Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e290ea6c-d4f0-4297-bdf2-dbf8c85e8140.roa
File:                     e290ea6c-d4f0-4297-bdf2-dbf8c85e8140.roa (raw, json)
Hash identifier:          Zb3LQBnE3PAbvA4u97OzZx2zNr6pHCSxIyBflEOaT+0=
Subject key identifier:   24:5B:52:20:13:E1:CF:1E:8A:5A:A1:C0:26:70:AC:87:A4:C6:85:D9
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       46EDBF1679D8B5A2CB8F81AEA7113727CA3D6946
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e290ea6c-d4f0-4297-bdf2-dbf8c85e8140.roa
Signing time:             Tue 03 Dec 2024 00:00:00 +0000
ROA not before:           Tue 03 Dec 2024 00:00:00 +0000
ROA not after:            Tue 07 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.188.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 11 Dec 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:ed:bf:16:79:d8:b5:a2:cb:8f:81:ae:a7:11:37:27:ca:3d:69:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec  3 00:00:00 2024 GMT
            Not After : Jan  7 23:59:59 2025 GMT
        Subject: serialNumber=e11beaf77096d67d0f471f1dbc04c5c8d6f42cb37301795de1dc9e6491e563d9, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:81:1e:c6:bc:c5:ac:b8:95:7f:35:50:27:2d:
                    e5:c3:f6:34:c6:a9:a7:57:48:bc:a5:66:08:ac:6f:
                    0d:bb:3a:1d:f5:e3:79:6f:0d:81:ce:51:83:22:df:
                    b1:9d:ce:7c:67:2a:e4:b4:8a:c1:b0:d1:86:10:f7:
                    fb:31:33:69:e3:af:3e:c1:e9:64:4a:4b:2c:31:13:
                    36:e9:6a:17:49:af:66:9b:e1:68:a1:89:15:be:85:
                    ae:74:34:8e:7e:ba:2f:6c:b4:ba:47:c4:24:a3:21:
                    7f:2b:a5:44:6a:24:4b:5f:74:fc:d2:a7:98:50:e8:
                    eb:64:30:e4:dd:11:65:54:c4:e9:20:36:ae:d0:bc:
                    13:ef:a7:02:fb:48:10:05:ee:b8:38:38:bc:5f:93:
                    40:0c:c3:79:73:3e:bc:76:04:2a:62:5a:79:d9:33:
                    79:74:99:64:79:9a:97:a5:26:1f:bc:2b:75:58:d2:
                    08:44:7b:36:9c:2f:01:db:ff:c3:42:34:c9:a2:83:
                    98:3b:38:bf:d8:ba:56:90:33:e6:f8:a8:74:81:f5:
                    07:da:04:6c:4f:ea:c9:9b:9c:f1:61:1a:0d:aa:0d:
                    7d:42:4a:37:91:bf:a9:5e:91:f7:e0:32:2b:c1:d3:
                    80:d4:62:00:bf:47:1d:cb:d4:0c:06:32:a3:3c:48:
                    02:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:5B:52:20:13:E1:CF:1E:8A:5A:A1:C0:26:70:AC:87:A4:C6:85:D9
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e290ea6c-d4f0-4297-bdf2-dbf8c85e8140.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:17:17:b8:8c:fd:a3:fc:7b:e7:4f:8d:81:06:16:c6:09:8c:
         28:05:42:ce:f3:1f:f0:66:09:79:1a:56:b0:34:a8:6a:d7:3a:
         54:10:96:99:d6:ae:4f:53:c3:50:27:df:3f:5b:75:93:db:bf:
         bf:5b:2c:42:0e:30:26:86:38:1e:d1:46:5a:e2:69:73:d5:fa:
         df:a1:15:74:95:66:d0:0d:b5:5d:aa:e6:a0:bf:ea:56:dc:3e:
         10:ed:a8:7c:8d:1c:73:ee:b8:01:5a:95:9d:b2:09:d9:c6:93:
         9c:a0:ab:ca:51:34:f5:63:49:b3:f5:57:42:2a:bd:03:91:5e:
         c9:b8:2e:74:b9:e3:10:a6:97:c2:ca:7f:c9:b6:af:b2:f1:ae:
         1f:7d:8f:57:e6:14:81:fb:27:3c:74:86:4f:16:97:67:aa:f4:
         25:93:b5:75:95:19:bd:5d:07:69:8c:0b:b2:2e:95:26:74:b8:
         de:d1:96:f9:b7:54:30:3a:ee:3f:56:ee:e8:5b:e8:74:7c:66:
         55:21:f6:21:23:51:71:df:b3:48:17:8f:86:20:0e:92:2f:19:
         2c:69:83:c4:31:9f:d6:8f:fb:89:6d:9c:4f:ee:7a:28:bd:b1:
         ec:ba:05:9c:64:8d:81:1a:b4:a9:84:d8:03:04:77:43:0f:5a:
         97:a8:4c:08
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURu2/FnnYtaLLj4GupxE3J8o9aUYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAzMDAwMDAwWhcNMjUwMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BlMTFiZWFmNzcwOTZkNjdkMGY0NzFmMWRiYzA0YzVjOGQ2
ZjQyY2IzNzMwMTc5NWRlMWRjOWU2NDkxZTU2M2Q5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCKgR7GvMWsuJV/NVAnLeXD9jTGqadXSLylZgisbw27Oh31
43lvDYHOUYMi37GdznxnKuS0isGw0YYQ9/sxM2njrz7B6WRKSywxEzbpahdJr2ab
4WihiRW+ha50NI5+ui9stLpHxCSjIX8rpURqJEtfdPzSp5hQ6OtkMOTdEWVUxOkg
Nq7QvBPvpwL7SBAF7rg4OLxfk0AMw3lzPrx2BCpiWnnZM3l0mWR5mpelJh+8K3VY
0ghEezacLwHb/8NCNMmig5g7OL/YulaQM+b4qHSB9QfaBGxP6smbnPFhGg2qDX1C
SjeRv6lekffgMivB04DUYgC/Rx3L1AwGMqM8SAILAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUJFtSIBPhzx6KWqHAJnCsh6TGhdkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2UyOTBlYTZjLWQ0ZjAtNDI5Ny1iZGYyLWRiZjhjODVlODE0MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTbwwDQYJKoZIhvcNAQELBQADggEBAIMXF7iM/aP8e+dPjYEGFsYJjCgF
Qs7zH/BmCXkaVrA0qGrXOlQQlpnWrk9Tw1An3z9bdZPbv79bLEIOMCaGOB7RRlri
aXPV+t+hFXSVZtANtV2q5qC/6lbcPhDtqHyNHHPuuAFalZ2yCdnGk5ygq8pRNPVj
SbP1V0IqvQORXsm4LnS54xCml8LKf8m2r7Lxrh99j1fmFIH7Jzx0hk8Wl2eq9CWT
tXWVGb1dB2mMC7IulSZ0uN7Rlvm3VDA67j9W7uhb6HR8ZlUh9iEjUXHfs0gXj4Yg
DpIvGSxpg8Qxn9aP+4ltnE/ueii9sey6BZxkjYEatKmE2AMEd0MPWpeoTAg=
-----END CERTIFICATE-----
Generated at Tue Dec 10 06:26:26 2024 by rpki-client on console-ams.rpki-client.org