Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f27b8e34-cd21-4d24-8eaa-49a01e2fa77c.roa
File:                     f27b8e34-cd21-4d24-8eaa-49a01e2fa77c.roa (raw, json)
Hash identifier:          VkwCu1HOumcZ1w7yl0WC+XESJlC1AcRCDRb/gwGAahw=
Subject key identifier:   58:66:77:A5:79:80:B8:5C:4E:64:2F:38:93:EF:42:7D:C1:81:24:19
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2CAA1526CAFACD884CF95F0BA60C1A080AB14DEC
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f27b8e34-cd21-4d24-8eaa-49a01e2fa77c.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        64.252.114.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:aa:15:26:ca:fa:cd:88:4c:f9:5f:0b:a6:0c:1a:08:0a:b1:4d:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=03478f51b43e05efb98ef1a887ea00fbb4361eccae6cd3bdfff57d84c8b8ba9c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:f2:81:d9:97:84:03:41:41:75:bb:a3:14:6e:
                    8a:07:1a:e6:47:c4:61:7a:0b:91:fd:9f:90:dd:d3:
                    5b:0d:88:fb:ed:e3:90:be:4d:1d:52:8c:29:03:40:
                    d7:88:8c:1f:63:1e:6e:2c:56:d1:7f:34:13:66:77:
                    4c:40:9e:f8:c7:79:50:1a:83:3f:3f:fe:d9:5c:74:
                    f4:52:bf:af:71:5c:b9:60:5c:5a:5f:ae:9c:a2:06:
                    be:e3:75:77:08:39:94:57:7a:e2:e7:a2:64:d8:81:
                    20:d6:c5:77:c5:19:08:d6:a4:a4:1e:e4:72:de:96:
                    65:89:a5:8a:9d:4f:02:7e:15:d4:29:47:8a:e0:fd:
                    d3:24:ad:a7:e8:92:59:ce:e3:db:96:e5:2d:e9:d6:
                    14:00:c9:d3:23:04:fd:16:9e:fe:79:f4:2d:1a:c2:
                    62:55:80:9d:94:f5:b3:1a:26:19:c7:13:15:d0:89:
                    dc:80:e8:3b:4c:32:38:c1:37:d8:23:35:a0:84:11:
                    c5:62:e5:2b:47:bf:66:7c:7c:de:64:64:9c:16:c6:
                    08:6d:1a:6d:e5:70:ef:06:c4:56:4e:7d:2d:0a:e4:
                    ff:da:27:c6:91:84:e4:f6:ec:a5:4a:82:fc:57:8b:
                    5d:51:12:8b:ab:f7:cd:97:a2:fc:f3:32:62:ff:e5:
                    6a:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:66:77:A5:79:80:B8:5C:4E:64:2F:38:93:EF:42:7D:C1:81:24:19
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f27b8e34-cd21-4d24-8eaa-49a01e2fa77c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.252.114.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ac:74:07:4f:c7:44:d7:19:97:32:fa:ab:00:1f:91:da:ad:8f:
         0b:29:2b:74:44:fd:8a:0e:7f:a1:72:77:5b:2e:98:c7:69:e2:
         2a:16:3f:2c:aa:15:da:89:82:5f:da:db:9c:1a:20:fd:89:78:
         bd:4f:af:7b:bc:df:a1:4f:dc:10:2a:ee:50:b6:8a:6b:b0:06:
         e2:89:3e:79:db:96:bd:dd:67:ce:bd:0e:32:f4:cc:78:54:a7:
         b0:dd:fe:20:66:71:70:d3:e2:aa:1e:ca:ad:26:13:25:07:dd:
         ea:26:39:3a:03:75:55:6e:19:3d:e1:b2:ba:5b:11:51:0c:b8:
         4a:1d:32:7a:f6:6e:8b:9d:fb:05:e7:c2:0f:a2:34:ee:57:8a:
         b3:48:79:f7:9c:da:91:a8:be:f3:5e:ef:aa:d4:90:75:64:01:
         4f:f0:1e:20:ae:67:cf:bd:0c:88:9a:46:43:7d:65:9b:b5:10:
         a9:37:8a:b3:f2:2d:fd:03:c6:c4:25:71:31:7b:ee:50:40:96:
         61:bc:e7:d4:54:0d:b1:3a:c9:10:c1:f6:87:7c:5e:55:b3:c1:
         94:1d:de:76:a8:32:32:9c:c6:91:f2:88:9a:62:5a:e7:d9:ad:
         c8:b1:9d:5a:67:01:25:86:b9:40:38:4c:26:7f:fe:d3:43:9d:
         fb:0d:fc:37
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULKoVJsr6zYhM+V8LpgwaCAqxTewwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0AwMzQ3OGY1MWI0M2UwNWVmYjk4ZWYxYTg4N2VhMDBmYmI0
MzYxZWNjYWU2Y2QzYmRmZmY1N2Q4NGM4YjhiYTljMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCy8oHZl4QDQUF1u6MUbooHGuZHxGF6C5H9n5Dd01sNiPvt
45C+TR1SjCkDQNeIjB9jHm4sVtF/NBNmd0xAnvjHeVAagz8//tlcdPRSv69xXLlg
XFpfrpyiBr7jdXcIOZRXeuLnomTYgSDWxXfFGQjWpKQe5HLelmWJpYqdTwJ+FdQp
R4rg/dMkrafoklnO49uW5S3p1hQAydMjBP0Wnv559C0awmJVgJ2U9bMaJhnHExXQ
idyA6DtMMjjBN9gjNaCEEcVi5StHv2Z8fN5kZJwWxghtGm3lcO8GxFZOfS0K5P/a
J8aRhOT27KVKgvxXi11REour982XovzzMmL/5WpnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUWGZ3pXmAuFxOZC84k+9CfcGBJBkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2YyN2I4ZTM0LWNkMjEtNGQyNC04ZWFhLTQ5YTAxZTJmYTc3Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABA/HIwDQYJKoZIhvcNAQELBQADggEBAKx0B0/HRNcZlzL6qwAfkdqtjwsp
K3RE/YoOf6Fyd1sumMdp4ioWPyyqFdqJgl/a25waIP2JeL1Pr3u836FP3BAq7lC2
imuwBuKJPnnblr3dZ869DjL0zHhUp7Dd/iBmcXDT4qoeyq0mEyUH3eomOToDdVVu
GT3hsrpbEVEMuEodMnr2boud+wXnwg+iNO5XirNIefec2pGovvNe76rUkHVkAU/w
HiCuZ8+9DIiaRkN9ZZu1EKk3irPyLf0DxsQlcTF77lBAlmG859RUDbE6yRDB9od8
XlWzwZQd3naoMjKcxpHyiJpiWufZrcixnVpnASWGuUA4TCZ//tNDnfsN/Dc=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:37:32 2024 by rpki-client on console-fra.rpki-client.org