Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cbe461a7-218b-4353-a342-082f74b7f2fc.roa
File:                     cbe461a7-218b-4353-a342-082f74b7f2fc.roa (raw, json)
Hash identifier:          qNQxFMNjeYn8KApif0V97Jqv86RSffuvrlcPaeq/dsI=
Subject key identifier:   C5:26:F6:A7:65:15:56:79:0D:72:2C:4C:07:23:9B:BF:B6:D3:94:E9
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4F39379DFEFD86CDB704A5B877B168655BC4A2BD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cbe461a7-218b-4353-a342-082f74b7f2fc.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        108.136.0.0/14 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:39:37:9d:fe:fd:86:cd:b7:04:a5:b8:77:b1:68:65:5b:c4:a2:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=a61cfe26d018d3db3dc7c99dcaba618297acb6d779e70611a58e6c5b4fa8e230, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:38:2a:60:5b:b8:d0:2c:34:1a:54:7e:47:44:
                    ac:6f:a9:84:44:fc:ae:31:04:1c:5c:82:09:7f:d8:
                    cc:93:30:45:9f:63:ce:c6:66:21:72:13:86:e9:18:
                    79:02:16:fc:20:ef:9e:bf:c8:8b:dc:8a:91:88:c1:
                    89:c3:b5:e8:05:0f:a9:b7:fc:9b:8a:54:2a:93:b4:
                    ec:f8:54:18:c0:22:51:b4:27:45:8b:a5:4b:5a:6c:
                    59:59:fb:e2:8b:71:be:57:96:0c:9c:86:0f:9a:73:
                    20:29:78:78:65:93:7f:59:7e:b7:21:ca:9d:1f:c5:
                    8e:6f:a3:16:d6:25:5e:a7:75:27:db:36:45:b2:ef:
                    5a:35:86:69:bb:49:77:79:6b:3d:ee:ed:0e:91:74:
                    4d:34:2c:50:66:02:65:1f:24:77:28:5d:b3:86:ef:
                    3a:35:fc:8a:05:49:5a:8d:21:aa:a2:4f:4d:a7:81:
                    6d:3c:0c:db:d0:06:a9:15:db:c1:a1:2d:84:50:69:
                    01:c0:f3:29:1c:6e:d3:6d:c8:df:f4:12:62:43:16:
                    c3:d7:89:03:62:8a:0c:21:16:22:c7:8c:ec:fb:d9:
                    de:c9:84:93:b0:c0:4e:20:a7:9f:31:41:0f:1e:f4:
                    de:27:0f:04:d4:d6:64:b9:ab:46:c3:51:57:43:64:
                    68:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:26:F6:A7:65:15:56:79:0D:72:2C:4C:07:23:9B:BF:B6:D3:94:E9
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cbe461a7-218b-4353-a342-082f74b7f2fc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  108.136.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         14:95:c5:ff:c2:ea:84:e4:4d:07:3a:9e:98:8c:b2:26:4f:0b:
         0f:7c:b3:f4:d8:2c:22:30:71:5f:e3:b4:08:72:8e:7f:2c:97:
         e8:22:3d:b4:44:57:43:1e:ac:3b:d9:60:a8:13:7e:fa:31:8b:
         1f:db:29:1b:79:0f:1f:89:09:57:d0:48:5d:95:07:7d:e6:c2:
         51:d2:03:27:45:3b:4b:e7:46:97:74:9a:a1:84:07:1e:e1:8d:
         78:d0:60:6d:58:02:6c:9a:33:ab:f8:53:b7:89:f9:c2:f2:68:
         28:0b:ab:f6:c4:a0:15:1b:86:8e:a5:11:f2:c0:ff:35:62:a4:
         a6:80:67:f0:e0:58:06:63:2f:93:94:0e:f8:3b:9e:13:e7:f1:
         ea:81:bf:7f:0d:de:cf:a4:7b:13:3a:97:17:16:90:0b:a1:78:
         b6:99:10:5f:1c:b3:14:6a:23:8b:ea:c5:4a:cf:fb:a5:87:fe:
         05:b3:2c:96:b2:9c:01:df:65:de:36:83:68:fa:84:dc:bc:71:
         0a:88:70:16:86:ec:b9:7e:7d:61:30:3b:42:3f:09:6f:d7:4f:
         5a:d1:b2:1f:9b:9b:fe:59:f8:33:9e:ff:77:0d:51:42:c9:b8:
         47:89:21:83:86:b0:ec:50:b8:f5:1d:df:18:40:e7:f0:dc:44:
         61:95:97:8a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUTzk3nf79hs23BKW4d7FoZVvEor0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BhNjFjZmUyNmQwMThkM2RiM2RjN2M5OWRjYWJhNjE4Mjk3
YWNiNmQ3NzllNzA2MTFhNThlNmM1YjRmYThlMjMwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCZOCpgW7jQLDQaVH5HRKxvqYRE/K4xBBxcggl/2MyTMEWf
Y87GZiFyE4bpGHkCFvwg756/yIvcipGIwYnDtegFD6m3/JuKVCqTtOz4VBjAIlG0
J0WLpUtabFlZ++KLcb5Xlgychg+acyApeHhlk39Zfrchyp0fxY5voxbWJV6ndSfb
NkWy71o1hmm7SXd5az3u7Q6RdE00LFBmAmUfJHcoXbOG7zo1/IoFSVqNIaqiT02n
gW08DNvQBqkV28GhLYRQaQHA8ykcbtNtyN/0EmJDFsPXiQNiigwhFiLHjOz72d7J
hJOwwE4gp58xQQ8e9N4nDwTU1mS5q0bDUVdDZGhvAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUxSb2p2UVVnkNcixMByObv7bTlOkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NiZTQ2MWE3LTIxOGItNDM1My1hMzQyLTA4MmY3NGI3ZjJmYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwJsiDANBgkqhkiG9w0BAQsFAAOCAQEAFJXF/8LqhORNBzqemIyyJk8LD3yz
9NgsIjBxX+O0CHKOfyyX6CI9tERXQx6sO9lgqBN++jGLH9spG3kPH4kJV9BIXZUH
febCUdIDJ0U7S+dGl3SaoYQHHuGNeNBgbVgCbJozq/hTt4n5wvJoKAur9sSgFRuG
jqUR8sD/NWKkpoBn8OBYBmMvk5QO+DueE+fx6oG/fw3ez6R7EzqXFxaQC6F4tpkQ
XxyzFGoji+rFSs/7pYf+BbMslrKcAd9l3jaDaPqE3LxxCohwFobsuX59YTA7Qj8J
b9dPWtGyH5ub/ln4M57/dw1RQsm4R4khg4aw7FC49R3fGEDn8NxEYZWXig==
-----END CERTIFICATE-----
Generated at Thu Mar 28 01:00:27 2024 by rpki-client on console-fra.rpki-client.org