Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/10c5897d-0a1d-4280-ab6b-bc9175ad6835.roa
File:                     10c5897d-0a1d-4280-ab6b-bc9175ad6835.roa (raw, json)
Hash identifier:          7FAUE/kKgKMj58QP1DhsZYf+HMPkTKoePmSupiFqIp4=
Subject key identifier:   08:9A:B9:72:8B:B7:43:CE:9E:92:B3:ED:44:EE:67:B2:4F:D1:3E:06
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       098C42259E49B3FD4556BDCF92EBCC87CBD0823D
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/10c5897d-0a1d-4280-ab6b-bc9175ad6835.roa
Signing time:             Fri 14 Jun 2024 00:00:00 +0000
ROA not before:           Fri 14 Jun 2024 00:00:00 +0000
ROA not after:            Fri 19 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        13.248.65.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 26 Jun 2024 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:8c:42:25:9e:49:b3:fd:45:56:bd:cf:92:eb:cc:87:cb:d0:82:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jun 14 00:00:00 2024 GMT
            Not After : Jul 19 23:59:59 2024 GMT
        Subject: serialNumber=dca75b81d8f592cfea2d328d1667102e24feabe8c2379cd4657d205038dad574, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:32:6b:68:ff:35:11:a0:aa:a3:d8:7e:8f:e1:
                    88:0b:dd:3d:31:a6:90:a0:6f:26:e4:cb:59:6b:53:
                    12:93:dd:38:c5:de:57:d2:00:79:46:17:fc:35:d2:
                    a9:bf:5d:cd:60:fa:79:30:bd:8a:70:51:1e:9b:ca:
                    e0:54:47:35:11:9b:3a:75:3b:8a:e0:b0:c0:4a:86:
                    e3:24:21:98:3c:82:5a:30:f5:ce:9b:05:c7:33:9c:
                    f6:f8:83:38:ff:ce:c8:00:ec:6e:b2:88:c0:4a:7d:
                    6f:6f:c6:7e:1a:f2:41:09:b1:a5:90:31:1e:51:ca:
                    23:11:6e:99:0a:cb:84:d4:fe:66:bd:64:de:22:20:
                    ef:6a:5f:54:5e:47:6d:e4:fd:10:82:64:e8:9a:ce:
                    fa:35:d2:df:71:24:49:f8:bc:9e:d4:d2:f8:c1:26:
                    1e:02:12:b5:41:f7:7c:8a:9b:9b:b9:85:2c:8f:b6:
                    ce:9d:6c:dc:dc:ab:aa:08:7e:53:c3:07:61:fb:19:
                    18:07:5e:f4:1a:2a:15:4d:5d:27:5a:d5:2d:cd:6b:
                    c0:d9:3c:14:13:0c:b5:f7:3d:8d:63:a9:9a:2e:f1:
                    13:d3:8b:6a:a7:c3:b5:10:fd:ad:d1:ac:72:5d:d1:
                    c1:d9:b4:68:9b:9b:50:ec:e2:5d:ef:13:3a:af:78:
                    9f:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:9A:B9:72:8B:B7:43:CE:9E:92:B3:ED:44:EE:67:B2:4F:D1:3E:06
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/10c5897d-0a1d-4280-ab6b-bc9175ad6835.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.248.65.0/24

    Signature Algorithm: sha256WithRSAEncryption
         36:8b:e3:51:c7:6d:47:bf:cc:73:1d:48:bf:a1:8d:96:6e:9c:
         fd:93:d4:fb:06:c0:64:ba:3d:1f:9b:62:4e:ef:9f:5e:eb:cb:
         9e:22:8a:40:02:0e:bc:72:2e:8a:75:30:0d:88:93:f6:06:6c:
         99:ba:6b:fc:4b:fa:d2:5d:53:b6:e3:9f:55:17:4c:0b:ca:6a:
         ad:eb:46:5d:5c:c8:71:c3:6d:7a:b0:23:a4:6a:90:45:84:d6:
         e0:a4:16:25:15:76:70:41:07:71:4e:2d:1d:80:09:b8:b6:12:
         5d:44:f8:28:3d:0c:00:fb:64:6e:5a:80:9a:ca:b6:07:92:5e:
         ba:59:8a:d0:c8:6c:1f:e9:44:7e:35:d6:b8:f5:e9:56:79:61:
         53:4f:e8:93:67:79:82:8f:0f:ee:05:27:55:b4:96:fd:bd:3f:
         3e:6e:7c:27:69:2c:d3:9f:5b:8a:6f:e3:2b:b0:b4:af:81:6e:
         0a:d0:6c:35:a1:b9:c5:e2:8d:78:fe:0a:97:14:6a:10:aa:39:
         e7:f5:13:c4:f2:9d:93:ba:e7:d5:d0:de:a5:dc:ba:42:e0:1b:
         b3:3e:c7:f8:b6:12:19:13:3d:5b:b9:30:21:75:de:de:ef:5f:
         31:90:b3:07:b3:21:ab:6b:66:8a:ac:2c:30:91:99:54:db:1e:
         77:2f:5d:8d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCYxCJZ5Js/1FVr3PkuvMh8vQgj0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNjE0MDAwMDAwWhcNMjQwNzE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BkY2E3NWI4MWQ4ZjU5MmNmZWEyZDMyOGQxNjY3MTAyZTI0
ZmVhYmU4YzIzNzljZDQ2NTdkMjA1MDM4ZGFkNTc0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+Mmto/zURoKqj2H6P4YgL3T0xppCgbybky1lrUxKT3TjF
3lfSAHlGF/w10qm/Xc1g+nkwvYpwUR6byuBURzURmzp1O4rgsMBKhuMkIZg8glow
9c6bBccznPb4gzj/zsgA7G6yiMBKfW9vxn4a8kEJsaWQMR5RyiMRbpkKy4TU/ma9
ZN4iIO9qX1ReR23k/RCCZOiazvo10t9xJEn4vJ7U0vjBJh4CErVB93yKm5u5hSyP
ts6dbNzcq6oIflPDB2H7GRgHXvQaKhVNXSda1S3Na8DZPBQTDLX3PY1jqZou8RPT
i2qnw7UQ/a3RrHJd0cHZtGibm1Ds4l3vEzqveJ8DAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUCJq5cou3Q86ekrPtRO5nsk/RPgYwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzEwYzU4OTdkLTBhMWQtNDI4MC1hYjZiLWJjOTE3NWFkNjgzNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAN+EEwDQYJKoZIhvcNAQELBQADggEBADaL41HHbUe/zHMdSL+hjZZunP2T
1PsGwGS6PR+bYk7vn17ry54iikACDrxyLop1MA2Ik/YGbJm6a/xL+tJdU7bjn1UX
TAvKaq3rRl1cyHHDbXqwI6RqkEWE1uCkFiUVdnBBB3FOLR2ACbi2El1E+Cg9DAD7
ZG5agJrKtgeSXrpZitDIbB/pRH411rj16VZ5YVNP6JNneYKPD+4FJ1W0lv29Pz5u
fCdpLNOfW4pv4yuwtK+BbgrQbDWhucXijXj+CpcUahCqOef1E8TynZO659XQ3qXc
ukLgG7M+x/i2EhkTPVu5MCF13t7vXzGQswezIatrZoqsLDCRmVTbHncvXY0=
-----END CERTIFICATE-----
Generated at Mon Jun 24 01:29:07 2024 by rpki-client on console-ams.rpki-client.org