Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d9f0f335-7b4f-4214-870c-d871c2bede87.roa
File:                     d9f0f335-7b4f-4214-870c-d871c2bede87.roa (raw, json)
Hash identifier:          kCNrJYO7sjUmQ9DFErlniUnIuoIbdGgTm9CBUI+sfuE=
Subject key identifier:   5D:6A:62:9C:D6:C6:5E:49:C4:CE:46:F5:BC:E7:AF:95:86:86:9B:65
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7ECEE84A1BDAB33BA33125A71216C4DF52339FEB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d9f0f335-7b4f-4214-870c-d871c2bede87.roa
Signing time:             Mon 18 Mar 2024 00:00:00 +0000
ROA not before:           Mon 18 Mar 2024 00:00:00 +0000
ROA not after:            Mon 22 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        162.222.148.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:ce:e8:4a:1b:da:b3:3b:a3:31:25:a7:12:16:c4:df:52:33:9f:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 18 00:00:00 2024 GMT
            Not After : Apr 22 23:59:59 2024 GMT
        Subject: serialNumber=595e647b94afd8dc84dd822db38f1b6cb326e27f515a9391ad8c024e350bc2c1, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:64:a1:15:86:c0:70:3d:6c:d9:31:85:64:77:
                    4e:44:d4:49:76:cc:21:71:71:09:07:33:7f:b9:e9:
                    25:e0:ce:b7:4c:f9:29:91:ae:8e:32:64:6e:17:58:
                    98:fa:46:56:84:93:9a:ca:4a:33:2c:1b:9e:58:bc:
                    9e:20:53:23:fb:7f:c1:a2:96:99:11:e5:6e:e9:89:
                    e8:78:e4:8e:2c:74:63:5e:5a:66:f3:66:f7:2c:33:
                    33:68:38:c7:26:1d:05:4a:4d:2e:f7:96:14:89:8c:
                    4d:87:15:14:e9:b7:85:cc:e7:70:b6:64:5b:3d:1b:
                    3f:c4:0e:fa:a6:e4:ca:a4:b3:80:ba:c8:2a:5f:1b:
                    cb:b7:ed:7b:49:85:7c:e1:1a:f1:58:7f:95:0a:9e:
                    52:6b:a2:cd:b8:b9:de:59:cd:53:0c:c8:1e:aa:f6:
                    08:a3:be:23:29:a0:b9:2e:d9:81:ca:95:a3:f1:6d:
                    ae:bc:00:2f:51:ec:29:b7:34:b9:5a:fc:9f:52:c0:
                    73:85:ae:bf:1d:86:59:11:b4:a5:3d:fc:e5:de:fe:
                    dc:13:da:04:d5:33:db:95:ca:ce:1b:5b:43:18:ba:
                    a3:1d:fa:70:8d:fc:25:17:99:99:64:60:4e:f1:5c:
                    ac:b6:54:7e:6d:70:25:cc:bc:f6:ae:33:57:5c:26:
                    a8:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:6A:62:9C:D6:C6:5E:49:C4:CE:46:F5:BC:E7:AF:95:86:86:9B:65
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d9f0f335-7b4f-4214-870c-d871c2bede87.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  162.222.148.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ac:f1:fe:2f:6a:17:c6:b3:4b:8d:85:93:34:e9:ec:ab:ce:dd:
         fa:4d:aa:bb:ee:81:4a:e5:53:29:29:5a:51:49:e7:91:e8:14:
         f5:9f:4b:71:ea:d8:36:1e:b0:6d:05:07:b9:b7:ea:f3:d3:8b:
         98:9e:19:07:61:d8:87:40:d3:a6:19:c3:a3:a6:1c:bf:d9:c9:
         50:e7:41:26:fb:ee:92:ea:26:e1:3e:78:5b:65:27:ee:ac:4e:
         95:5c:68:78:bf:6e:fc:2a:d4:05:26:cc:a8:c2:ce:26:fa:da:
         06:d4:ed:94:24:77:0e:88:3f:fb:30:d9:1d:f6:ee:da:fc:46:
         f9:b0:62:87:8f:1e:0e:17:b3:fd:d7:05:f9:82:41:33:99:f5:
         55:46:40:a5:d4:95:6d:6e:b8:8f:fb:cf:6e:1f:1a:72:af:03:
         d2:ad:11:5a:97:94:fc:7c:f4:bf:65:16:c6:99:7a:09:53:95:
         e1:9a:58:9f:9f:05:0b:86:b1:6a:cb:f9:e4:3f:75:32:a8:75:
         75:e0:bf:9c:a1:6d:9c:57:ac:5c:73:ab:96:89:b7:36:ce:5c:
         5f:e2:9a:54:43:41:5a:4d:44:95:b5:c6:85:bb:bd:3b:39:50:
         81:fe:7c:d3:9a:af:53:b8:8a:26:07:8f:66:bb:be:dc:3a:09:
         dc:fe:68:e0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfs7oShvaszujMSWnEhbE31Izn+swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE4MDAwMDAwWhcNMjQwNDIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A1OTVlNjQ3Yjk0YWZkOGRjODRkZDgyMmRiMzhmMWI2Y2Iz
MjZlMjdmNTE1YTkzOTFhZDhjMDI0ZTM1MGJjMmMxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDxZKEVhsBwPWzZMYVkd05E1El2zCFxcQkHM3+56SXgzrdM
+SmRro4yZG4XWJj6RlaEk5rKSjMsG55YvJ4gUyP7f8GilpkR5W7pieh45I4sdGNe
WmbzZvcsMzNoOMcmHQVKTS73lhSJjE2HFRTpt4XM53C2ZFs9Gz/EDvqm5Mqks4C6
yCpfG8u37XtJhXzhGvFYf5UKnlJros24ud5ZzVMMyB6q9gijviMpoLku2YHKlaPx
ba68AC9R7Cm3NLla/J9SwHOFrr8dhlkRtKU9/OXe/twT2gTVM9uVys4bW0MYuqMd
+nCN/CUXmZlkYE7xXKy2VH5tcCXMvPauM1dcJqg3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUXWpinNbGXknEzkb1vOevlYaGm2UwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Q5ZjBmMzM1LTdiNGYtNDIxNC04NzBjLWQ4NzFjMmJlZGU4Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAKi3pQwDQYJKoZIhvcNAQELBQADggEBAKzx/i9qF8azS42FkzTp7KvO3fpN
qrvugUrlUykpWlFJ55HoFPWfS3Hq2DYesG0FB7m36vPTi5ieGQdh2IdA06YZw6Om
HL/ZyVDnQSb77pLqJuE+eFtlJ+6sTpVcaHi/bvwq1AUmzKjCzib62gbU7ZQkdw6I
P/sw2R327tr8RvmwYoePHg4Xs/3XBfmCQTOZ9VVGQKXUlW1uuI/7z24fGnKvA9Kt
EVqXlPx89L9lFsaZeglTleGaWJ+fBQuGsWrL+eQ/dTKodXXgv5yhbZxXrFxzq5aJ
tzbOXF/imlRDQVpNRJW1xoW7vTs5UIH+fNOar1O4iiYHj2a7vtw6Cdz+aOA=
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:05:51 2024 by rpki-client on console-ams.rpki-client.org