Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1c3e2897-84d0-4db5-8e5d-726c9120de43.roa
File:                     1c3e2897-84d0-4db5-8e5d-726c9120de43.roa (raw, json)
Hash identifier:          FssHbuvUk4DI1XMFnha16HNNhYua8o9PyV6TzpW3C/Q=
Subject key identifier:   D7:4A:32:50:6A:DF:BC:50:B7:C0:2B:F3:AE:CD:62:73:4D:1F:F1:E3
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       11B6D8E6371043FD02C9B0DE480B05121A5E3C46
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1c3e2897-84d0-4db5-8e5d-726c9120de43.roa
Signing time:             Sat 09 Mar 2024 00:00:00 +0000
ROA not before:           Sat 09 Mar 2024 00:00:00 +0000
ROA not after:            Sat 13 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        18.201.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:b6:d8:e6:37:10:43:fd:02:c9:b0:de:48:0b:05:12:1a:5e:3c:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar  9 00:00:00 2024 GMT
            Not After : Apr 13 23:59:59 2024 GMT
        Subject: serialNumber=f20a946f6ec603bf6cab3151959ea5ae0ae0d736a713402b39f66cb1cf747eee, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:5a:fb:45:20:e0:fb:37:16:c9:ca:e1:e3:cc:
                    ec:4d:e9:be:72:50:3e:e1:90:93:be:28:7e:e7:11:
                    87:88:5f:73:7d:42:62:b4:9f:b2:8c:ac:cd:31:84:
                    e5:11:bd:14:33:0a:9f:e0:23:c7:fd:20:1a:d0:ec:
                    e2:ab:5d:4a:71:a4:dc:cd:db:a1:fa:8b:ae:80:dd:
                    f0:3b:42:b1:5e:36:8e:ad:13:d4:67:8f:1a:1f:cd:
                    1b:2f:24:d7:6e:38:7c:93:bc:47:de:8b:6c:cd:c1:
                    e9:08:f0:6c:ef:36:e3:5d:d3:19:e0:1d:93:87:bb:
                    37:31:74:ac:83:9c:15:ad:c8:91:85:32:e0:2f:08:
                    33:fe:3a:1d:be:74:fc:ea:6a:ea:35:b0:4d:7e:7a:
                    f8:fa:2d:34:37:b6:11:23:33:93:b6:10:e6:14:6a:
                    94:e3:31:ce:3e:41:41:4f:f7:6d:d6:da:a9:6c:c2:
                    68:ed:6c:e0:de:ca:fd:ad:9f:84:32:4b:7f:a2:26:
                    91:a7:72:80:58:55:d4:65:7e:a6:26:a6:6f:05:0a:
                    68:f1:a3:44:c7:8d:ca:c7:58:64:fb:61:8d:d6:15:
                    a8:d2:f4:56:9c:a4:b8:a9:01:3c:dd:bd:d8:21:26:
                    2e:72:e7:b5:38:24:d5:81:0a:b9:dd:a0:2c:05:98:
                    93:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:4A:32:50:6A:DF:BC:50:B7:C0:2B:F3:AE:CD:62:73:4D:1F:F1:E3
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1c3e2897-84d0-4db5-8e5d-726c9120de43.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.201.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         4f:7d:c8:1d:7e:b9:9f:16:e8:8b:8d:4b:ae:ae:20:5f:dc:6d:
         5d:da:ab:d6:50:9c:5b:8a:9e:90:53:df:75:32:3e:5c:79:b0:
         1a:04:e4:72:e8:c2:93:e6:e1:05:57:35:5b:5a:4d:c5:06:51:
         5b:65:f1:eb:68:a4:11:b5:84:d1:11:dd:5a:b1:a1:0b:36:2e:
         3d:7f:7a:8b:8f:fa:3e:ae:02:0e:ff:ed:33:85:2c:19:f2:9b:
         16:d8:9f:e9:22:15:8c:f6:0d:e8:e9:47:c8:32:58:70:01:ed:
         d7:61:6c:08:a1:79:27:72:b3:b8:a5:1c:69:bf:6d:49:f8:12:
         ea:99:15:c1:7b:30:c8:11:01:93:e9:8f:52:f3:ea:1d:ba:ec:
         af:b0:d2:2b:1d:64:00:8b:79:77:cf:4e:05:8c:c3:f4:b6:eb:
         61:37:11:03:d7:41:3d:0a:e8:a1:97:b8:b6:f8:61:d1:8d:f9:
         f2:e7:27:fd:98:a7:ee:6d:4f:cd:68:31:ea:d6:f5:f4:f5:5f:
         1e:01:14:ef:86:2c:1f:ef:24:9a:52:ca:6c:ec:52:42:fe:16:
         12:c7:17:45:e4:e2:96:0f:b3:6e:e2:78:4f:f1:38:be:a1:46:
         4d:33:54:da:a5:4d:32:f4:40:46:11:35:21:f3:14:f7:a2:9a:
         6d:6d:e5:9c
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUEbbY5jcQQ/0CybDeSAsFEhpePEYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwMzA5MDAwMDAwWhcNMjQwNDEzMjM1OTU5
WjB6MUkwRwYDVQQFE0BmMjBhOTQ2ZjZlYzYwM2JmNmNhYjMxNTE5NTllYTVhZTBh
ZTBkNzM2YTcxMzQwMmIzOWY2NmNiMWNmNzQ3ZWVlMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCwWvtFIOD7NxbJyuHjzOxN6b5yUD7hkJO+KH7nEYeIX3N9
QmK0n7KMrM0xhOURvRQzCp/gI8f9IBrQ7OKrXUpxpNzN26H6i66A3fA7QrFeNo6t
E9RnjxofzRsvJNduOHyTvEfei2zNwekI8GzvNuNd0xngHZOHuzcxdKyDnBWtyJGF
MuAvCDP+Oh2+dPzqauo1sE1+evj6LTQ3thEjM5O2EOYUapTjMc4+QUFP923W2qls
wmjtbODeyv2tn4QyS3+iJpGncoBYVdRlfqYmpm8FCmjxo0THjcrHWGT7YY3WFajS
9FacpLipATzdvdghJi5y57U4JNWBCrndoCwFmJP3AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU10oyUGrfvFC3wCvzrs1ic00f8eMwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzFjM2UyODk3LTg0ZDAtNGRiNS04ZTVkLTcyNmM5MTIwZGU0My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwASyTANBgkqhkiG9w0BAQsFAAOCAQEAT33IHX65nxboi41Lrq4gX9xtXdqr
1lCcW4qekFPfdTI+XHmwGgTkcujCk+bhBVc1W1pNxQZRW2Xx62ikEbWE0RHdWrGh
CzYuPX96i4/6Pq4CDv/tM4UsGfKbFtif6SIVjPYN6OlHyDJYcAHt12FsCKF5J3Kz
uKUcab9tSfgS6pkVwXswyBEBk+mPUvPqHbrsr7DSKx1kAIt5d89OBYzD9LbrYTcR
A9dBPQrooZe4tvhh0Y358ucn/Zin7m1PzWgx6tb19PVfHgEU74YsH+8kmlLKbOxS
Qv4WEscXReTilg+zbuJ4T/E4vqFGTTNU2qVNMvRARhE1IfMU96KabW3lnA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:18:32 2024 by rpki-client on console-ams.rpki-client.org