Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e803c788-e3c5-4e0f-b60f-42ce430040b0.roa
File:                     e803c788-e3c5-4e0f-b60f-42ce430040b0.roa (raw, json)
Hash identifier:          3/VY+Ip6xBJCsxYnsfv+eHd1Mk6XGQBVyFQvI8hrwhg=
Subject key identifier:   6E:C5:81:CB:E2:2F:1B:59:AF:05:71:E6:74:5C:02:DC:C0:19:9C:64
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7BD0232A688830643AFA94E3F475C4961FBE66B5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e803c788-e3c5-4e0f-b60f-42ce430040b0.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        99.82.163.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:d0:23:2a:68:88:30:64:3a:fa:94:e3:f4:75:c4:96:1f:be:66:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=7d99a94aa0cc071861e037361ad0dcfb459a61834455132414e8eb84d5c4bf53, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:d8:ef:38:32:fb:37:38:08:59:9e:53:03:dc:
                    4a:df:c7:cd:8e:01:f5:8b:cb:7a:a1:20:70:96:c2:
                    08:39:e6:58:1f:bf:4b:c6:88:76:6e:52:6f:f6:b2:
                    94:6e:11:fa:97:d2:4d:12:9a:d7:db:c4:c4:f4:b4:
                    9c:ee:8c:c5:4f:40:12:bb:d4:91:58:74:70:a3:46:
                    13:c2:09:d4:b4:63:a9:65:5e:7c:72:0d:28:8b:7e:
                    ea:fe:7a:da:60:10:b9:77:8b:7e:7c:56:88:47:3d:
                    c1:0e:d4:1b:f8:17:08:cb:ff:3b:2d:b8:c1:27:14:
                    ae:db:35:c0:52:ce:c3:d9:f8:f0:bb:87:ad:b8:32:
                    76:43:dc:ee:08:19:b1:ff:1b:41:51:15:d0:c3:db:
                    fc:86:2e:c1:3d:34:4a:c7:0c:e7:ef:df:6a:e2:22:
                    05:53:43:c9:17:f3:8d:0a:c5:db:c1:93:4c:80:35:
                    a1:ab:7c:e3:6b:de:54:9e:60:c3:c8:2e:e7:3e:23:
                    46:d3:5d:fb:91:1a:59:25:b1:a0:ae:b1:fd:60:9b:
                    ac:22:29:3c:67:3c:b4:1e:4d:b1:99:27:0b:c9:ad:
                    a7:9d:ae:f2:3b:8c:43:61:14:93:68:7e:df:ca:98:
                    e8:b4:1e:98:53:b0:df:00:ee:f2:21:6c:41:ac:ca:
                    b5:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:C5:81:CB:E2:2F:1B:59:AF:05:71:E6:74:5C:02:DC:C0:19:9C:64
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e803c788-e3c5-4e0f-b60f-42ce430040b0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.82.163.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:92:01:da:25:b1:71:f0:d6:0f:26:10:4f:b7:60:e7:ec:12:
         6d:32:68:a6:37:ae:93:8c:69:69:aa:00:e9:9e:51:50:9b:0b:
         49:68:2f:cc:07:15:6f:79:ca:07:d8:7f:5b:41:e4:be:6d:bd:
         bb:25:2e:25:9e:1b:0d:86:ad:6f:7d:fd:48:1b:ef:74:e6:7a:
         4c:ea:cc:06:fa:c8:a4:3a:76:9b:7b:31:6d:db:9f:eb:4a:c1:
         f2:ee:3f:ae:a4:b5:7d:f2:ac:8a:66:76:56:75:3a:09:56:fd:
         a7:9b:a4:34:cf:9b:3a:98:7c:94:06:7a:f4:3a:e0:d3:16:ec:
         72:24:8e:3b:a8:91:3f:37:06:3a:cf:4c:6a:49:64:d0:ad:e6:
         7a:f5:c6:41:f8:cc:ae:10:6f:7e:d6:23:2d:01:7e:b4:77:a0:
         d9:6b:56:07:e5:d9:01:23:76:61:c9:25:56:d6:b2:7b:04:8c:
         0c:48:cf:e3:d1:f7:18:6c:42:ca:53:c6:2c:aa:75:8b:92:9e:
         3e:6e:0f:bf:30:55:dd:05:82:0c:0a:f9:cd:7e:05:4f:47:d4:
         d6:49:fa:fe:bd:03:90:67:a1:47:b6:4e:e6:45:fe:9c:39:06:
         b8:3a:a8:40:d8:37:56:93:bb:2d:9e:76:d8:f1:1b:38:1b:1c:
         15:ad:e5:ec
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUe9AjKmiIMGQ6+pTj9HXElh++ZrUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A3ZDk5YTk0YWEwY2MwNzE4NjFlMDM3MzYxYWQwZGNmYjQ1
OWE2MTgzNDQ1NTEzMjQxNGU4ZWI4NGQ1YzRiZjUzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDN2O84Mvs3OAhZnlMD3Erfx82OAfWLy3qhIHCWwgg55lgf
v0vGiHZuUm/2spRuEfqX0k0SmtfbxMT0tJzujMVPQBK71JFYdHCjRhPCCdS0Y6ll
XnxyDSiLfur+etpgELl3i358VohHPcEO1Bv4FwjL/zstuMEnFK7bNcBSzsPZ+PC7
h624MnZD3O4IGbH/G0FRFdDD2/yGLsE9NErHDOfv32riIgVTQ8kX840KxdvBk0yA
NaGrfONr3lSeYMPILuc+I0bTXfuRGlklsaCusf1gm6wiKTxnPLQeTbGZJwvJraed
rvI7jENhFJNoft/KmOi0HphTsN8A7vIhbEGsyrUpAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUbsWBy+IvG1mvBXHmdFwC3MAZnGQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U4MDNjNzg4LWUzYzUtNGUwZi1iNjBmLTQyY2U0MzAwNDBiMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjUqMwDQYJKoZIhvcNAQELBQADggEBAICSAdolsXHw1g8mEE+3YOfsEm0y
aKY3rpOMaWmqAOmeUVCbC0loL8wHFW95ygfYf1tB5L5tvbslLiWeGw2GrW99/Ugb
73TmekzqzAb6yKQ6dpt7MW3bn+tKwfLuP66ktX3yrIpmdlZ1OglW/aebpDTPmzqY
fJQGevQ64NMW7HIkjjuokT83BjrPTGpJZNCt5nr1xkH4zK4Qb37WIy0BfrR3oNlr
Vgfl2QEjdmHJJVbWsnsEjAxIz+PR9xhsQspTxiyqdYuSnj5uD78wVd0FggwK+c1+
BU9H1NZJ+v69A5BnoUe2TuZF/pw5Brg6qEDYN1aTuy2edtjxGzgbHBWt5ew=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:37:29 2024 by rpki-client on console-fra.rpki-client.org