Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/19e30596-c121-4ef5-8ec2-cefe9d9d3ae9.roa
File:                     19e30596-c121-4ef5-8ec2-cefe9d9d3ae9.roa (raw, json)
Hash identifier:          SkUP0oDe6J3ctRUOROZ78xbBpQzR8FsVynx9TehG5mA=
Subject key identifier:   97:4E:01:FD:D1:11:96:09:5C:A4:CF:FF:66:39:B1:87:89:DB:BC:F6
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       7E8B0F9961034082164C3D13A3653723E29CB056
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/19e30596-c121-4ef5-8ec2-cefe9d9d3ae9.roa
Signing time:             Fri 24 May 2024 00:00:00 +0000
ROA not before:           Fri 24 May 2024 00:00:00 +0000
ROA not after:            Fri 28 Jun 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        129.47.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 14 Jun 2024 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:8b:0f:99:61:03:40:82:16:4c:3d:13:a3:65:37:23:e2:9c:b0:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 24 00:00:00 2024 GMT
            Not After : Jun 28 23:59:59 2024 GMT
        Subject: serialNumber=8be830a9d4b1d4c99d1d80a941c0fb506b4af58a5a336d84ee18de64e44a22a1, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:8b:e7:47:31:b7:71:ba:8d:c3:de:dc:b5:18:
                    b3:ca:7a:c2:db:ef:b7:0d:ea:0a:02:31:d7:bd:3f:
                    4b:73:98:cc:55:75:80:1b:78:db:8d:6d:e6:01:d6:
                    9d:26:b7:17:c0:e7:a5:fb:7e:bb:55:c1:95:e0:1c:
                    4e:8a:b7:00:1c:77:42:09:5b:e5:cd:c3:da:5c:8f:
                    69:2d:11:f1:83:cf:4d:0e:9b:5e:2e:0b:0c:aa:fa:
                    a5:a6:2e:32:ad:73:b4:90:94:2b:6f:b7:1e:7f:85:
                    04:fe:b1:7d:97:35:d9:71:ea:46:9f:09:c5:c9:3d:
                    55:97:b4:a9:0e:58:1e:27:61:84:6c:7f:97:d6:c4:
                    9b:69:b9:ca:31:32:9b:d7:33:35:86:32:95:01:3c:
                    e9:22:06:2c:16:36:16:05:16:6f:30:48:8e:c9:fa:
                    3b:7b:8e:f6:e5:d3:2e:5a:36:2e:21:37:67:83:7c:
                    7b:17:49:c1:ec:c0:e7:5b:21:c1:a9:e5:73:70:8a:
                    0a:2d:86:f1:24:ef:de:98:c8:a6:0d:f8:bb:93:ed:
                    fa:60:5d:0f:99:1f:73:ad:85:e0:15:a8:2b:ce:9e:
                    67:3a:6c:0a:4f:ac:f1:0a:f4:94:62:7f:ff:0d:04:
                    0c:fb:5e:2d:4e:97:d7:8e:65:d2:80:4a:9a:d7:c0:
                    5c:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:4E:01:FD:D1:11:96:09:5C:A4:CF:FF:66:39:B1:87:89:DB:BC:F6
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/19e30596-c121-4ef5-8ec2-cefe9d9d3ae9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  129.47.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         7f:75:ca:20:21:a0:c7:e2:11:31:f6:4b:88:35:8e:0f:6c:42:
         23:70:67:d1:63:b4:bf:6e:30:8a:9f:2b:b2:74:45:06:91:7e:
         5a:5c:a5:26:d5:f0:5b:48:00:3d:4b:56:46:bc:9c:07:03:b3:
         de:f9:91:3b:88:5e:2e:80:c6:24:5f:65:76:19:3e:fd:81:b8:
         4d:ff:a9:46:c3:06:1a:23:7e:4f:5f:2b:98:25:42:29:c4:2c:
         8e:46:0e:a3:c4:9a:e0:a3:70:a5:39:85:78:46:3f:2f:77:f0:
         8b:2e:ba:26:00:bf:ac:fc:0b:09:21:f9:18:9a:47:7f:b9:a0:
         11:28:74:15:d7:8c:63:ee:cc:ed:5e:60:3a:29:b1:ee:0d:08:
         80:98:cc:49:16:e2:60:4a:68:af:e9:be:b6:4c:97:1f:dc:73:
         5b:7d:ab:41:a3:91:b0:21:6e:85:57:da:b4:9b:bc:8b:2c:bd:
         3e:d2:fd:42:cc:54:b2:d3:6f:1c:5d:94:f6:97:27:2f:ad:e3:
         e6:a1:b4:36:90:c4:51:10:e1:b7:87:10:9e:d0:22:21:e2:b2:
         8e:9e:26:75:f5:47:16:62:19:b2:9a:06:d3:8f:1e:83:e5:e9:
         3b:73:44:6a:e3:6b:ed:94:d3:20:3f:e3:a8:4b:05:3d:87:1d:
         56:c4:88:58
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUfosPmWEDQIIWTD0To2U3I+KcsFYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNTI0MDAwMDAwWhcNMjQwNjI4MjM1OTU5
WjB6MUkwRwYDVQQFE0A4YmU4MzBhOWQ0YjFkNGM5OWQxZDgwYTk0MWMwZmI1MDZi
NGFmNThhNWEzMzZkODRlZTE4ZGU2NGU0NGEyMmExMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDXi+dHMbdxuo3D3ty1GLPKesLb77cN6goCMde9P0tzmMxV
dYAbeNuNbeYB1p0mtxfA56X7frtVwZXgHE6KtwAcd0IJW+XNw9pcj2ktEfGDz00O
m14uCwyq+qWmLjKtc7SQlCtvtx5/hQT+sX2XNdlx6kafCcXJPVWXtKkOWB4nYYRs
f5fWxJtpucoxMpvXMzWGMpUBPOkiBiwWNhYFFm8wSI7J+jt7jvbl0y5aNi4hN2eD
fHsXScHswOdbIcGp5XNwigothvEk796YyKYN+LuT7fpgXQ+ZH3OtheAVqCvOnmc6
bApPrPEK9JRif/8NBAz7Xi1Ol9eOZdKASprXwFwFAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUl04B/dERlglcpM//Zjmxh4nbvPYwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzE5ZTMwNTk2LWMxMjEtNGVmNS04ZWMyLWNlZmU5ZDlkM2FlOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCBLzANBgkqhkiG9w0BAQsFAAOCAQEAf3XKICGgx+IRMfZLiDWOD2xCI3Bn
0WO0v24wip8rsnRFBpF+WlylJtXwW0gAPUtWRrycBwOz3vmRO4heLoDGJF9ldhk+
/YG4Tf+pRsMGGiN+T18rmCVCKcQsjkYOo8Sa4KNwpTmFeEY/L3fwiy66JgC/rPwL
CSH5GJpHf7mgESh0FdeMY+7M7V5gOimx7g0IgJjMSRbiYEpor+m+tkyXH9xzW32r
QaORsCFuhVfatJu8iyy9PtL9QsxUstNvHF2U9pcnL63j5qG0NpDEURDht4cQntAi
IeKyjp4mdfVHFmIZspoG048eg+XpO3NEauNr7ZTTID/jqEsFPYcdVsSIWA==
-----END CERTIFICATE-----
Generated at Wed Jun 12 15:44:39 2024 by rpki-client on console-ams.rpki-client.org