Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f0dc6def-824b-44e4-953e-03bc03efa024.roa
File:                     f0dc6def-824b-44e4-953e-03bc03efa024.roa (raw, json)
Hash identifier:          WYiK0aygIagU+C+SRnjGhSQvPa95Sdnh9BwXA2TjSnA=
Subject key identifier:   67:60:47:04:FD:8A:B4:D0:E2:1E:AB:D3:53:FB:3C:60:48:64:6F:4A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2AEAC1662A3356C12CC3DD8F12FF789637403B1D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f0dc6def-824b-44e4-953e-03bc03efa024.roa
Signing time:             Mon 02 Dec 2024 00:00:00 +0000
ROA not before:           Mon 02 Dec 2024 00:00:00 +0000
ROA not after:            Mon 06 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        40.229.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 11 Dec 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2a:ea:c1:66:2a:33:56:c1:2c:c3:dd:8f:12:ff:78:96:37:40:3b:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec  2 00:00:00 2024 GMT
            Not After : Jan  6 23:59:59 2025 GMT
        Subject: serialNumber=8c2aa298a80332ed5eca3c355ff074bf53cd417deba99283c0be01947545cb95, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:0b:f8:8d:e6:1d:3d:e8:db:f2:99:19:cd:8a:
                    eb:d8:c4:d0:4f:b8:90:05:7f:e3:74:ac:3e:c8:e4:
                    71:92:3c:62:00:d5:49:19:b7:02:4c:87:99:3b:b5:
                    52:7b:c2:c6:a9:6c:cd:a2:74:a3:ae:a1:e2:13:81:
                    80:f3:06:3a:38:35:f1:80:f9:f7:4b:83:8f:10:8e:
                    e4:5a:93:d5:53:14:45:1c:5e:f6:cc:50:2e:2c:13:
                    97:43:a4:2b:df:5b:54:00:70:21:a6:36:42:22:ff:
                    ce:17:db:01:0a:9b:48:b5:a3:e7:0b:f6:dd:50:f9:
                    41:39:c2:c2:76:64:ec:59:f9:57:54:9d:db:72:1e:
                    7b:5f:4c:19:ec:d6:35:0f:c0:39:18:d1:f7:ef:43:
                    ca:18:79:92:a5:8e:2c:47:83:cf:ce:cb:e0:12:16:
                    6c:e2:ef:a5:aa:92:49:d1:26:1e:9e:bd:91:25:55:
                    a9:0b:61:51:0c:0f:c6:13:04:e5:16:96:c1:b8:a0:
                    80:60:ca:6d:6c:a1:c6:3a:86:87:32:e0:0f:06:54:
                    8e:27:59:44:d8:7d:de:18:d6:4a:78:85:b3:49:e0:
                    94:95:75:d5:51:36:c1:ab:6f:2e:0f:0e:04:b3:66:
                    38:5d:c8:50:93:17:22:4f:b0:a0:ab:32:27:ee:8f:
                    98:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:60:47:04:FD:8A:B4:D0:E2:1E:AB:D3:53:FB:3C:60:48:64:6F:4A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f0dc6def-824b-44e4-953e-03bc03efa024.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  40.229.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         d0:06:23:4b:0f:09:7e:9b:e4:6d:a1:f5:29:ec:32:c9:16:ec:
         1f:ca:da:ac:68:f7:87:14:73:13:a8:b5:ea:be:08:7d:7e:ae:
         3d:bf:ac:3c:50:e4:14:1a:bc:1d:96:1f:0d:a8:57:4c:dc:2e:
         9f:61:8c:33:4c:a0:84:5d:7b:d6:2a:59:ce:ff:b3:d6:97:e1:
         3b:8f:40:0b:a6:3f:cf:e4:af:0b:da:c7:fa:07:e4:b0:97:f1:
         1b:1c:48:7c:2e:5e:a7:fc:a4:56:3b:0d:bd:bb:9b:a1:d1:ea:
         b4:35:38:54:be:62:07:7e:f1:01:81:79:1c:c4:24:5f:05:e0:
         39:7c:a3:fd:e2:2a:5e:d2:49:9d:34:90:3d:03:65:4b:c4:59:
         4c:10:ed:18:86:ea:fc:e1:3f:21:d6:42:d5:39:21:f3:ea:5a:
         59:f1:f8:1d:ba:f5:dd:13:6a:90:cd:61:63:e5:05:11:00:3b:
         ce:e5:42:81:6e:6d:01:77:2a:38:0a:f9:b8:85:16:c6:97:bc:
         c1:52:93:a7:94:03:74:d4:f9:44:ea:e3:b2:42:30:45:06:19:
         a2:08:fd:01:b6:a3:a0:99:3e:64:27:53:51:ad:09:da:d9:5d:
         0b:0c:d7:39:1b:2c:d1:88:ee:6a:00:d6:6c:62:2b:e4:da:89:
         59:1f:4c:fc
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUKurBZiozVsEsw92PEv94ljdAOx0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAyMDAwMDAwWhcNMjUwMTA2MjM1OTU5
WjB6MUkwRwYDVQQFE0A4YzJhYTI5OGE4MDMzMmVkNWVjYTNjMzU1ZmYwNzRiZjUz
Y2Q0MTdkZWJhOTkyODNjMGJlMDE5NDc1NDVjYjk1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC9C/iN5h096NvymRnNiuvYxNBPuJAFf+N0rD7I5HGSPGIA
1UkZtwJMh5k7tVJ7wsapbM2idKOuoeITgYDzBjo4NfGA+fdLg48QjuRak9VTFEUc
XvbMUC4sE5dDpCvfW1QAcCGmNkIi/84X2wEKm0i1o+cL9t1Q+UE5wsJ2ZOxZ+VdU
ndtyHntfTBns1jUPwDkY0ffvQ8oYeZKljixHg8/Oy+ASFmzi76WqkknRJh6evZEl
VakLYVEMD8YTBOUWlsG4oIBgym1socY6hocy4A8GVI4nWUTYfd4Y1kp4hbNJ4JSV
ddVRNsGrby4PDgSzZjhdyFCTFyJPsKCrMifuj5j/AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUZ2BHBP2KtNDiHqvTU/s8YEhkb0owHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2YwZGM2ZGVmLTgyNGItNDRlNC05NTNlLTAzYmMwM2VmYTAyNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAo5TANBgkqhkiG9w0BAQsFAAOCAQEA0AYjSw8JfpvkbaH1KewyyRbsH8ra
rGj3hxRzE6i16r4IfX6uPb+sPFDkFBq8HZYfDahXTNwun2GMM0yghF171ipZzv+z
1pfhO49AC6Y/z+SvC9rH+gfksJfxGxxIfC5ep/ykVjsNvbubodHqtDU4VL5iB37x
AYF5HMQkXwXgOXyj/eIqXtJJnTSQPQNlS8RZTBDtGIbq/OE/IdZC1Tkh8+paWfH4
Hbr13RNqkM1hY+UFEQA7zuVCgW5tAXcqOAr5uIUWxpe8wVKTp5QDdNT5ROrjskIw
RQYZogj9AbajoJk+ZCdTUa0J2tldCwzXORss0YjuagDWbGIr5NqJWR9M/A==
-----END CERTIFICATE-----
Generated at Tue Dec 10 06:56:44 2024 by rpki-client on console-fra.rpki-client.org