Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e15fdd3a-f841-48ca-bcbb-730223dd6595.roa
File:                     e15fdd3a-f841-48ca-bcbb-730223dd6595.roa (raw, json)
Hash identifier:          5FSJOEY9CXF/pCku5jMiZgSttgUxlQNG7TG1J/rkGik=
Subject key identifier:   B2:51:B6:55:D9:75:2A:52:05:B9:0B:E2:8C:BC:91:90:2C:81:7C:CF
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       1EF4973E5FD6B845992C84FF0FDFF4CF58E91782
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e15fdd3a-f841-48ca-bcbb-730223dd6595.roa
Signing time:             Sun 26 Mar 2023 00:00:00 +0000
ROA not before:           Sun 26 Mar 2023 00:00:00 +0000
ROA not after:            Sun 30 Apr 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        103.246.150.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 27 Mar 2023 12:04:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:f4:97:3e:5f:d6:b8:45:99:2c:84:ff:0f:df:f4:cf:58:e9:17:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Mar 26 00:00:00 2023 GMT
            Not After : Apr 30 23:59:59 2023 GMT
        Subject: serialNumber=dba25cd98e486039dc28e356457d6b28c048d8710e147246d7908947e821ae3b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81, OU=Amazon RPKI, O=Amazon.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:57:9b:f2:1f:a1:bd:04:14:76:5e:b5:a7:28:
                    6a:f3:7f:22:5d:65:cf:ab:9d:12:b6:5d:d2:bc:81:
                    d3:20:98:d3:51:f9:5a:8e:b1:94:27:06:2d:3e:62:
                    1e:8d:5d:88:9d:8e:90:53:9a:8f:f0:b4:9e:9f:6d:
                    d4:2a:2d:d1:40:da:14:2d:90:4e:fa:b9:74:a1:95:
                    a9:ef:f7:1e:d6:c3:2b:59:62:fc:a8:c0:4e:b2:62:
                    7e:ed:91:79:f5:f7:03:ec:3b:d5:b0:7b:d3:ce:50:
                    d8:8b:d5:c1:16:25:b4:0f:1e:31:eb:ac:08:ec:3b:
                    54:64:ef:1f:03:a2:5f:32:c1:a1:5f:a7:0b:2d:5d:
                    22:85:1a:33:57:a9:f8:92:cc:0d:41:ab:ae:25:10:
                    6d:ec:84:07:99:e1:60:1a:4b:f5:8f:fd:48:36:9f:
                    31:09:57:32:8c:8d:ee:6e:65:09:aa:66:4f:2d:f8:
                    e3:c7:ce:26:ed:e3:3c:c3:3b:d9:8e:bf:e3:43:58:
                    c5:da:72:b2:89:72:de:a1:cd:aa:13:9d:55:1e:36:
                    7e:00:fd:8c:19:c5:70:8f:2c:ee:3a:67:f2:48:4b:
                    1c:e2:9a:c6:0e:84:41:99:4a:f2:b4:e2:ec:66:81:
                    99:30:da:0c:d3:9a:b9:44:cc:8d:e7:b4:62:5e:29:
                    44:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                B2:51:B6:55:D9:75:2A:52:05:B9:0B:E2:8C:BC:91:90:2C:81:7C:CF
            X509v3 Authority Key Identifier: 
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e15fdd3a-f841-48ca-bcbb-730223dd6595.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.246.150.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7a:8f:58:b6:6e:1a:e1:f9:e3:f0:77:5a:3d:41:86:81:f3:b4:
