Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c8a2e2a6-180a-4119-9dab-dc386bebfad1.roa
File:                     c8a2e2a6-180a-4119-9dab-dc386bebfad1.roa (raw, json)
Hash identifier:          5k4l763/X8j7/8H9j0l3jeFoMwbdVn1ZXOc0YKl1vJk=
Subject key identifier:   37:BF:0E:E7:AD:8D:F7:75:14:50:CB:38:B5:AB:62:CE:0A:40:AD:24
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       26133AE0BF20A8388C3A38B330B7CEB8E2BD1618
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c8a2e2a6-180a-4119-9dab-dc386bebfad1.roa
Signing time:             Mon 02 Dec 2024 00:00:00 +0000
ROA not before:           Mon 02 Dec 2024 00:00:00 +0000
ROA not after:            Mon 06 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.180.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 11 Dec 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:13:3a:e0:bf:20:a8:38:8c:3a:38:b3:30:b7:ce:b8:e2:bd:16:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec  2 00:00:00 2024 GMT
            Not After : Jan  6 23:59:59 2025 GMT
        Subject: serialNumber=4f519d5ea47b7faeefcd0ae9191c55b72bf4dd48910a8a425313ca5951545d60, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:ad:e6:4e:3f:54:34:9f:9a:c1:0a:cc:0f:a3:
                    ff:f4:c4:ed:2d:36:0f:05:f4:bd:c7:40:93:31:12:
                    1d:a1:86:4c:d8:d2:73:b1:0a:66:f6:70:0b:bc:61:
                    0d:46:cb:ef:0c:d6:3d:ff:09:c7:f4:c3:44:e3:1b:
                    ed:31:11:33:eb:1a:f4:c0:f4:13:e3:a1:f3:f3:9d:
                    91:ba:4a:41:de:fd:ac:46:45:e3:90:0a:bf:01:c4:
                    00:87:a6:9b:fb:d5:55:69:4e:70:b2:29:13:3c:85:
                    90:73:ff:4d:aa:12:8c:62:5a:d8:9a:44:40:53:63:
                    db:24:fc:8f:9e:ed:a2:f2:45:92:a0:df:8f:19:ca:
                    e0:52:36:ec:50:94:29:37:fd:6b:6f:d2:73:a8:b7:
                    07:38:1a:45:71:c1:f4:84:6c:66:73:04:05:e8:93:
                    93:31:8c:ff:b3:8e:2d:d9:d9:18:21:9a:b2:31:d2:
                    5b:f6:48:8f:e4:51:62:d0:73:4e:d5:b1:ee:9b:68:
                    5a:c9:4d:80:40:c8:1e:44:52:42:a2:e5:d0:ea:f6:
                    36:30:6a:a4:19:36:0b:01:c6:dc:bd:3f:6f:89:29:
                    cc:b6:87:58:0f:bd:76:d8:10:70:af:14:30:65:ad:
                    58:0d:c1:bd:ce:c3:83:e5:7d:e1:2d:ee:bb:8f:f6:
                    eb:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:BF:0E:E7:AD:8D:F7:75:14:50:CB:38:B5:AB:62:CE:0A:40:AD:24
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c8a2e2a6-180a-4119-9dab-dc386bebfad1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.180.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         c2:79:a7:e2:e8:84:31:e8:9b:d5:6c:9f:05:f3:b2:9f:e1:2d:
         07:d0:9f:1b:76:05:1f:10:de:17:f4:9c:4c:78:4b:e1:23:02:
         41:17:83:ff:56:0a:0d:87:79:48:ab:00:1d:a2:1f:3f:7f:75:
         e0:c0:b4:6a:e3:1c:ce:57:1e:e9:f5:df:b9:26:99:b1:b1:1a:
         2a:98:da:17:64:c1:7d:fe:39:06:fb:61:bf:7d:21:d8:48:db:
         d8:8e:a0:b4:48:8b:d5:1b:e8:a3:c0:59:5b:05:91:e8:80:61:
         46:60:78:47:f3:74:27:23:39:49:1e:45:31:97:70:f7:67:68:
         c5:b7:8a:37:39:85:f8:12:e2:73:95:7f:89:41:a8:9f:e3:c4:
         d7:98:5c:56:b2:de:b0:9d:c2:36:ef:ad:11:a1:8b:69:81:2d:
         96:cc:cc:0f:2d:90:82:ca:a7:4c:f1:92:c0:b8:d2:d4:55:66:
         54:3b:c9:93:98:2e:ed:f1:43:25:74:97:3b:50:cc:3c:bf:d1:
         7c:58:d6:70:95:0c:5a:78:ad:f7:52:b7:eb:77:6f:ec:76:a1:
         86:c7:4e:24:c7:56:c9:17:23:0e:50:6a:2c:33:e7:32:37:ce:
         53:b6:2a:91:17:c6:0b:18:ca:7f:e2:b5:8f:59:c1:f3:b8:09:
         00:3c:6d:52
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUJhM64L8gqDiMOjizMLfOuOK9FhgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAyMDAwMDAwWhcNMjUwMTA2MjM1OTU5
WjB6MUkwRwYDVQQFE0A0ZjUxOWQ1ZWE0N2I3ZmFlZWZjZDBhZTkxOTFjNTViNzJi
ZjRkZDQ4OTEwYThhNDI1MzEzY2E1OTUxNTQ1ZDYwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCSreZOP1Q0n5rBCswPo//0xO0tNg8F9L3HQJMxEh2hhkzY
0nOxCmb2cAu8YQ1Gy+8M1j3/Ccf0w0TjG+0xETPrGvTA9BPjofPznZG6SkHe/axG
ReOQCr8BxACHppv71VVpTnCyKRM8hZBz/02qEoxiWtiaREBTY9sk/I+e7aLyRZKg
348ZyuBSNuxQlCk3/Wtv0nOotwc4GkVxwfSEbGZzBAXok5MxjP+zji3Z2RghmrIx
0lv2SI/kUWLQc07Vse6baFrJTYBAyB5EUkKi5dDq9jYwaqQZNgsBxty9P2+JKcy2
h1gPvXbYEHCvFDBlrVgNwb3Ow4PlfeEt7ruP9utfAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUN78O562N93UUUMs4tatizgpArSQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M4YTJlMmE2LTE4MGEtNDExOS05ZGFiLWRjMzg2YmViZmFkMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQtDANBgkqhkiG9w0BAQsFAAOCAQEAwnmn4uiEMeib1WyfBfOyn+EtB9Cf
G3YFHxDeF/ScTHhL4SMCQReD/1YKDYd5SKsAHaIfP3914MC0auMczlce6fXfuSaZ
sbEaKpjaF2TBff45Bvthv30h2Ejb2I6gtEiL1Rvoo8BZWwWR6IBhRmB4R/N0JyM5
SR5FMZdw92doxbeKNzmF+BLic5V/iUGon+PE15hcVrLesJ3CNu+tEaGLaYEtlszM
Dy2QgsqnTPGSwLjS1FVmVDvJk5gu7fFDJXSXO1DMPL/RfFjWcJUMWnit91K363dv
7HahhsdOJMdWyRcjDlBqLDPnMjfOU7YqkRfGCxjKf+K1j1nB87gJADxtUg==
-----END CERTIFICATE-----
Generated at Tue Dec 10 06:56:24 2024 by rpki-client on console-fra.rpki-client.org