Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/309213e8-3e04-41b5-88c4-b9d8053b7fbe.roa
File:                     309213e8-3e04-41b5-88c4-b9d8053b7fbe.roa (raw, json)
Hash identifier:          kP7EbmX9FZRPfEByLrA69V9DCHfouaIw7vOt6/QjaW8=
Subject key identifier:   8C:42:09:02:8E:E2:D8:24:C6:76:BB:67:1F:E5:5A:24:C3:62:EC:39
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       4F78772CC2966EC506DBD94EE9967805135F10C7
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/309213e8-3e04-41b5-88c4-b9d8053b7fbe.roa
Signing time:             Wed 27 Mar 2024 00:00:00 +0000
ROA not before:           Wed 27 Mar 2024 00:00:00 +0000
ROA not after:            Wed 01 May 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        72.21.192.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:78:77:2c:c2:96:6e:c5:06:db:d9:4e:e9:96:78:05:13:5f:10:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Mar 27 00:00:00 2024 GMT
            Not After : May  1 23:59:59 2024 GMT
        Subject: serialNumber=1ceb63cb15d46a989b9461270879b89e2ee47cad654cdc9f4247672fe528f0ae, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:17:c8:ef:d0:89:62:2f:3a:c8:af:66:b0:aa:
                    f5:97:07:84:9f:e2:85:dc:62:b0:aa:f0:ff:7f:ce:
                    e2:1d:4b:e4:18:22:30:b0:24:c5:43:60:0d:ce:18:
                    1e:47:70:29:d5:47:a3:56:9b:4a:de:e4:10:02:93:
                    53:02:b9:cb:45:13:92:6c:ea:5d:6d:2d:86:1f:de:
                    d5:fa:ad:9f:9f:97:8a:31:af:9d:73:3c:b5:09:99:
                    2a:9a:53:75:47:5f:29:2e:d8:1a:67:83:d9:f4:f4:
                    f0:62:c3:72:5a:ca:ed:d6:9a:ea:bd:ad:a1:b2:52:
                    61:64:33:86:f7:ea:9c:1f:29:72:bc:02:09:74:ba:
                    9e:1b:f9:38:3e:ac:49:cb:08:c4:58:a7:bc:5b:8d:
                    1f:ef:a7:3a:86:f9:2a:12:44:20:f5:64:41:43:9f:
                    74:df:0a:a6:af:6b:51:c8:73:8e:79:c1:ab:81:f3:
                    5a:94:58:ee:cf:83:fc:57:33:bd:59:b8:ee:84:a8:
                    1e:d0:a6:2a:9d:7a:16:62:ff:3b:9f:0d:81:a8:3e:
                    d0:a9:3b:cc:60:08:63:c7:49:c8:f1:0d:9b:58:29:
                    5d:0e:80:8d:d5:35:82:d6:bb:11:ed:ad:fa:9e:be:
                    b2:d3:f2:fb:7f:ff:7f:4d:75:81:18:0f:c2:fa:03:
                    33:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:42:09:02:8E:E2:D8:24:C6:76:BB:67:1F:E5:5A:24:C3:62:EC:39
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/309213e8-3e04-41b5-88c4-b9d8053b7fbe.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  72.21.192.0/19

    Signature Algorithm: sha256WithRSAEncryption
         16:9d:4e:05:54:f3:ad:ae:5c:31:d6:a2:f6:22:d6:50:81:db:
         c3:e8:d9:1c:3a:eb:96:5b:69:6b:41:17:b4:43:05:1c:4f:59:
         32:9b:47:a4:7c:6c:25:24:e1:93:5f:93:af:08:3d:d9:77:f9:
         d7:e4:fa:bd:f3:0a:26:5e:0f:3a:06:54:84:ce:9b:58:bd:cf:
         e9:00:85:19:ef:5a:44:94:c0:df:aa:7e:b3:8e:8b:d9:6e:1b:
         02:95:f0:91:3d:13:14:c7:44:bf:1f:29:a3:97:96:f5:b1:11:
         8b:ad:8c:6a:47:f0:fb:c8:91:8e:82:aa:ef:51:bf:55:ac:33:
         d3:c8:54:29:da:5e:f7:41:3d:41:26:8b:51:cb:b6:a3:95:8e:
         01:61:df:5a:60:84:09:83:c5:e6:c4:49:b0:a3:69:9e:af:5d:
         ee:5f:bf:bb:75:6f:c0:56:b1:3e:f8:4c:ad:a0:b1:7f:1f:30:
         e4:7c:96:de:2c:af:ba:87:75:e2:05:a3:5e:11:2e:8f:aa:ac:
         55:4a:5f:a0:5e:2e:9a:ce:f0:bf:89:72:c4:76:4d:38:29:4a:
         bb:e9:d1:5d:d9:4c:a8:62:97:06:0d:80:b9:2b:4b:eb:c2:67:
         b1:08:34:0e:f2:71:8d:55:a6:b7:87:61:99:dd:90:c4:43:df:
         ac:99:9f:0d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUT3h3LMKWbsUG29lO6ZZ4BRNfEMcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjQwMzI3MDAwMDAwWhcNMjQwNTAxMjM1OTU5
WjB6MUkwRwYDVQQFE0AxY2ViNjNjYjE1ZDQ2YTk4OWI5NDYxMjcwODc5Yjg5ZTJl
ZTQ3Y2FkNjU0Y2RjOWY0MjQ3NjcyZmU1MjhmMGFlMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCxF8jv0IliLzrIr2awqvWXB4Sf4oXcYrCq8P9/zuIdS+QY
IjCwJMVDYA3OGB5HcCnVR6NWm0re5BACk1MCuctFE5Js6l1tLYYf3tX6rZ+fl4ox
r51zPLUJmSqaU3VHXyku2Bpng9n09PBiw3Jayu3Wmuq9raGyUmFkM4b36pwfKXK8
Agl0up4b+Tg+rEnLCMRYp7xbjR/vpzqG+SoSRCD1ZEFDn3TfCqava1HIc455wauB
81qUWO7Pg/xXM71ZuO6EqB7QpiqdehZi/zufDYGoPtCpO8xgCGPHScjxDZtYKV0O
gI3VNYLWuxHtrfqevrLT8vt//39NdYEYD8L6AzMZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUjEIJAo7i2CTGdrtnH+VaJMNi7DkwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzMwOTIxM2U4LTNlMDQtNDFiNS04OGM0LWI5ZDgwNTNiN2ZiZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAVIFcAwDQYJKoZIhvcNAQELBQADggEBABadTgVU862uXDHWovYi1lCB28Po
2Rw665ZbaWtBF7RDBRxPWTKbR6R8bCUk4ZNfk68IPdl3+dfk+r3zCiZeDzoGVITO
m1i9z+kAhRnvWkSUwN+qfrOOi9luGwKV8JE9ExTHRL8fKaOXlvWxEYutjGpH8PvI
kY6Cqu9Rv1WsM9PIVCnaXvdBPUEmi1HLtqOVjgFh31pghAmDxebESbCjaZ6vXe5f
v7t1b8BWsT74TK2gsX8fMOR8lt4sr7qHdeIFo14RLo+qrFVKX6BeLprO8L+JcsR2
TTgpSrvp0V3ZTKhilwYNgLkrS+vCZ7EINA7ycY1VpreHYZndkMRD36yZnw0=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:18:31 2024 by rpki-client on console-ams.rpki-client.org