Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ebb72c28-6b68-446d-a885-7b9d4c0a2ec4.roa
File:                     ebb72c28-6b68-446d-a885-7b9d4c0a2ec4.roa (raw, json)
Hash identifier:          z/ZgbFoVU4A4YgRN/PSs9zpS97aC8i0mqiLrKlPmDlo=
Subject key identifier:   AB:EE:38:78:6E:21:20:10:C9:68:BB:EB:99:73:92:C7:F8:E6:FE:12
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       765E807C13985E048C2E7D1A80409F4BCF1F3FE7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ebb72c28-6b68-446d-a885-7b9d4c0a2ec4.roa
Signing time:             Mon 02 Dec 2024 00:00:00 +0000
ROA not before:           Mon 02 Dec 2024 00:00:00 +0000
ROA not after:            Mon 06 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        76.223.130.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 13 Dec 2024 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:5e:80:7c:13:98:5e:04:8c:2e:7d:1a:80:40:9f:4b:cf:1f:3f:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec  2 00:00:00 2024 GMT
            Not After : Jan  6 23:59:59 2025 GMT
        Subject: serialNumber=d014dc611fbd5918353cf84b60fdb5918e5b105aaf0273817f80f3389e090f79, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:72:58:d2:10:6d:dc:fa:f1:f1:c2:d2:14:c5:
                    be:3e:a8:65:3a:28:33:67:e4:59:ce:8a:25:37:63:
                    4a:63:c9:be:9e:af:e5:5c:33:a8:3c:66:5e:71:14:
                    11:a3:ba:80:f7:b4:53:35:9f:7d:4d:67:23:ea:21:
                    4b:fb:19:0b:87:cd:66:02:5b:82:8b:5f:d1:97:c6:
                    35:46:89:38:8f:e4:ef:42:54:e3:11:d9:7e:64:53:
                    ab:2e:c6:51:94:a4:98:f7:6f:18:a4:ea:cb:e9:ec:
                    c7:f8:7e:3a:d7:a8:8d:b3:c3:1d:48:57:f9:f5:e5:
                    b5:50:1f:1c:c1:7a:9a:dc:07:d3:ff:27:c4:a3:b4:
                    94:e6:6c:06:c3:64:aa:8c:7d:25:40:02:8f:bf:be:
                    75:be:43:82:1d:ce:c5:78:78:a4:d8:50:d2:01:6c:
                    bb:a4:59:e8:f5:c9:74:e7:b6:61:79:cf:f4:0f:d8:
                    94:d4:26:97:e0:87:d2:2b:56:cf:de:37:ba:0b:2c:
                    36:40:7b:62:c6:3b:b7:5a:a4:47:df:81:6c:e9:f2:
                    2c:06:68:bb:c7:76:cc:93:8a:1e:46:a8:90:3e:fc:
                    58:86:eb:b9:77:78:07:38:eb:cb:ae:7c:e9:13:91:
                    e9:3e:6e:8a:39:9d:33:e0:60:28:ff:45:bf:da:8c:
                    ea:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:EE:38:78:6E:21:20:10:C9:68:BB:EB:99:73:92:C7:F8:E6:FE:12
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ebb72c28-6b68-446d-a885-7b9d4c0a2ec4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  76.223.130.0/23

    Signature Algorithm: sha256WithRSAEncryption
         64:2d:79:26:0e:20:31:e9:f6:11:ff:f5:1a:3a:5e:de:44:12:
         30:46:a9:ab:30:2c:28:71:b6:f1:a2:e4:b0:5d:85:24:f5:18:
         a0:b5:d9:13:a8:07:a2:72:65:34:f1:76:c3:ca:26:8d:e7:54:
         0f:3c:77:31:97:3a:b3:29:25:67:12:52:e7:75:a2:79:e4:7c:
         b9:d3:3a:34:e0:3d:08:e1:4b:a5:c0:c6:6f:4c:66:c6:27:64:
         07:90:63:bf:b8:9f:f9:b9:cd:cb:1f:d5:09:18:61:c5:fb:78:
         47:8a:5e:09:49:05:80:b8:3a:e3:c8:80:dc:dd:13:f6:5d:41:
         b6:cc:9b:76:fd:98:56:3d:71:de:6b:66:26:be:1d:6b:f1:21:
         87:38:c3:e9:74:69:09:f2:4e:71:ab:35:b4:21:b4:c2:eb:91:
         25:cd:0d:5e:d3:67:60:8b:0c:ee:01:4b:69:7c:3d:61:b8:c6:
         f3:93:eb:96:9b:c5:9b:2f:d4:0b:1f:c9:e5:18:0f:d1:89:62:
         46:b0:25:62:20:1a:dc:ca:b5:99:17:15:93:20:31:f6:99:de:
         35:58:5a:53:17:27:0d:3b:27:58:ef:ee:8d:72:2e:07:03:a3:
         4d:14:4b:d7:0c:8f:16:15:d2:41:3f:28:5b:e3:ac:ff:83:ca:
         eb:9c:7a:e9
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdl6AfBOYXgSMLn0agECfS88fP+cwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAyMDAwMDAwWhcNMjUwMTA2MjM1OTU5
WjB6MUkwRwYDVQQFE0BkMDE0ZGM2MTFmYmQ1OTE4MzUzY2Y4NGI2MGZkYjU5MThl
NWIxMDVhYWYwMjczODE3ZjgwZjMzODllMDkwZjc5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDKcljSEG3c+vHxwtIUxb4+qGU6KDNn5FnOiiU3Y0pjyb6e
r+VcM6g8Zl5xFBGjuoD3tFM1n31NZyPqIUv7GQuHzWYCW4KLX9GXxjVGiTiP5O9C
VOMR2X5kU6suxlGUpJj3bxik6svp7Mf4fjrXqI2zwx1IV/n15bVQHxzBeprcB9P/
J8SjtJTmbAbDZKqMfSVAAo+/vnW+Q4IdzsV4eKTYUNIBbLukWej1yXTntmF5z/QP
2JTUJpfgh9IrVs/eN7oLLDZAe2LGO7dapEffgWzp8iwGaLvHdsyTih5GqJA+/FiG
67l3eAc468uufOkTkek+boo5nTPgYCj/Rb/ajOpJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUq+44eG4hIBDJaLvrmXOSx/jm/hIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ViYjcyYzI4LTZiNjgtNDQ2ZC1hODg1LTdiOWQ0YzBhMmVjNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFM34IwDQYJKoZIhvcNAQELBQADggEBAGQteSYOIDHp9hH/9Ro6Xt5EEjBG
qaswLChxtvGi5LBdhST1GKC12ROoB6JyZTTxdsPKJo3nVA88dzGXOrMpJWcSUud1
onnkfLnTOjTgPQjhS6XAxm9MZsYnZAeQY7+4n/m5zcsf1QkYYcX7eEeKXglJBYC4
OuPIgNzdE/ZdQbbMm3b9mFY9cd5rZia+HWvxIYc4w+l0aQnyTnGrNbQhtMLrkSXN
DV7TZ2CLDO4BS2l8PWG4xvOT65abxZsv1AsfyeUYD9GJYkawJWIgGtzKtZkXFZMg
MfaZ3jVYWlMXJw07J1jv7o1yLgcDo00US9cMjxYV0kE/KFvjrP+Dyuuceuk=
-----END CERTIFICATE-----
Generated at Wed Dec 11 22:44:14 2024 by rpki-client on console-ams.rpki-client.org