Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e290ea6c-d4f0-4297-bdf2-dbf8c85e8140.roa
File:                     e290ea6c-d4f0-4297-bdf2-dbf8c85e8140.roa (raw, json)
Hash identifier:          ZG4ial0GECS1/HwP4R3cr6PrDSrvL61MlOQVP3nJyVg=
Subject key identifier:   A2:23:74:80:6E:73:C7:D3:BD:CB:1A:97:AA:7C:FA:AE:EE:AA:77:89
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       418294B1D8AC0B5D7B64230559B02C2046DDA452
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e290ea6c-d4f0-4297-bdf2-dbf8c85e8140.roa
Signing time:             Fri 08 Nov 2024 00:00:00 +0000
ROA not before:           Fri 08 Nov 2024 00:00:00 +0000
ROA not after:            Fri 13 Dec 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.188.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 23 Nov 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:82:94:b1:d8:ac:0b:5d:7b:64:23:05:59:b0:2c:20:46:dd:a4:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  8 00:00:00 2024 GMT
            Not After : Dec 13 23:59:59 2024 GMT
        Subject: serialNumber=49f84a238f23f4fcff4f115780d7b9b34d67fdcb9ee37bcbfce893731f23f9e4, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:c3:87:4f:37:14:7a:aa:1b:fc:1f:61:fa:c2:
                    f0:dd:6a:4b:d3:b1:08:25:09:7b:cf:20:c7:39:0d:
                    86:9a:c2:d8:fa:23:0c:78:be:bd:94:af:8b:52:55:
                    e1:4c:a0:9b:83:b2:21:9b:43:2f:c0:d9:c6:9f:a4:
                    4b:4e:79:18:50:01:61:0a:a8:77:40:16:b2:3a:f7:
                    3c:9e:5a:10:e1:c9:59:e2:6b:74:89:9d:8f:d9:2b:
                    39:55:8c:9e:c1:ba:92:5c:bd:a4:8c:2b:41:c1:8d:
                    73:62:6f:f7:37:1d:53:3a:6e:fb:5f:19:be:76:3f:
                    73:68:06:b1:69:75:40:54:62:c9:39:3e:a3:a5:53:
                    21:72:9e:37:5f:df:75:b4:85:16:7f:7f:f2:ea:78:
                    f6:55:41:90:9b:6c:64:d8:8c:a4:ba:d4:c8:31:95:
                    d3:98:78:58:58:a0:24:81:c7:3d:06:ae:d2:7d:dd:
                    21:48:71:2f:d8:94:f2:a7:d0:9d:b3:84:99:90:05:
                    f5:f1:9c:1f:ca:58:0d:07:ec:38:b8:90:14:f5:dd:
                    4e:4d:c8:1f:11:e2:25:fe:30:fe:88:09:d6:88:69:
                    0c:a0:f1:d7:7c:f2:53:b0:74:86:0e:c8:48:42:cc:
                    1e:87:3c:cf:51:f3:4f:a7:ca:e0:5c:3d:9c:52:16:
                    b5:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:23:74:80:6E:73:C7:D3:BD:CB:1A:97:AA:7C:FA:AE:EE:AA:77:89
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e290ea6c-d4f0-4297-bdf2-dbf8c85e8140.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:f9:7c:ea:6b:fd:6e:2e:0c:46:7d:5d:a9:35:cc:0c:27:4b:
         52:86:ba:f2:29:9c:01:fc:cb:24:2c:63:55:df:e4:8c:19:92:
         a9:e2:32:ae:71:ac:b6:0b:d6:03:7e:a9:77:d3:f7:98:7e:f5:
         2b:ce:6a:05:81:5e:23:d1:79:af:9c:38:34:50:e9:85:95:29:
         fe:ed:17:03:68:c0:ad:48:f2:94:f4:7a:4b:9f:3b:9e:71:00:
         60:c8:f4:0c:06:99:ae:b6:de:ec:ee:0e:e9:d5:16:44:92:fc:
         1b:38:49:8a:3b:8b:70:3c:86:62:89:5f:c2:e0:91:d4:f6:e5:
         d1:a5:51:b7:9c:5f:81:35:bc:d7:c7:c8:f0:40:6b:74:19:9a:
         da:a3:cf:22:ce:72:15:d6:0f:d2:15:02:33:25:32:d3:7b:f4:
         b8:9b:57:2c:ad:a4:f4:2e:29:d3:f2:7a:d0:56:fa:bd:e8:ac:
         8a:ee:b6:5d:4e:8c:d7:6b:cb:36:65:8d:ef:bc:6d:8b:c0:87:
         08:3c:c0:ec:ed:e7:34:96:52:9f:9e:ee:bb:4c:53:a9:2e:59:
         0a:b3:38:83:3d:6e:a3:95:2a:64:60:ac:8f:02:31:dd:27:3f:
         ef:82:9d:e7:08:dc:91:34:a5:63:69:a3:30:d0:59:e6:46:b5:
         5a:c7:9b:99
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQYKUsdisC117ZCMFWbAsIEbdpFIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMTA4MDAwMDAwWhcNMjQxMjEzMjM1OTU5
WjB6MUkwRwYDVQQFE0A0OWY4NGEyMzhmMjNmNGZjZmY0ZjExNTc4MGQ3YjliMzRk
NjdmZGNiOWVlMzdiY2JmY2U4OTM3MzFmMjNmOWU0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDZw4dPNxR6qhv8H2H6wvDdakvTsQglCXvPIMc5DYaawtj6
Iwx4vr2Ur4tSVeFMoJuDsiGbQy/A2cafpEtOeRhQAWEKqHdAFrI69zyeWhDhyVni
a3SJnY/ZKzlVjJ7BupJcvaSMK0HBjXNib/c3HVM6bvtfGb52P3NoBrFpdUBUYsk5
PqOlUyFynjdf33W0hRZ/f/LqePZVQZCbbGTYjKS61MgxldOYeFhYoCSBxz0GrtJ9
3SFIcS/YlPKn0J2zhJmQBfXxnB/KWA0H7Di4kBT13U5NyB8R4iX+MP6ICdaIaQyg
8dd88lOwdIYOyEhCzB6HPM9R80+nyuBcPZxSFrVdAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUoiN0gG5zx9O9yxqXqnz6ru6qd4kwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2UyOTBlYTZjLWQ0ZjAtNDI5Ny1iZGYyLWRiZjhjODVlODE0MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTbwwDQYJKoZIhvcNAQELBQADggEBAG75fOpr/W4uDEZ9Xak1zAwnS1KG
uvIpnAH8yyQsY1Xf5IwZkqniMq5xrLYL1gN+qXfT95h+9SvOagWBXiPRea+cODRQ
6YWVKf7tFwNowK1I8pT0ekufO55xAGDI9AwGma623uzuDunVFkSS/Bs4SYo7i3A8
hmKJX8LgkdT25dGlUbecX4E1vNfHyPBAa3QZmtqjzyLOchXWD9IVAjMlMtN79Lib
VyytpPQuKdPyetBW+r3orIrutl1OjNdryzZlje+8bYvAhwg8wOzt5zSWUp+e7rtM
U6kuWQqzOIM9bqOVKmRgrI8CMd0nP++CnecI3JE0pWNpozDQWeZGtVrHm5k=
-----END CERTIFICATE-----
Generated at Fri Nov 22 01:34:37 2024 by rpki-client on console-ams.rpki-client.org