Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d45c2ad2-9d29-4213-9f61-095efcb2de9b.roa
File:                     d45c2ad2-9d29-4213-9f61-095efcb2de9b.roa (raw, json)
Hash identifier:          VK+4F56HDCVY/oqf9gHyoXQwSfs8c+QobwSTyJqzaW4=
Subject key identifier:   D3:3A:89:78:6C:05:98:88:83:63:12:DE:9E:CE:84:41:CD:0F:55:F9
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       034623009C3BB603CB68A06275C706742548B395
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d45c2ad2-9d29-4213-9f61-095efcb2de9b.roa
Signing time:             Mon 02 Dec 2024 00:00:00 +0000
ROA not before:           Mon 02 Dec 2024 00:00:00 +0000
ROA not after:            Mon 06 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        173.83.0.0/17 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 13 Dec 2024 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:46:23:00:9c:3b:b6:03:cb:68:a0:62:75:c7:06:74:25:48:b3:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec  2 00:00:00 2024 GMT
            Not After : Jan  6 23:59:59 2025 GMT
        Subject: serialNumber=61e998b2356b4a9e6188dae8e465fb3c415945284c2aefecdc21d30a3fdabe48, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:c4:fa:cc:c8:3a:d9:72:6e:fc:48:af:d6:74:
                    ee:29:5e:91:4e:59:31:21:88:45:db:49:69:2a:8b:
                    94:d7:fd:3e:dd:4b:13:24:8b:cd:80:f7:45:36:dd:
                    f4:a0:3f:a6:67:ec:21:b5:61:71:8d:ae:d0:63:84:
                    96:7f:b2:70:e4:97:e6:62:ca:f9:46:9a:6a:f4:04:
                    15:ae:8b:d5:d0:dd:d2:4c:6c:8d:87:ca:e6:4c:fd:
                    e6:12:26:4b:d5:83:69:33:c0:66:7f:25:f8:dd:0a:
                    d6:7c:26:97:2d:09:05:00:04:50:2a:63:39:96:a3:
                    91:6e:9a:3d:6c:9e:80:2a:48:8b:78:49:10:95:86:
                    6f:6b:9f:7a:d8:f2:1d:b6:d1:08:c0:93:9d:1e:43:
                    ff:1e:37:f3:78:bb:e8:5a:83:c4:d5:6d:78:f3:7c:
                    05:80:63:72:b1:a5:f0:c2:be:3c:e6:57:02:40:b1:
                    5b:3e:f6:a5:59:90:40:4d:76:6c:68:68:81:d6:b3:
                    18:19:90:77:5f:61:bf:0f:2f:dd:8d:8f:eb:63:66:
                    bc:c3:45:e8:f3:e1:aa:e9:66:10:98:3c:d0:3c:e6:
                    f7:3e:c8:12:17:50:ae:d9:c3:cf:3e:12:59:f2:da:
                    0a:80:f9:8b:1b:cd:45:d2:de:db:8e:71:62:e4:b0:
                    62:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:3A:89:78:6C:05:98:88:83:63:12:DE:9E:CE:84:41:CD:0F:55:F9
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d45c2ad2-9d29-4213-9f61-095efcb2de9b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  173.83.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         78:c1:83:7e:c0:02:ae:8d:34:f3:e6:15:64:4b:cf:07:54:91:
         e4:2f:77:07:96:57:d7:6d:3f:e0:28:54:a3:ef:59:ce:8b:42:
         43:ba:89:72:59:01:99:2a:4d:6c:63:35:be:db:8b:08:2a:94:
         b3:23:ab:a6:56:c1:1f:68:01:1a:e1:94:67:86:fa:7a:52:6e:
         14:ad:5a:09:15:4d:4a:e9:30:4e:11:3a:f0:79:6f:c0:f5:1f:
         0f:40:d1:1e:1d:a0:2c:30:cf:cc:4a:a0:cc:ef:7d:dc:9d:70:
         55:f5:12:b8:a3:c2:67:64:cd:2f:08:ff:64:dc:ad:03:25:e4:
         a6:68:6d:b0:ea:33:c1:7a:25:82:4a:1a:db:cf:2e:50:ff:32:
         5b:35:67:e6:a2:c5:37:92:3c:6e:54:58:35:e3:0a:d2:9a:5d:
         15:28:a3:c1:80:bc:49:c0:ae:e5:9d:3a:3d:fd:99:99:43:59:
         70:d8:85:7e:ef:a7:b9:5c:cc:78:73:d8:3a:4d:f7:45:14:e5:
         a4:b8:d9:d0:8e:b4:72:f1:3a:78:65:db:81:41:09:59:03:60:
         71:c7:ec:e9:7f:0f:37:85:88:28:7a:5f:95:ed:7d:85:ef:69:
         3e:0b:e3:3b:bf:2b:18:d2:ff:e6:84:7e:8d:4b:f8:cb:47:8b:
         f6:01:f8:9c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUA0YjAJw7tgPLaKBidccGdCVIs5UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAyMDAwMDAwWhcNMjUwMTA2MjM1OTU5
WjB6MUkwRwYDVQQFE0A2MWU5OThiMjM1NmI0YTllNjE4OGRhZThlNDY1ZmIzYzQx
NTk0NTI4NGMyYWVmZWNkYzIxZDMwYTNmZGFiZTQ4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCYxPrMyDrZcm78SK/WdO4pXpFOWTEhiEXbSWkqi5TX/T7d
SxMki82A90U23fSgP6Zn7CG1YXGNrtBjhJZ/snDkl+ZiyvlGmmr0BBWui9XQ3dJM
bI2HyuZM/eYSJkvVg2kzwGZ/JfjdCtZ8JpctCQUABFAqYzmWo5Fumj1snoAqSIt4
SRCVhm9rn3rY8h220QjAk50eQ/8eN/N4u+hag8TVbXjzfAWAY3KxpfDCvjzmVwJA
sVs+9qVZkEBNdmxoaIHWsxgZkHdfYb8PL92Nj+tjZrzDRejz4arpZhCYPNA85vc+
yBIXUK7Zw88+Elny2gqA+YsbzUXS3tuOcWLksGKXAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU0zqJeGwFmIiDYxLens6EQc0PVfkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Q0NWMyYWQyLTlkMjktNDIxMy05ZjYxLTA5NWVmY2IyZGU5Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAetUwAwDQYJKoZIhvcNAQELBQADggEBAHjBg37AAq6NNPPmFWRLzwdUkeQv
dweWV9dtP+AoVKPvWc6LQkO6iXJZAZkqTWxjNb7biwgqlLMjq6ZWwR9oARrhlGeG
+npSbhStWgkVTUrpME4ROvB5b8D1Hw9A0R4doCwwz8xKoMzvfdydcFX1Erijwmdk
zS8I/2TcrQMl5KZobbDqM8F6JYJKGtvPLlD/Mls1Z+aixTeSPG5UWDXjCtKaXRUo
o8GAvEnAruWdOj39mZlDWXDYhX7vp7lczHhz2DpN90UU5aS42dCOtHLxOnhl24FB
CVkDYHHH7Ol/DzeFiCh6X5XtfYXvaT4L4zu/KxjS/+aEfo1L+MtHi/YB+Jw=
-----END CERTIFICATE-----
Generated at Wed Dec 11 21:56:28 2024 by rpki-client on console-fra.rpki-client.org