Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ae7fd512-be39-49fd-a290-231494080d7f.roa
File:                     ae7fd512-be39-49fd-a290-231494080d7f.roa (raw, json)
Hash identifier:          DLLR0t/FMDRkmcCT+RoOthKfrHCTo14WkyV7uDXh4FE=
Subject key identifier:   39:17:41:59:05:10:95:65:67:37:75:7B:2D:16:68:6A:AD:DE:35:47
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       140A0E2AC8471BA1EDFAC7395A08A1038564F3D2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ae7fd512-be39-49fd-a290-231494080d7f.roa
Signing time:             Wed 30 Oct 2024 00:00:00 +0000
ROA not before:           Wed 30 Oct 2024 00:00:00 +0000
ROA not after:            Wed 04 Dec 2024 23:59:59 +0000
asID:                     14618
IP address blocks:        40.165.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 23 Nov 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:0a:0e:2a:c8:47:1b:a1:ed:fa:c7:39:5a:08:a1:03:85:64:f3:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 30 00:00:00 2024 GMT
            Not After : Dec  4 23:59:59 2024 GMT
        Subject: serialNumber=127308948ad6ea3747cd81442e9443dacd5a2938baa355a0c0698ab504bed728, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:8c:05:9f:dc:1f:d0:7a:c7:a5:48:a3:e9:ec:
                    a3:85:14:bf:15:97:f8:25:03:95:f6:c5:f0:cd:b6:
                    a6:6c:ad:35:d6:8b:5d:26:d2:84:6e:af:6a:1c:06:
                    66:cf:90:ae:0e:22:f8:96:e0:e1:81:4b:48:30:f7:
                    8a:ce:08:23:00:3a:2c:b7:e0:1f:93:f5:63:b6:58:
                    0a:0b:60:64:7a:dc:50:bf:16:50:55:b5:82:4b:7e:
                    c1:6f:a0:af:b0:a6:26:04:4e:cc:a1:e1:b3:ee:86:
                    d3:b6:7f:52:7e:73:db:4a:d4:8b:bc:23:db:bd:4d:
                    f0:dc:63:f9:55:65:02:54:82:fa:a4:96:45:3c:68:
                    29:3b:81:f9:94:d4:dc:90:fb:19:ff:9a:a1:37:94:
                    f0:da:3f:9b:b5:15:89:fc:ce:fb:85:82:19:4f:fa:
                    90:1c:86:3a:12:9b:fb:68:05:1c:48:33:ee:96:0c:
                    e4:dc:50:a4:c4:c7:95:40:21:7b:33:85:85:e5:24:
                    f5:79:a7:e1:0c:b0:9d:26:04:17:48:9b:c4:7d:22:
                    c6:fa:b0:c3:52:9d:e3:56:16:fc:65:10:4f:c7:42:
                    63:c1:93:9a:ea:5d:e0:39:20:10:c6:45:03:33:c7:
                    9c:d6:33:06:f6:fe:7f:9e:6d:c2:af:96:af:1f:0a:
                    0b:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:17:41:59:05:10:95:65:67:37:75:7B:2D:16:68:6A:AD:DE:35:47
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ae7fd512-be39-49fd-a290-231494080d7f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  40.165.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         60:b9:d8:f2:3f:64:00:bb:b8:26:b4:e7:d9:4e:6b:ef:3a:ed:
         92:e5:b4:2c:d9:c5:35:03:4a:59:ec:d5:7d:6b:f4:72:4f:8c:
         46:3d:de:0e:36:cf:e7:fe:ff:fc:45:68:c5:03:4c:b4:ff:89:
         64:24:1b:2f:cf:26:3d:a7:e4:0d:cc:d2:30:b3:ab:b6:fa:dc:
         da:6a:51:05:b4:f4:30:25:48:d3:14:29:86:fd:93:36:b6:da:
         4c:d0:b2:36:81:3c:2c:fa:9c:e9:14:fe:af:11:29:07:58:ce:
         ea:4d:a1:8b:1e:73:50:4f:c9:2d:5d:d6:c0:27:84:e7:7b:cb:
         16:06:87:0b:b1:49:bc:09:ad:c3:44:10:56:87:1f:ed:e5:34:
         bf:bd:49:46:80:ae:b2:c2:68:ee:93:af:26:45:67:71:14:10:
         00:e2:ce:ac:31:53:a5:15:b5:b4:09:70:74:4f:0f:0e:51:81:
         5c:dc:d9:e5:a0:fe:9c:52:70:47:e0:27:f5:84:ea:5d:72:62:
         20:e6:de:f3:63:80:3f:07:f5:2e:8d:e0:2c:55:47:cd:a9:62:
         f6:a8:83:16:b7:7a:81:c4:1b:49:12:80:e2:20:de:f8:63:b2:
         0c:44:58:64:08:58:e2:28:4c:3f:1d:55:ff:c0:ee:48:fc:c6:
         31:48:6a:9d
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUFAoOKshHG6Ht+sc5WgihA4Vk89IwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMDMwMDAwMDAwWhcNMjQxMjA0MjM1OTU5
WjB6MUkwRwYDVQQFE0AxMjczMDg5NDhhZDZlYTM3NDdjZDgxNDQyZTk0NDNkYWNk
NWEyOTM4YmFhMzU1YTBjMDY5OGFiNTA0YmVkNzI4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC5jAWf3B/QeselSKPp7KOFFL8Vl/glA5X2xfDNtqZsrTXW
i10m0oRur2ocBmbPkK4OIviW4OGBS0gw94rOCCMAOiy34B+T9WO2WAoLYGR63FC/
FlBVtYJLfsFvoK+wpiYETsyh4bPuhtO2f1J+c9tK1Iu8I9u9TfDcY/lVZQJUgvqk
lkU8aCk7gfmU1NyQ+xn/mqE3lPDaP5u1FYn8zvuFghlP+pAchjoSm/toBRxIM+6W
DOTcUKTEx5VAIXszhYXlJPV5p+EMsJ0mBBdIm8R9Isb6sMNSneNWFvxlEE/HQmPB
k5rqXeA5IBDGRQMzx5zWMwb2/n+ebcKvlq8fCgtZAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUORdBWQUQlWVnN3V7LRZoaq3eNUcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2FlN2ZkNTEyLWJlMzktNDlmZC1hMjkwLTIzMTQ5NDA4MGQ3Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAopTANBgkqhkiG9w0BAQsFAAOCAQEAYLnY8j9kALu4JrTn2U5r7zrtkuW0
LNnFNQNKWezVfWv0ck+MRj3eDjbP5/7//EVoxQNMtP+JZCQbL88mPafkDczSMLOr
tvrc2mpRBbT0MCVI0xQphv2TNrbaTNCyNoE8LPqc6RT+rxEpB1jO6k2hix5zUE/J
LV3WwCeE53vLFgaHC7FJvAmtw0QQVocf7eU0v71JRoCussJo7pOvJkVncRQQAOLO
rDFTpRW1tAlwdE8PDlGBXNzZ5aD+nFJwR+An9YTqXXJiIObe82OAPwf1Lo3gLFVH
zali9qiDFrd6gcQbSRKA4iDe+GOyDERYZAhY4ihMPx1V/8DuSPzGMUhqnQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 01:34:23 2024 by rpki-client on console-ams.rpki-client.org