         3a:f7:fb:92:7a:94:c6:93:e1:a0:ec:73:a3:26:0c:96:d2:06:
         a0:fb:53:5a:86:45:7e:e7:c9:6c:dc:10:bf:cd:94:9e:e0:d9:
         f4:a5:f2:a8:1d:48:b6:c2:91:89:b2:37:5f:31:5f:a5:20:db:
         b4:e9:64:cd:df:bf:3a:8c:f3:86:d6:aa:e0:24:5a:25:37:d5:
         92:a0:95:bf:ed:6c:83:6f:d8:bc:25:75:ee:f9:e8:93:23:f8:
         0f:8d:cf:9d:09:76:86:51:2b:41:f2:09:27:98:d7:a4:e1:5b:
         a8:ce:d6:50:56:cc:df:0a:87:ff:d4:61:c4:d3:21:b3:86:06:
         ea:e4:6b:42:07:80:01:9f:5a:19:19:ed:e1:cd:f9:51:b9:3d:
         d9:61:3e:26:e1:03:16:64:44:bd:20:e3:c7:35:59:a4:3f:2a:
         f8:3f:e0:8d:20:d2:c3:85:b9:cc:df:f5:5e:33:74:14:78:ac:
         3c:73:15:35:3c:a4:51:5e:90:77:4c:f6:06:34:85:95:ff:bb:
         db:12:5d:da:63:ac:84:cc:c9:0f:1f:5c:32:ef:75:df:86:20:
         26:01:6c:75:47:28:37:08:e8:fe:cd:ca:8a:3b:92:76:ef:f6:
         28:32:25:32
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgIUHvSXPl/WuEWZLIT/D9/0z1jpF4IwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDMyNjAwMDAwMFoX
DTIzMDQzMDIzNTk1OVowgaUxSTBHBgNVBAUTQGRiYTI1Y2Q5OGU0ODYwMzlkYzI4
ZTM1NjQ1N2Q2YjI4YzA0OGQ4NzEwZTE0NzI0NmQ3OTA4OTQ3ZTgyMWFlM2IxLTAr
BgNVBAMTJGMwYmYwZmU4LTcxN2MtNGY3Mi05YjQ1LWM5YzUxOTEzMmE4MTEUMBIG
A1UECxMLQW1hem9uIFJQS0kxEzARBgNVBAoTCkFtYXpvbi5jb20wggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeV5vyH6G9BBR2XrWnKGrzfyJdZc+rnRK2
XdK8gdMgmNNR+VqOsZQnBi0+Yh6NXYidjpBTmo/wtJ6fbdQqLdFA2hQtkE76uXSh
lanv9x7WwytZYvyowE6yYn7tkXn19wPsO9Wwe9POUNiL1cEWJbQPHjHrrAjsO1Rk
7x8Dol8ywaFfpwstXSKFGjNXqfiSzA1Bq64lEG3shAeZ4WAaS/WP/Ug2nzEJVzKM
je5uZQmqZk8t+OPHzibt4zzDO9mOv+NDWMXacrKJct6hzaoTnVUeNn4A/YwZxXCP
LO46Z/JISxzimsYOhEGZSvK04uxmgZkw2gzTmrlEzI3ntGJeKUSfAgMBAAGjggJI
MIICRDAdBgNVHQ4EFgQUslG2Vdl1KlIFuQvijLyRkCyBfM8wHwYDVR0jBBgwFoAU
QHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUFBwEB
BHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0
b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RTeG0w
dUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEF
BQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t
L3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEvZTE1
ZmRkM2EtZjg0MS00OGNhLWJjYmItNzMwMjIzZGQ2NTk1LnJvYTCBlQYDVR0fBIGN
MIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpv
bmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUwYmVj
OTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFn9pYwDQYJKoZIhvcNAQELBQADggEBAHqPWLZuGuH54/B3Wj1BhoHztDr3
+5J6lMaT4aDsc6MmDJbSBqD7U1qGRX7nyWzcEL/NlJ7g2fSl8qgdSLbCkYmyN18x
X6Ug27TpZM3fvzqM84bWquAkWiU31ZKglb/tbINv2Lwlde756JMj+A+Nz50JdoZR
K0HyCSeY16ThW6jO1lBWzN8Kh//UYcTTIbOGBurka0IHgAGfWhkZ7eHN+VG5Pdlh
PibhAxZkRL0g48c1WaQ/Kvg/4I0g0sOFuczf9V4zdBR4rDxzFTU8pFFekHdM9gY0
hZX/u9sSXdpjrITMyQ8fXDLvdd+GICYBbHVHKDcI6P7Nyoo7knbv9igyJTI=
-----END CERTIFICATE-----
Generated at Sun Mar 26 00:40:38 2023 by rpki-client on console-ams.rpki-client.org