Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ca0e9264-bbd8-406b-9380-6af47bf1dd8d.roa
File:                     ca0e9264-bbd8-406b-9380-6af47bf1dd8d.roa (raw, json)
Hash identifier:          xGbnMUituZNeBAODyx7NpUUi6733yWap1GXfqu3y2NI=
Subject key identifier:   E2:6B:71:C5:84:7C:DC:70:97:1E:1F:34:CE:2E:87:55:85:CF:F9:77
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3134A505ACA52A7175DDEFC83B3A33C6CF1B3611
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ca0e9264-bbd8-406b-9380-6af47bf1dd8d.roa
Signing time:             Mon 02 Dec 2024 00:00:00 +0000
ROA not before:           Mon 02 Dec 2024 00:00:00 +0000
ROA not after:            Mon 06 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        161.14.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 11 Dec 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:34:a5:05:ac:a5:2a:71:75:dd:ef:c8:3b:3a:33:c6:cf:1b:36:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec  2 00:00:00 2024 GMT
            Not After : Jan  6 23:59:59 2025 GMT
        Subject: serialNumber=1e64beece90fc893ba70c02b48305dd7578a858482d0ca0c3a1f858d8da7d36f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:ea:fe:fe:ca:30:5b:74:58:91:bc:c2:62:8e:
                    af:ee:17:9a:4c:38:c1:a2:9f:f8:ec:21:86:23:98:
                    42:63:49:b2:c0:61:77:b2:3e:3f:e2:4f:27:9b:a7:
                    00:5e:28:c2:07:3a:ad:de:76:da:b2:f9:5c:2c:0e:
                    f7:a3:c9:7d:e8:5f:45:4a:7a:5c:f7:16:5c:ed:e4:
                    12:a2:ba:13:16:fc:c3:8b:8c:89:b1:8c:3c:3e:63:
                    65:a8:88:31:7b:ef:90:81:8b:68:f6:b0:0d:0f:bf:
                    c5:4a:59:6b:d0:fe:b8:80:e4:29:5c:86:ee:26:a3:
                    bf:11:b5:d6:71:76:d4:cc:a7:25:50:ea:64:9a:76:
                    bc:4b:d3:54:6d:00:fa:11:f2:be:0f:5f:a8:6b:72:
                    2a:8d:b6:04:92:63:93:a2:ea:4b:05:92:e5:24:7b:
                    05:03:c3:e0:d2:92:f2:ee:25:f9:d9:22:87:f1:9d:
                    b9:d9:59:00:75:bc:5b:7e:b5:46:ae:12:fb:c7:2c:
                    48:f0:45:c2:74:36:c1:14:84:d5:59:1d:8c:5d:a9:
                    00:83:37:a6:b3:f4:9b:3f:35:74:88:74:05:7d:83:
                    8b:4f:f4:5e:38:ee:a2:8f:79:7f:5c:25:39:ec:50:
                    0f:90:07:c7:66:b9:0e:b5:bf:db:fa:e6:db:a9:53:
                    d4:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:6B:71:C5:84:7C:DC:70:97:1E:1F:34:CE:2E:87:55:85:CF:F9:77
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ca0e9264-bbd8-406b-9380-6af47bf1dd8d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  161.14.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         9c:4d:f9:76:e7:cf:04:d9:da:ea:88:65:7b:01:c8:1c:f6:99:
         e8:ac:93:7e:c2:25:97:20:05:42:e6:b3:07:d6:36:18:90:dd:
         1a:f2:92:bd:1d:df:cd:3b:df:e9:1d:93:7e:fa:8d:28:26:68:
         6a:bc:07:c3:d0:02:1c:58:5d:dc:fa:16:8c:12:bc:96:4d:02:
         ff:a5:58:36:83:ec:85:f3:6a:bf:cd:16:24:9d:d7:4d:3c:d8:
         bb:ee:89:78:82:7e:43:d3:11:67:b7:87:00:29:f1:36:5d:14:
         05:05:2b:a0:e5:6b:7d:10:20:a3:9f:6b:eb:b7:33:92:f0:fc:
         50:49:51:12:9e:bf:33:a0:7b:61:58:c3:60:93:35:54:f5:47:
         9a:64:ee:83:21:71:5c:e4:5e:63:93:80:0f:f0:97:62:cc:21:
         0d:7a:81:45:90:5f:6c:ea:9f:36:a6:fc:26:4a:b0:d5:6a:3f:
         22:9d:a6:82:d7:7f:7d:9d:b7:06:7e:34:f1:e2:bd:e3:53:47:
         d1:55:e5:a6:8e:32:c0:bc:1c:3a:e5:8d:94:6f:99:67:25:dc:
         cd:b8:33:70:31:10:1e:a8:55:1f:13:ce:d4:86:11:3a:38:d1:
         23:3f:15:71:d1:24:16:bd:25:02:65:0c:dc:d0:ab:e5:a8:62:
         b2:3b:86:51
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUMTSlBaylKnF13e/IOzozxs8bNhEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAyMDAwMDAwWhcNMjUwMTA2MjM1OTU5
WjB6MUkwRwYDVQQFE0AxZTY0YmVlY2U5MGZjODkzYmE3MGMwMmI0ODMwNWRkNzU3
OGE4NTg0ODJkMGNhMGMzYTFmODU4ZDhkYTdkMzZmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD46v7+yjBbdFiRvMJijq/uF5pMOMGin/jsIYYjmEJjSbLA
YXeyPj/iTyebpwBeKMIHOq3edtqy+VwsDvejyX3oX0VKelz3Flzt5BKiuhMW/MOL
jImxjDw+Y2WoiDF775CBi2j2sA0Pv8VKWWvQ/riA5Clchu4mo78RtdZxdtTMpyVQ
6mSadrxL01RtAPoR8r4PX6hrciqNtgSSY5Oi6ksFkuUkewUDw+DSkvLuJfnZIofx
nbnZWQB1vFt+tUauEvvHLEjwRcJ0NsEUhNVZHYxdqQCDN6az9Js/NXSIdAV9g4tP
9F447qKPeX9cJTnsUA+QB8dmuQ61v9v65tupU9RrAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU4mtxxYR83HCXHh80zi6HVYXP+XcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NhMGU5MjY0LWJiZDgtNDA2Yi05MzgwLTZhZjQ3YmYxZGQ4ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwChDjANBgkqhkiG9w0BAQsFAAOCAQEAnE35dufPBNna6ohlewHIHPaZ6KyT
fsIllyAFQuazB9Y2GJDdGvKSvR3fzTvf6R2TfvqNKCZoarwHw9ACHFhd3PoWjBK8
lk0C/6VYNoPshfNqv80WJJ3XTTzYu+6JeIJ+Q9MRZ7eHACnxNl0UBQUroOVrfRAg
o59r67czkvD8UElREp6/M6B7YVjDYJM1VPVHmmTugyFxXOReY5OAD/CXYswhDXqB
RZBfbOqfNqb8Jkqw1Wo/Ip2mgtd/fZ23Bn408eK941NH0VXlpo4ywLwcOuWNlG+Z
ZyXczbgzcDEQHqhVHxPO1IYROjjRIz8VcdEkFr0lAmUM3NCr5ahisjuGUQ==
-----END CERTIFICATE-----
Generated at Tue Dec 10 06:56:25 2024 by rpki-client on console-fra.rpki-client.org