Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/edb45c4e-a0b6-471b-a016-e9b2a212afe3.roa
File:                     edb45c4e-a0b6-471b-a016-e9b2a212afe3.roa (raw, json)
Hash identifier:          yB7lC6cV2fBahAxBnwJcHOF+00iLklhCDGt5y8GOPnQ=
Subject key identifier:   C3:4F:34:59:45:60:AA:41:93:70:B9:C1:D2:0E:F0:85:7F:10:C5:AE
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7A95F3FA2757F17B55CC68C5DB83428B9163660E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/edb45c4e-a0b6-471b-a016-e9b2a212afe3.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        99.82.175.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:95:f3:fa:27:57:f1:7b:55:cc:68:c5:db:83:42:8b:91:63:66:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=178863cd5398f19ff66b2149011a9737e29e19aa0c84fe25880b5d565d0bac1f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:aa:5d:a0:f4:6e:3d:36:83:8e:f5:f9:6b:34:
                    f4:e4:e4:9f:34:96:11:39:e9:9d:da:36:e6:e2:b5:
                    ff:42:17:d0:33:80:1c:86:01:ee:47:d1:aa:78:75:
                    5f:20:f8:ce:95:f5:ba:c4:97:cb:a5:36:b9:5d:cb:
                    81:98:5e:5d:0a:95:a9:7e:fb:05:71:3b:49:ea:87:
                    2e:dc:14:f8:70:8a:4b:27:0e:ea:f9:19:4d:9f:37:
                    b3:cc:d7:da:03:3a:a0:09:6b:51:db:43:fe:c3:e1:
                    82:c8:a2:1d:1c:65:ca:17:a7:b4:18:40:e6:97:b2:
                    b4:0e:ba:89:6c:f2:63:8f:79:e4:f9:ae:47:d8:db:
                    6d:81:b8:c8:64:d5:45:28:4b:c7:cc:fd:24:81:97:
                    15:d5:b6:b7:98:da:0e:3c:58:db:0f:23:10:9d:90:
                    b4:ab:36:2c:4a:e8:5d:cb:c2:a1:25:88:09:41:8c:
                    28:eb:f9:ee:5c:0b:fe:36:6d:a9:88:e9:69:a1:d7:
                    b7:b5:1a:14:51:05:bc:b2:b6:3a:41:b5:c5:e2:58:
                    89:ea:7c:c9:7d:79:bd:28:7a:23:ae:3f:9f:06:f7:
                    ef:80:ec:0c:6e:86:ac:42:44:e8:57:ad:65:13:00:
                    07:77:74:f9:9b:1e:d9:05:50:3d:b2:e0:b8:18:a4:
                    0e:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:4F:34:59:45:60:AA:41:93:70:B9:C1:D2:0E:F0:85:7F:10:C5:AE
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/edb45c4e-a0b6-471b-a016-e9b2a212afe3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.82.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:19:1d:5f:16:f4:cb:07:0f:e1:2b:f4:56:60:09:ae:e0:95:
         dd:f0:8d:df:ca:00:09:aa:e3:36:a3:a8:d8:dd:15:22:a8:bd:
         c5:96:b3:a7:6a:9e:ca:b7:84:b2:14:b8:ed:01:00:45:41:a7:
         58:ed:5f:52:db:db:a7:46:fb:2c:df:7b:36:1e:df:3a:9a:10:
         c7:c6:35:40:21:55:f0:ee:3c:21:c1:39:d0:0f:b0:7f:34:19:
         0d:ba:13:30:f7:df:4e:f2:5d:53:e9:72:f6:b3:49:47:2a:7a:
         32:84:03:ba:ef:4e:8c:be:a2:23:1b:e8:32:e0:93:0c:c4:2e:
         9d:6d:c8:54:1b:e4:a1:40:28:83:80:73:09:a0:0d:15:0c:ee:
         2a:d8:1f:b1:9b:97:51:f1:ff:97:21:c6:3d:37:76:ea:7a:6a:
         bb:58:c7:0b:ee:0b:b7:1d:df:c0:48:7b:c2:cc:a3:2d:04:5e:
         a8:34:9f:24:83:6b:15:e7:22:c5:cc:ce:15:2d:97:d7:9a:00:
         f8:19:34:22:03:79:24:1b:60:13:ba:9c:55:0f:8b:35:2c:70:
         ae:a0:42:c4:01:73:6c:cb:dd:9b:c7:09:db:e8:1a:9c:d5:d5:
         2f:60:19:d3:24:77:c9:76:0d:73:56:de:a9:3f:0b:ca:3c:fe:
         9b:b7:cd:fd
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUepXz+idX8XtVzGjF24NCi5FjZg4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0AxNzg4NjNjZDUzOThmMTlmZjY2YjIxNDkwMTFhOTczN2Uy
OWUxOWFhMGM4NGZlMjU4ODBiNWQ1NjVkMGJhYzFmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDrql2g9G49NoOO9flrNPTk5J80lhE56Z3aNubitf9CF9Az
gByGAe5H0ap4dV8g+M6V9brEl8ulNrldy4GYXl0Klal++wVxO0nqhy7cFPhwiksn
Dur5GU2fN7PM19oDOqAJa1HbQ/7D4YLIoh0cZcoXp7QYQOaXsrQOuols8mOPeeT5
rkfY222BuMhk1UUoS8fM/SSBlxXVtreY2g48WNsPIxCdkLSrNixK6F3LwqEliAlB
jCjr+e5cC/42bamI6Wmh17e1GhRRBbyytjpBtcXiWInqfMl9eb0oeiOuP58G9++A
7AxuhqxCROhXrWUTAAd3dPmbHtkFUD2y4LgYpA5/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUw080WUVgqkGTcLnB0g7whX8Qxa4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2VkYjQ1YzRlLWEwYjYtNDcxYi1hMDE2LWU5YjJhMjEyYWZlMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjUq8wDQYJKoZIhvcNAQELBQADggEBABEZHV8W9MsHD+Er9FZgCa7gld3w
jd/KAAmq4zajqNjdFSKovcWWs6dqnsq3hLIUuO0BAEVBp1jtX1Lb26dG+yzfezYe
3zqaEMfGNUAhVfDuPCHBOdAPsH80GQ26EzD3307yXVPpcvazSUcqejKEA7rvToy+
oiMb6DLgkwzELp1tyFQb5KFAKIOAcwmgDRUM7irYH7Gbl1Hx/5chxj03dup6artY
xwvuC7cd38BIe8LMoy0EXqg0nySDaxXnIsXMzhUtl9eaAPgZNCIDeSQbYBO6nFUP
izUscK6gQsQBc2zL3ZvHCdvoGpzV1S9gGdMkd8l2DXNW3qk/C8o8/pu3zf0=
-----END CERTIFICATE-----
Generated at Thu Mar 28 01:00:34 2024 by rpki-client on console-fra.rpki-client.org