Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/beb0af32-61c3-4bc0-bda5-bcc144dd8f91.roa
File:                     beb0af32-61c3-4bc0-bda5-bcc144dd8f91.roa (raw, json)
Hash identifier:          EdBX3Rj8+PS6jS3u0Lrb95wpm2BHVlt6gh01GkENn9g=
Subject key identifier:   DA:84:96:79:01:11:70:DE:83:D1:D2:65:1E:67:84:39:C8:87:D3:D6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0C971347EF12154CE26543F311E9F75892D400ED
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/beb0af32-61c3-4bc0-bda5-bcc144dd8f91.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        98.77.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:97:13:47:ef:12:15:4c:e2:65:43:f3:11:e9:f7:58:92:d4:00:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=7c757bb6203bddfaa601b853d66e702442f6567de89a0c9f74edc8bc2472710e, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:db:31:06:59:6d:65:5a:94:87:3f:4f:bf:ae:
                    51:81:6d:03:d7:1f:ab:cb:85:50:28:11:d1:a0:2f:
                    6f:14:99:1c:64:1a:a4:7a:c8:3d:7b:f1:21:66:9b:
                    83:36:8e:bb:c8:b7:9b:ae:df:67:ee:1d:c8:d4:60:
                    43:eb:1e:67:5b:4c:21:31:02:4c:c5:0d:84:63:8d:
                    6a:80:34:b1:09:32:bd:bc:e8:20:61:e4:ed:b9:36:
                    75:3e:a0:73:9a:04:50:25:cd:2f:12:c0:e9:b0:cc:
                    f2:66:91:72:be:71:7f:76:24:1e:36:2b:8f:90:d3:
                    7b:fd:4c:23:05:5d:db:8e:2c:02:8c:71:82:e5:d5:
                    1e:5d:d9:ac:09:e9:13:ed:1b:6f:60:a2:76:8f:7a:
                    d2:75:5d:25:dc:f4:ab:86:57:36:9a:01:c8:e6:0c:
                    e3:d8:9a:f4:ee:4c:bd:ed:2a:1b:c9:43:49:f1:d3:
                    e4:c5:b3:dc:02:7a:75:70:4b:ad:66:45:65:ec:24:
                    02:ae:62:ba:13:90:3b:a8:5d:80:55:0f:8e:5d:3c:
                    90:de:61:cb:d6:17:d7:1a:74:b9:28:a5:3d:dc:af:
                    7d:3b:b9:81:b4:b7:14:9e:1d:6a:a5:1e:b6:d1:5a:
                    03:eb:93:4e:34:43:d2:f4:bd:14:17:a1:ab:cf:f8:
                    2b:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:84:96:79:01:11:70:DE:83:D1:D2:65:1E:67:84:39:C8:87:D3:D6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/beb0af32-61c3-4bc0-bda5-bcc144dd8f91.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  98.77.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         a2:77:4b:c1:77:e5:c6:39:52:50:b2:ad:73:1b:63:19:d7:7d:
         63:da:77:d3:79:cb:42:25:5d:80:62:85:fc:72:80:16:ff:cf:
         90:d2:6b:ce:15:9b:3c:a1:a3:6d:d4:06:2a:0c:a1:9f:0b:6f:
         08:de:fb:c4:b4:62:36:87:ef:1a:67:a4:19:c5:c7:09:b0:e0:
         84:f1:f7:98:69:7b:60:19:a7:57:df:7a:2f:5c:10:8b:ed:60:
         d3:da:56:4e:8b:f2:11:ec:a3:8d:ab:fb:63:7d:c1:c7:3e:4d:
         0a:e9:5d:86:db:35:3e:d8:2b:18:cc:4f:7a:c8:02:9c:ac:b1:
         7a:52:ba:ab:c1:d6:3e:0b:9f:12:d5:6d:42:3c:e3:8e:e4:0a:
         a5:d3:2a:76:99:24:27:c5:82:41:d1:15:e5:29:49:9f:f1:59:
         da:59:19:8a:77:9e:fd:bd:a9:d4:ed:50:f9:b2:7f:04:d3:fe:
         ac:ae:f0:d0:cd:84:33:52:df:84:be:1a:29:7d:40:9b:38:6b:
         73:12:a5:0e:75:4c:27:e6:17:1e:a1:6a:5f:65:a5:84:49:71:
         e9:df:10:5b:7e:9e:1b:fa:9e:24:33:0b:a9:e4:f9:72:f0:bc:
         88:f6:04:bf:fc:03:0d:2a:c6:3f:b0:cc:a8:ca:bf:0d:9d:d3:
         50:9f:75:0b
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUDJcTR+8SFUziZUPzEen3WJLUAO0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A3Yzc1N2JiNjIwM2JkZGZhYTYwMWI4NTNkNjZlNzAyNDQy
ZjY1NjdkZTg5YTBjOWY3NGVkYzhiYzI0NzI3MTBlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCp2zEGWW1lWpSHP0+/rlGBbQPXH6vLhVAoEdGgL28UmRxk
GqR6yD178SFmm4M2jrvIt5uu32fuHcjUYEPrHmdbTCExAkzFDYRjjWqANLEJMr28
6CBh5O25NnU+oHOaBFAlzS8SwOmwzPJmkXK+cX92JB42K4+Q03v9TCMFXduOLAKM
cYLl1R5d2awJ6RPtG29gonaPetJ1XSXc9KuGVzaaAcjmDOPYmvTuTL3tKhvJQ0nx
0+TFs9wCenVwS61mRWXsJAKuYroTkDuoXYBVD45dPJDeYcvWF9cadLkopT3cr307
uYG0txSeHWqlHrbRWgPrk040Q9L0vRQXoavP+CtvAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU2oSWeQERcN6D0dJlHmeEOciH09YwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JlYjBhZjMyLTYxYzMtNGJjMC1iZGE1LWJjYzE0NGRkOGY5MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBiTTANBgkqhkiG9w0BAQsFAAOCAQEAondLwXflxjlSULKtcxtjGdd9Y9p3
03nLQiVdgGKF/HKAFv/PkNJrzhWbPKGjbdQGKgyhnwtvCN77xLRiNofvGmekGcXH
CbDghPH3mGl7YBmnV996L1wQi+1g09pWTovyEeyjjav7Y33Bxz5NCuldhts1Ptgr
GMxPesgCnKyxelK6q8HWPgufEtVtQjzjjuQKpdMqdpkkJ8WCQdEV5SlJn/FZ2lkZ
inee/b2p1O1Q+bJ/BNP+rK7w0M2EM1LfhL4aKX1AmzhrcxKlDnVMJ+YXHqFqX2Wl
hElx6d8QW36eG/qeJDMLqeT5cvC8iPYEv/wDDSrGP7DMqMq/DZ3TUJ91Cw==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:37:21 2024 by rpki-client on console-fra.rpki-client.org