Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ec82d39f-e496-445b-b47e-f9450ba4b273.roa
File:                     ec82d39f-e496-445b-b47e-f9450ba4b273.roa (raw, json)
Hash identifier:          R6JzbTz2AxQ8LxSkCkfxbfxNLhdhqauUd3bryiVbbXo=
Subject key identifier:   27:9D:50:15:AC:D7:6E:C7:7D:56:71:A6:D1:DB:AA:27:E7:F0:34:DF
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       037BBC3E0DEC455BB06D1048D344F7D8B5E4E604
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ec82d39f-e496-445b-b47e-f9450ba4b273.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        56.93.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:7b:bc:3e:0d:ec:45:5b:b0:6d:10:48:d3:44:f7:d8:b5:e4:e6:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=453da7f4286452fed40f9a2620dd7dc7b24d8c86fd689fc6f6b8ced88c4b688a, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:62:29:79:26:ce:b9:1c:b7:80:51:ab:1e:d8:
                    4a:3e:23:7a:8c:66:80:fd:f9:15:a0:ab:9e:0b:6c:
                    96:5d:37:f8:a5:f9:e7:38:53:06:e0:34:8e:b6:0c:
                    dd:f0:79:9f:c9:b1:33:5d:95:72:e4:4b:47:6b:10:
                    6e:59:28:77:de:1e:3e:48:7f:59:a0:6d:7b:61:d0:
                    dc:b2:f9:34:7a:ce:2c:fc:85:4b:82:a5:78:00:01:
                    26:56:5d:57:42:2e:82:ab:01:63:65:59:bc:37:ad:
                    40:d6:08:bd:b1:a8:8e:a8:5e:e2:8d:88:74:c6:d1:
                    06:0a:3c:a5:c1:27:3b:a8:23:4b:1f:16:9a:de:99:
                    e8:4d:f6:d0:b2:63:63:bc:3b:b0:ec:a0:01:64:78:
                    d0:ff:4e:ef:50:7c:7f:6c:bf:82:9e:ae:e2:6c:f6:
                    57:68:f2:21:aa:32:af:03:05:63:83:7c:18:a0:01:
                    91:42:4e:ca:d9:d6:2f:88:76:22:da:c5:b9:05:85:
                    04:14:25:64:c6:aa:f8:1c:dd:2f:f2:e9:54:2f:51:
                    65:f9:26:83:cd:59:ea:90:d6:e4:a0:2b:cd:f7:10:
                    29:fe:f1:bc:ea:6f:be:3f:42:51:af:1c:09:51:9c:
                    94:25:a5:45:8b:aa:68:97:cb:65:da:e6:df:2c:db:
                    f4:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:9D:50:15:AC:D7:6E:C7:7D:56:71:A6:D1:DB:AA:27:E7:F0:34:DF
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ec82d39f-e496-445b-b47e-f9450ba4b273.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.93.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         11:cd:87:29:7f:09:7b:20:db:b0:6d:1f:1c:ca:81:66:0c:a9:
         77:83:ce:31:5e:2e:a2:43:e5:72:3c:45:53:0b:f5:8b:df:87:
         04:21:0b:8a:f4:7f:40:8b:e3:02:e8:81:2c:3b:b0:cd:07:0a:
         a7:aa:db:0c:2d:e7:a9:7f:14:e4:09:a0:84:f3:62:9e:ff:50:
         03:da:01:1d:53:9d:0f:fa:a1:51:1c:63:70:e5:5f:82:3d:b8:
         80:bb:eb:b6:db:b8:48:bc:c0:2b:a2:24:7c:2b:d9:50:79:8d:
         85:98:3a:54:bf:a7:0a:81:10:d0:d7:3c:70:9d:99:1d:24:f7:
         56:00:52:f1:bd:8a:49:c7:6d:26:21:0b:17:5b:25:d7:c1:15:
         73:01:57:cd:41:59:16:af:8d:6b:c3:ce:02:02:bf:c5:9c:a1:
         a3:a2:f6:48:e6:77:3f:f5:e8:8a:a7:e5:52:b5:cf:43:4d:fb:
         51:5e:ea:07:bb:2d:c1:74:12:f7:af:f4:b8:4e:fd:33:f9:9b:
         b7:e5:05:5d:a3:0e:2f:ec:f5:e0:f7:d4:2f:ba:16:bc:72:e2:
         b3:5d:ea:32:ec:c4:ac:db:86:67:07:68:40:32:c0:6f:e1:c1:
         de:3a:6c:95:09:35:44:fa:c7:a7:72:a1:3e:e8:aa:71:70:be:
         7c:1f:c0:4e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUA3u8Pg3sRVuwbRBI00T32LXk5gQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A0NTNkYTdmNDI4NjQ1MmZlZDQwZjlhMjYyMGRkN2RjN2Iy
NGQ4Yzg2ZmQ2ODlmYzZmNmI4Y2VkODhjNGI2ODhhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCeYil5Js65HLeAUase2Eo+I3qMZoD9+RWgq54LbJZdN/il
+ec4UwbgNI62DN3weZ/JsTNdlXLkS0drEG5ZKHfeHj5If1mgbXth0Nyy+TR6ziz8
hUuCpXgAASZWXVdCLoKrAWNlWbw3rUDWCL2xqI6oXuKNiHTG0QYKPKXBJzuoI0sf
FpremehN9tCyY2O8O7DsoAFkeND/Tu9QfH9sv4KeruJs9ldo8iGqMq8DBWODfBig
AZFCTsrZ1i+IdiLaxbkFhQQUJWTGqvgc3S/y6VQvUWX5JoPNWeqQ1uSgK833ECn+
8bzqb74/QlGvHAlRnJQlpUWLqmiXy2Xa5t8s2/SBAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUJ51QFazXbsd9VnGm0duqJ+fwNN8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2VjODJkMzlmLWU0OTYtNDQ1Yi1iNDdlLWY5NDUwYmE0YjI3My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4XTANBgkqhkiG9w0BAQsFAAOCAQEAEc2HKX8JeyDbsG0fHMqBZgypd4PO
MV4uokPlcjxFUwv1i9+HBCELivR/QIvjAuiBLDuwzQcKp6rbDC3nqX8U5AmghPNi
nv9QA9oBHVOdD/qhURxjcOVfgj24gLvrttu4SLzAK6IkfCvZUHmNhZg6VL+nCoEQ
0Nc8cJ2ZHST3VgBS8b2KScdtJiELF1sl18EVcwFXzUFZFq+Na8POAgK/xZyho6L2
SOZ3P/XoiqflUrXPQ037UV7qB7stwXQS96/0uE79M/mbt+UFXaMOL+z14PfUL7oW
vHLis13qMuzErNuGZwdoQDLAb+HB3jpslQk1RPrHp3KhPuiqcXC+fB/ATg==
-----END CERTIFICATE-----
Generated at Thu Mar 28 01:00:34 2024 by rpki-client on console-fra.rpki-client.org