Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c977a0d3-92fd-44ae-90a6-a6ccf49130b8.roa
File:                     c977a0d3-92fd-44ae-90a6-a6ccf49130b8.roa (raw, json)
Hash identifier:          BXMVBZKZn1X3we7hgxmBWrYBDigkIH12Ht0lspwmW+I=
Subject key identifier:   A5:F3:9B:50:A8:8E:96:0D:79:E5:50:C8:90:C5:F9:B1:23:B6:AC:A1
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4929391D4E0FDE01637F5350DA9C81BDD15EB3CE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c977a0d3-92fd-44ae-90a6-a6ccf49130b8.roa
Signing time:             Sat 16 Mar 2024 00:00:00 +0000
ROA not before:           Sat 16 Mar 2024 00:00:00 +0000
ROA not after:            Sat 20 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        136.18.20.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:29:39:1d:4e:0f:de:01:63:7f:53:50:da:9c:81:bd:d1:5e:b3:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 16 00:00:00 2024 GMT
            Not After : Apr 20 23:59:59 2024 GMT
        Subject: serialNumber=48ad4f4f39fd758bb4937269672ff776595bbb8ce5f9b152a6d88ca6500c8b5d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:22:d9:18:3a:8b:46:7f:1a:4d:6e:58:5a:0c:
                    cc:75:52:a6:74:3d:4c:b2:b8:be:a9:20:ca:d8:b3:
                    be:39:f0:78:b2:73:89:0d:d4:1c:38:a9:3e:9a:99:
                    cf:d0:7d:2f:d2:ac:1b:9d:46:39:72:eb:f6:8a:81:
                    89:4a:68:32:e3:57:f8:53:d2:97:8a:21:63:bf:8b:
                    70:39:67:1a:d3:9e:4c:b8:9d:e7:63:43:90:da:01:
                    e5:54:ac:4b:db:f0:1e:fc:a6:ac:9b:7b:67:d7:f9:
                    1c:d9:c3:79:ab:a8:68:62:a7:dc:52:1d:18:80:37:
                    4b:67:ff:83:bf:db:f2:75:62:c6:99:4e:f4:e9:42:
                    00:46:ef:d3:52:d0:d9:ba:64:88:c5:68:8e:44:3c:
                    34:dd:a0:80:b5:31:74:c7:05:e6:4d:77:bf:c1:5d:
                    72:45:98:64:61:99:4d:3f:ae:2a:72:ec:b2:5d:7c:
                    5a:ea:81:11:ad:58:78:19:8b:82:27:58:1c:9d:4c:
                    a3:46:d9:fd:65:b2:59:5b:9f:ae:3c:df:eb:f2:9d:
                    9b:eb:25:d0:c6:b9:49:29:0d:a3:b7:07:d8:3f:e9:
                    e6:d3:fc:08:7c:59:a8:af:97:08:53:ab:ef:cf:5a:
                    c6:9a:2b:50:bf:33:bc:21:81:c0:29:cf:2b:68:4a:
                    f0:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:F3:9B:50:A8:8E:96:0D:79:E5:50:C8:90:C5:F9:B1:23:B6:AC:A1
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c977a0d3-92fd-44ae-90a6-a6ccf49130b8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  136.18.20.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3f:3e:52:ee:55:11:82:b0:72:7d:27:51:67:87:80:ad:20:d1:
         29:c4:54:35:d9:24:5a:8c:ce:c1:65:a9:c6:45:54:87:f3:d5:
         d3:1f:00:a4:e1:07:49:2a:5a:39:71:ff:5f:28:43:68:1e:be:
         13:97:cf:9f:df:23:9b:ef:7d:e9:76:4b:41:cc:0d:6c:47:a1:
         f3:b8:25:99:cf:ed:c1:c4:4a:c5:06:a1:d9:54:08:96:14:2f:
         83:95:41:0b:08:c4:19:9b:06:56:2e:57:9b:52:f7:47:f6:1e:
         1d:d7:09:4f:50:dd:ba:fe:88:15:7f:34:04:b2:8d:44:6c:9a:
         73:9a:db:1f:f4:60:f6:ff:48:97:ee:c3:4a:1d:0e:ed:1d:07:
         2d:ae:aa:4e:2c:13:b8:9a:7d:b5:00:5b:d0:e2:1d:9e:ca:70:
         8e:17:e4:e9:7c:d3:2f:2d:7f:3d:27:49:57:25:3d:7c:1f:35:
         1f:7e:db:ef:da:97:a8:18:e5:3d:db:3e:d9:90:09:a3:5b:43:
         34:2b:3d:f0:a5:bb:6a:1c:5d:3c:66:8c:61:27:7e:1d:58:6f:
         f9:a2:ed:3a:70:d6:33:da:d0:05:ce:a4:c5:77:25:1d:3c:73:
         91:35:96:f6:4a:ba:a7:8f:ee:ab:fe:b9:32:b8:57:d9:ad:40:
         1d:8e:06:7f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSSk5HU4P3gFjf1NQ2pyBvdFes84wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE2MDAwMDAwWhcNMjQwNDIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A0OGFkNGY0ZjM5ZmQ3NThiYjQ5MzcyNjk2NzJmZjc3NjU5
NWJiYjhjZTVmOWIxNTJhNmQ4OGNhNjUwMGM4YjVkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0ItkYOotGfxpNblhaDMx1UqZ0PUyyuL6pIMrYs7458Hiy
c4kN1Bw4qT6amc/QfS/SrBudRjly6/aKgYlKaDLjV/hT0peKIWO/i3A5ZxrTnky4
nedjQ5DaAeVUrEvb8B78pqybe2fX+RzZw3mrqGhip9xSHRiAN0tn/4O/2/J1YsaZ
TvTpQgBG79NS0Nm6ZIjFaI5EPDTdoIC1MXTHBeZNd7/BXXJFmGRhmU0/ripy7LJd
fFrqgRGtWHgZi4InWBydTKNG2f1lsllbn6483+vynZvrJdDGuUkpDaO3B9g/6ebT
/Ah8WaivlwhTq+/PWsaaK1C/M7whgcApzytoSvDDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUpfObUKiOlg155VDIkMX5sSO2rKEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M5NzdhMGQzLTkyZmQtNDRhZS05MGE2LWE2Y2NmNDkxMzBiOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAKIEhQwDQYJKoZIhvcNAQELBQADggEBAD8+Uu5VEYKwcn0nUWeHgK0g0SnE
VDXZJFqMzsFlqcZFVIfz1dMfAKThB0kqWjlx/18oQ2gevhOXz5/fI5vvfel2S0HM
DWxHofO4JZnP7cHESsUGodlUCJYUL4OVQQsIxBmbBlYuV5tS90f2Hh3XCU9Q3br+
iBV/NASyjURsmnOa2x/0YPb/SJfuw0odDu0dBy2uqk4sE7iafbUAW9DiHZ7KcI4X
5Ol80y8tfz0nSVclPXwfNR9+2+/al6gY5T3bPtmQCaNbQzQrPfClu2ocXTxmjGEn
fh1Yb/mi7Tpw1jPa0AXOpMV3JR08c5E1lvZKuqeP7qv+uTK4V9mtQB2OBn8=
-----END CERTIFICATE-----
Generated at Thu Mar 28 01:00:26 2024 by rpki-client on console-fra.rpki-client.org