Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b588e310-7696-4fe1-8c8a-a648ec03d5c3.roa
File:                     b588e310-7696-4fe1-8c8a-a648ec03d5c3.roa (raw, json)
Hash identifier:          2lqNo4wcdcnRma91u2PywBXeaAt47g3S89+7MOLcL5A=
Subject key identifier:   31:B0:AC:F0:E7:FA:0B:CE:B8:7D:F2:83:62:5F:56:4E:59:BE:D7:CF
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       47A178947DF286443978090A382DB15A949FD717
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b588e310-7696-4fe1-8c8a-a648ec03d5c3.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        16.158.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:a1:78:94:7d:f2:86:44:39:78:09:0a:38:2d:b1:5a:94:9f:d7:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=8642ad20d7ed6cd1b00e612fcfeacddd201d4367b8d387ba3c0917600c543460, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:81:a2:ad:75:9f:15:1c:23:cd:7b:43:44:e1:
                    29:a0:c0:1e:14:ed:71:29:9f:95:f4:07:b7:55:34:
                    0f:c4:25:cf:3a:85:1e:6f:9d:7d:17:29:02:85:13:
                    ae:aa:e3:10:76:1a:3c:71:a9:d4:60:cd:80:9d:3f:
                    23:4a:b5:90:53:14:9f:b2:f3:a0:57:99:73:58:35:
                    2b:1b:2b:f3:ea:df:21:17:2e:7e:96:70:a7:42:5b:
                    72:94:39:e2:a8:93:70:50:3e:09:a0:30:30:88:d7:
                    f9:2f:77:a8:3b:d1:0a:ed:e2:98:6a:87:52:58:31:
                    bb:92:03:21:4b:2d:0e:3e:e2:54:e6:34:ca:65:0a:
                    e7:77:53:4c:ca:6c:36:19:b8:a1:72:5e:83:7a:6f:
                    c2:52:b9:ee:a9:55:dc:de:fe:38:4c:21:10:08:cc:
                    3f:1e:d5:67:d3:63:4b:e7:de:d0:be:89:30:90:3a:
                    ef:61:d0:60:7a:cf:b1:d1:bb:ba:92:74:6b:aa:df:
                    73:d3:a8:e3:14:27:ff:1a:ed:20:ce:c9:be:d5:54:
                    b3:31:03:84:1b:55:43:87:c6:53:00:c6:9f:00:58:
                    c2:94:ca:fb:22:4b:6c:20:f4:ce:2e:80:a6:b1:71:
                    43:a0:45:0e:cb:c4:29:08:72:6c:95:0c:e6:d6:48:
                    4c:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:B0:AC:F0:E7:FA:0B:CE:B8:7D:F2:83:62:5F:56:4E:59:BE:D7:CF
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b588e310-7696-4fe1-8c8a-a648ec03d5c3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.158.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         63:27:ab:0e:a1:0f:95:42:00:1f:d0:06:0f:a6:cf:a6:3f:8a:
         65:c3:97:4d:09:73:39:9d:a3:2e:75:5b:4c:f8:4d:96:fc:79:
         5d:c9:1c:13:5e:9b:1e:46:ce:cd:7f:db:95:1e:7a:48:b0:1a:
         27:95:6b:74:04:d6:f3:ec:e7:b9:a9:d1:31:b4:68:f7:d5:25:
         8c:b9:73:9d:e8:c5:22:94:f9:49:76:b6:59:a4:97:c1:7c:6e:
         f3:02:62:2a:e2:0d:b3:1f:f6:05:16:6a:bf:1f:40:81:32:5f:
         92:d3:70:23:b1:bc:5d:ea:54:6d:5e:56:e6:ce:5a:24:e3:94:
         b6:6b:d6:f3:e5:c2:42:60:21:b6:d0:01:d6:1a:69:df:77:b8:
         65:d8:18:fe:9f:a0:0f:a2:6c:6a:d2:a5:53:e5:aa:01:82:68:
         91:66:95:62:10:98:4a:e0:36:fa:6c:f3:cb:1b:f0:af:37:4f:
         4a:db:7c:cd:de:f8:b1:48:2f:22:a0:61:df:1e:09:95:ad:87:
         bf:db:9b:c5:a6:59:90:2e:e3:7d:30:f0:10:b3:3f:6e:72:94:
         a7:c5:a8:75:4d:1d:3f:6f:27:14:d1:64:4c:c4:2a:c5:7f:b8:
         00:3e:7a:62:c8:5f:9c:ed:94:ca:d4:1b:e4:4f:3c:44:32:ae:
         bd:fe:d4:64
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUR6F4lH3yhkQ5eAkKOC2xWpSf1xcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A4NjQyYWQyMGQ3ZWQ2Y2QxYjAwZTYxMmZjZmVhY2RkZDIw
MWQ0MzY3YjhkMzg3YmEzYzA5MTc2MDBjNTQzNDYwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDWgaKtdZ8VHCPNe0NE4SmgwB4U7XEpn5X0B7dVNA/EJc86
hR5vnX0XKQKFE66q4xB2GjxxqdRgzYCdPyNKtZBTFJ+y86BXmXNYNSsbK/Pq3yEX
Ln6WcKdCW3KUOeKok3BQPgmgMDCI1/kvd6g70Qrt4phqh1JYMbuSAyFLLQ4+4lTm
NMplCud3U0zKbDYZuKFyXoN6b8JSue6pVdze/jhMIRAIzD8e1WfTY0vn3tC+iTCQ
Ou9h0GB6z7HRu7qSdGuq33PTqOMUJ/8a7SDOyb7VVLMxA4QbVUOHxlMAxp8AWMKU
yvsiS2wg9M4ugKaxcUOgRQ7LxCkIcmyVDObWSEw3AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUMbCs8Of6C864ffKDYl9WTlm+188wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I1ODhlMzEwLTc2OTYtNGZlMS04YzhhLWE2NDhlYzAzZDVjMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQnjANBgkqhkiG9w0BAQsFAAOCAQEAYyerDqEPlUIAH9AGD6bPpj+KZcOX
TQlzOZ2jLnVbTPhNlvx5XckcE16bHkbOzX/blR56SLAaJ5VrdATW8+znuanRMbRo
99UljLlznejFIpT5SXa2WaSXwXxu8wJiKuINsx/2BRZqvx9AgTJfktNwI7G8XepU
bV5W5s5aJOOUtmvW8+XCQmAhttAB1hpp33e4ZdgY/p+gD6JsatKlU+WqAYJokWaV
YhCYSuA2+mzzyxvwrzdPStt8zd74sUgvIqBh3x4Jla2Hv9ubxaZZkC7jfTDwELM/
bnKUp8WodU0dP28nFNFkTMQqxX+4AD56YshfnO2UytQb5E88RDKuvf7UZA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:17:31 2024 by rpki-client on console-ams.rpki-client.org