Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/12d30afd-7657-4d7b-996a-bf7a313920f5.roa
File:                     12d30afd-7657-4d7b-996a-bf7a313920f5.roa (raw, json)
Hash identifier:          N2ivS4iXtz9pfGjWn6GeyaRLjV3sbZqlTovOP14GpNE=
Subject key identifier:   1C:54:7B:4D:2C:D4:6A:5B:CF:01:84:ED:29:8D:73:DF:B6:DB:39:D3
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       7CC7B6BE2665F154764F44EC57986B9D8E3B2FA4
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/12d30afd-7657-4d7b-996a-bf7a313920f5.roa
Signing time:             Tue 28 May 2024 00:00:00 +0000
ROA not before:           Tue 28 May 2024 00:00:00 +0000
ROA not after:            Tue 02 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        54.239.64.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 14 Jun 2024 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:c7:b6:be:26:65:f1:54:76:4f:44:ec:57:98:6b:9d:8e:3b:2f:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 28 00:00:00 2024 GMT
            Not After : Jul  2 23:59:59 2024 GMT
        Subject: serialNumber=db1220e695bbc38755285017b5a57c25d176086271d8906cdda90b932d0bbd2a, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:6a:db:77:fe:d1:b1:a6:ec:6c:8d:98:82:20:
                    18:cc:7d:d1:49:88:ba:f1:d6:db:6d:3a:38:50:56:
                    ed:55:70:46:7b:83:77:ab:2e:de:2f:c8:e4:5f:0e:
                    0b:e4:3a:48:af:a8:1b:63:d8:c9:eb:5d:d1:a0:ee:
                    b2:e3:0a:26:36:72:e6:e5:df:2b:73:2a:85:c7:88:
                    8d:66:19:c8:d5:e7:3d:34:52:e4:41:df:f9:3e:b0:
                    80:fe:7e:22:11:da:66:43:66:63:e4:44:82:04:d0:
                    bb:05:bb:02:e2:5d:73:cf:1c:45:36:6c:36:ad:e0:
                    92:96:2f:fb:ac:16:de:f9:51:bd:56:55:bd:5a:14:
                    7c:0c:de:49:70:61:a7:fe:4d:0a:7b:05:d9:4b:f2:
                    df:27:e2:9f:c5:67:3a:c9:21:62:25:ff:bb:a7:5a:
                    6b:8b:50:b3:e3:63:c3:ac:b7:de:bb:11:ff:d9:a9:
                    01:28:08:e8:6c:6a:a9:a8:2d:f2:d9:a1:10:9d:5d:
                    3c:b3:dc:55:5a:07:be:e9:b7:6f:0c:ad:ac:78:fd:
                    d8:77:10:a3:7f:af:da:a0:2c:82:17:fe:c9:67:52:
                    7b:21:a2:c5:3f:a8:fd:ed:ed:b2:6e:bd:df:64:e2:
                    a2:a8:23:45:2d:aa:83:08:25:8f:12:91:43:fb:6e:
                    0c:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:54:7B:4D:2C:D4:6A:5B:CF:01:84:ED:29:8D:73:DF:B6:DB:39:D3
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/12d30afd-7657-4d7b-996a-bf7a313920f5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.239.64.0/21

    Signature Algorithm: sha256WithRSAEncryption
         0d:9f:ef:62:9c:01:f0:64:0e:96:8e:18:43:b6:23:25:90:fb:
         25:c7:b0:53:d0:10:85:60:42:df:95:44:5c:c3:cd:49:33:ee:
         b3:fc:fd:24:e3:e0:1e:38:90:4e:06:41:d3:bd:bb:83:25:db:
         d5:97:69:31:1a:a1:fe:cd:cb:b4:75:3a:30:6a:f0:4a:b8:c0:
         99:f8:a9:4f:1b:08:66:1b:1b:8f:cd:ca:4d:19:87:8a:c2:30:
         46:31:9d:2f:3f:cd:e3:3a:11:19:7a:1a:e6:d4:56:88:f1:6f:
         54:35:6c:83:d5:aa:4b:c3:19:06:92:79:bf:e1:4e:db:15:f8:
         e5:20:7f:55:f5:5f:c1:86:ee:60:de:49:14:48:87:3e:57:85:
         49:b5:c6:54:e2:64:0f:18:80:fa:9f:02:4d:d6:c0:88:f1:df:
         81:1f:b7:46:4e:36:f4:f2:ff:0d:c1:04:9a:3b:01:6e:c9:4c:
         e1:1a:3f:0f:9b:78:dc:cf:d3:5c:13:90:c8:d2:02:6f:1c:c2:
         c9:24:11:5a:15:49:43:5f:91:e9:54:96:7d:6c:c3:0a:00:e7:
         3a:22:c1:fd:45:c9:02:8a:1e:ee:e4:30:25:ed:dd:84:e4:aa:
         6e:f3:b5:ea:ca:95:de:b3:5f:0b:dd:59:2f:85:2d:80:80:8a:
         a9:03:d3:ea
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfMe2viZl8VR2T0TsV5hrnY47L6QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNTI4MDAwMDAwWhcNMjQwNzAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BkYjEyMjBlNjk1YmJjMzg3NTUyODUwMTdiNWE1N2MyNWQx
NzYwODYyNzFkODkwNmNkZGE5MGI5MzJkMGJiZDJhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+att3/tGxpuxsjZiCIBjMfdFJiLrx1tttOjhQVu1VcEZ7
g3erLt4vyORfDgvkOkivqBtj2MnrXdGg7rLjCiY2cubl3ytzKoXHiI1mGcjV5z00
UuRB3/k+sID+fiIR2mZDZmPkRIIE0LsFuwLiXXPPHEU2bDat4JKWL/usFt75Ub1W
Vb1aFHwM3klwYaf+TQp7BdlL8t8n4p/FZzrJIWIl/7unWmuLULPjY8Ost967Ef/Z
qQEoCOhsaqmoLfLZoRCdXTyz3FVaB77pt28Mrax4/dh3EKN/r9qgLIIX/slnUnsh
osU/qP3t7bJuvd9k4qKoI0UtqoMIJY8SkUP7bgybAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUHFR7TSzUalvPAYTtKY1z37bbOdMwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzEyZDMwYWZkLTc2NTctNGQ3Yi05OTZhLWJmN2EzMTM5MjBmNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAM270AwDQYJKoZIhvcNAQELBQADggEBAA2f72KcAfBkDpaOGEO2IyWQ+yXH
sFPQEIVgQt+VRFzDzUkz7rP8/STj4B44kE4GQdO9u4Ml29WXaTEaof7Ny7R1OjBq
8Eq4wJn4qU8bCGYbG4/Nyk0Zh4rCMEYxnS8/zeM6ERl6GubUVojxb1Q1bIPVqkvD
GQaSeb/hTtsV+OUgf1X1X8GG7mDeSRRIhz5XhUm1xlTiZA8YgPqfAk3WwIjx34Ef
t0ZONvTy/w3BBJo7AW7JTOEaPw+beNzP01wTkMjSAm8cwskkEVoVSUNfkelUln1s
wwoA5zoiwf1FyQKKHu7kMCXt3YTkqm7zterKld6zXwvdWS+FLYCAiqkD0+o=
-----END CERTIFICATE-----
Generated at Thu Jun 13 17:21:08 2024 by rpki-client on console-fra.rpki-client.org