60:06:fa:1b:70:73:31:d6:be:e5:69:a9:ac:57:b5:1b:92:ae:
         ae:47:b6:eb:19:4a:17:e2:62:6e:a3:53:e6:0b:5c:24:28:99:
         93:64:b1:a3:5f:3d:2f:29:bc:3a:b1:fe:73:d3:fb:9f:64:02:
         ca:af:39:8d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIXxb99o6T9ePjjJX/LHQMaLo5p4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE4MDAwMDAwWhcNMjQwNDIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A4OThiMmRlOWNlNjVlM2IwODIyOTllOGQ0ZGEwMDE3ZWIz
NDZjNzY2NzE0Zjk3M2E2MzQzN2ViYzFjYzEwZDBjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCx2TF/rIDlFejk1ZDEQV55MW+KEVO5eiC4qZnNipUKKPW/
xgm0yzbKy5lz/sezOCXTFuWQparc5WK1HTPyWAGrC9ubDeNjU41sh73hjNUJu5cr
Xl8gPfJ8nGHjo4+6haIR1sXgWFvkTxhexRQvid4t0TTddOsZkYHyV2hZRfMtLQcF
am3BhLdxciRH/Csup9Hwv5kp1O/gG36YijG0/6rjiRrW9Ec5lbsQetuUbQCJChs4
FrEIqWSmTEl/dexPckmVHgpo8DJruKS8m3AFDI+kBruveHPPLBToJG+5ZvEzOhb+
i9Z4Q0Ef4+BOpCIB5eB8qYshwMcVdVEcpVCRzm5DAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUsoPuC+V72W/U/HfhdoInRzyGP6EwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E4YTBiMjdlLWZkODktNDM0Zi04NGMxLTkzY2Y0YzM5Y2FkOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAdLZYAwDQYJKoZIhvcNAQELBQADggEBAL8JRC8juogMbJ7X6XvYb+fnvOrr
cWVEia2qGbfFo1BKcNJMGaobTxFO0HZll2LMvX20EEt95LxmFxaD5uJ3rG2msi+l
o/DnFZj4t5HFHRxBsMYCHE00vEUmHKxtcSTqMOtF8E/1ztnCUxvNf0y1W/mYnI+F
8atDLG1Ll7WrL1sZX94XqorKcteXG0u6RlMtsiKUpIEszPh3LsopqLnCqmIbR60S
r6xGgdo3U6tMUDRgEHtX3ZcbKFKLRT5gG9hJUBpVddF37WAG+htwczHWvuVpqaxX
tRuSrq5HtusZShfiYm6jU+YLXCQomZNksaNfPS8pvDqx/nPT+59kAsqvOY0=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:37:16 2024 by rpki-client on console-fra.rpki-client.org