Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f80d56bb-0a1b-4165-8232-5fbfdfebfb12.roa
File:                     f80d56bb-0a1b-4165-8232-5fbfdfebfb12.roa (raw, json)
Hash identifier:          5KHb/kF0z8nsXDkl87Tl9wbQSJ9a6E5gNshPT4/D9iI=
Subject key identifier:   E9:D5:F8:52:7A:9C:94:BE:02:4B:9A:4A:87:76:F8:79:4A:ED:26:51
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       41F66BCAA449E33D9D232A34EE7683D7DA6BC532
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f80d56bb-0a1b-4165-8232-5fbfdfebfb12.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        99.151.128.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:f6:6b:ca:a4:49:e3:3d:9d:23:2a:34:ee:76:83:d7:da:6b:c5:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=e2a8c3eb80c3121e2f7481429ce4accb3e0d5301921f273dc358ca1f1d5710b4, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:5c:cb:9f:0e:6d:fe:9b:c2:2e:91:99:65:b8:
                    92:b3:84:98:fc:f9:1a:ef:e3:25:91:5d:15:de:4d:
                    5f:36:b0:08:41:52:39:b7:b4:7e:77:24:5d:98:66:
                    0d:2f:02:5f:ac:94:64:3a:00:a8:60:22:63:06:12:
                    b4:23:5f:00:8c:a8:e4:0b:78:e0:bc:aa:10:af:19:
                    1f:e3:66:c9:69:d1:76:c8:66:95:38:26:02:e7:ab:
                    7c:5f:2c:e5:4f:ad:87:89:17:c3:e8:55:75:61:07:
                    cb:56:e0:a6:d8:b7:6b:23:ad:21:d3:4a:34:4e:62:
                    8e:4a:ed:65:e0:62:f3:30:a8:47:50:43:21:aa:ec:
                    3f:5b:f3:29:50:29:3c:06:88:51:75:b0:6c:85:f9:
                    7e:d2:87:99:5a:f7:5b:88:9c:b5:15:12:89:47:19:
                    ee:e6:56:66:af:65:b1:46:d1:aa:d8:3a:33:89:b5:
                    12:38:98:00:7a:96:ce:5f:80:a1:96:23:e1:dd:41:
                    24:6e:08:94:72:ae:bd:88:14:ca:77:26:b3:47:2f:
                    0b:ee:4e:b4:8a:10:18:36:07:b6:0e:b7:87:5f:6d:
                    61:7e:cc:af:0a:44:97:66:83:e4:c6:ad:c4:0e:e6:
                    06:38:61:0a:af:0c:e2:54:7a:d3:da:65:f7:51:e5:
                    c1:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:D5:F8:52:7A:9C:94:BE:02:4B:9A:4A:87:76:F8:79:4A:ED:26:51
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f80d56bb-0a1b-4165-8232-5fbfdfebfb12.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.151.128.0/21

    Signature Algorithm: sha256WithRSAEncryption
         89:86:fb:b2:6b:f2:06:c4:98:35:d9:42:04:a9:77:b6:63:69:
         41:7d:67:06:0e:fd:29:60:81:0b:fd:42:d4:8b:96:e7:05:71:
         3c:65:bc:4f:c4:92:57:33:54:e7:3e:93:32:d2:d2:a0:99:b3:
         6a:db:ea:95:17:78:fe:37:c1:b9:3e:c9:40:ed:0a:d6:07:44:
         6a:72:68:af:76:d9:33:45:1f:89:e9:48:b3:ed:cb:4a:ad:55:
         74:85:61:ab:7e:9d:7f:03:2d:e0:34:88:f8:65:cf:39:8c:0c:
         01:4a:c8:3f:31:d5:37:1f:d4:b1:52:75:ad:a9:9e:8b:24:e2:
         ad:42:01:44:3f:18:7c:80:86:f2:78:c5:3b:08:97:c3:49:f3:
         ce:b7:26:4c:d7:02:e3:f9:9d:0e:2c:ed:88:0a:7a:ae:7a:ce:
         b8:6e:86:c8:eb:41:99:3f:96:6d:e2:67:9c:74:4c:6f:58:5e:
         14:52:21:2f:99:31:c0:dd:97:8e:d5:24:34:61:38:10:f8:6a:
         74:c4:ed:73:fb:c3:f7:31:59:21:92:f2:ee:4d:d0:69:57:ab:
         46:d6:7b:c6:1d:d8:28:6f:6f:9c:a6:a3:97:0e:74:27:bc:38:
         9d:27:a7:c1:f3:00:c8:cd:ad:7b:19:46:36:a2:fc:cb:47:a9:
         d9:ac:56:80
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQfZryqRJ4z2dIyo07naD19prxTIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BlMmE4YzNlYjgwYzMxMjFlMmY3NDgxNDI5Y2U0YWNjYjNl
MGQ1MzAxOTIxZjI3M2RjMzU4Y2ExZjFkNTcxMGI0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDIXMufDm3+m8IukZlluJKzhJj8+Rrv4yWRXRXeTV82sAhB
Ujm3tH53JF2YZg0vAl+slGQ6AKhgImMGErQjXwCMqOQLeOC8qhCvGR/jZslp0XbI
ZpU4JgLnq3xfLOVPrYeJF8PoVXVhB8tW4KbYt2sjrSHTSjROYo5K7WXgYvMwqEdQ
QyGq7D9b8ylQKTwGiFF1sGyF+X7Sh5la91uInLUVEolHGe7mVmavZbFG0arYOjOJ
tRI4mAB6ls5fgKGWI+HdQSRuCJRyrr2IFMp3JrNHLwvuTrSKEBg2B7YOt4dfbWF+
zK8KRJdmg+TGrcQO5gY4YQqvDOJUetPaZfdR5cHvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU6dX4UnqclL4CS5pKh3b4eUrtJlEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Y4MGQ1NmJiLTBhMWItNDE2NS04MjMyLTVmYmZkZmViZmIxMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANjl4AwDQYJKoZIhvcNAQELBQADggEBAImG+7Jr8gbEmDXZQgSpd7ZjaUF9
ZwYO/SlggQv9QtSLlucFcTxlvE/EklczVOc+kzLS0qCZs2rb6pUXeP43wbk+yUDt
CtYHRGpyaK922TNFH4npSLPty0qtVXSFYat+nX8DLeA0iPhlzzmMDAFKyD8x1Tcf
1LFSda2pnosk4q1CAUQ/GHyAhvJ4xTsIl8NJ8863JkzXAuP5nQ4s7YgKeq56zrhu
hsjrQZk/lm3iZ5x0TG9YXhRSIS+ZMcDdl47VJDRhOBD4anTE7XP7w/cxWSGS8u5N
0GlXq0bWe8Yd2Chvb5ymo5cOdCe8OJ0np8HzAMjNrXsZRjai/MtHqdmsVoA=
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:05:57 2024 by rpki-client on console-ams.rpki-client.org