Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1d15ac64-6693-4feb-ac1d-e3130eb64c10.roa
File:                     1d15ac64-6693-4feb-ac1d-e3130eb64c10.roa (raw, json)
Hash identifier:          0TLhdzunY1Qip4jjIg1+SWw9BstL9I3F4Qrzwz1Jzp4=
Subject key identifier:   B9:D9:DF:D3:1B:32:0D:FA:9D:F4:3E:79:E9:FC:85:02:D9:C1:6D:82
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       65105BF51906352A6BB134A6FE1B0FCFD700A41C
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1d15ac64-6693-4feb-ac1d-e3130eb64c10.roa
Signing time:             Tue 21 May 2024 00:00:00 +0000
ROA not before:           Tue 21 May 2024 00:00:00 +0000
ROA not after:            Tue 25 Jun 2024 23:59:59 +0000
asID:                     14618
IP address blocks:        35.168.0.0/13 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 14 Jun 2024 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:10:5b:f5:19:06:35:2a:6b:b1:34:a6:fe:1b:0f:cf:d7:00:a4:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 21 00:00:00 2024 GMT
            Not After : Jun 25 23:59:59 2024 GMT
        Subject: serialNumber=45e7b542bbc60851960ccca1ece923f7c00e7e9da8f1158dfde5aec4e43600b8, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:00:92:53:fe:68:bf:5f:9a:b3:48:89:d6:2e:
                    e9:05:af:db:0e:8c:ab:07:46:79:72:c5:ea:2a:19:
                    e2:02:a6:77:08:73:05:82:9c:46:6a:a8:42:b0:26:
                    53:fe:24:49:fe:c1:3f:8e:3c:8e:5c:42:c5:6c:28:
                    09:b7:79:9e:fe:f2:3e:52:ce:3d:f6:ef:2b:2c:f1:
                    50:ab:3f:50:fb:96:d1:47:78:41:2f:8d:38:59:01:
                    6c:ed:df:8a:1e:d6:9d:e7:07:25:78:cd:80:37:4a:
                    4a:e7:28:f3:9f:65:74:8d:54:d7:60:75:b8:75:e6:
                    74:40:bc:9b:dd:52:b8:17:67:73:3a:f5:39:a9:10:
                    ad:9f:6b:7c:9e:fc:5d:b3:23:a4:51:00:aa:8b:c7:
                    e5:0e:d6:b4:75:b8:1f:25:57:ec:84:a3:6c:07:bc:
                    e7:e7:68:b7:f5:ca:03:a1:04:cd:75:a7:94:6a:66:
                    cd:e3:61:0b:a9:a4:10:e9:23:af:c2:ba:e5:ee:7e:
                    e4:09:c0:5a:bd:31:eb:d8:2e:8c:1e:2c:aa:db:aa:
                    df:aa:a7:72:48:55:85:37:6a:e4:c8:05:ae:ea:e3:
                    cf:43:47:d9:35:1c:b0:16:20:a9:68:21:3f:dc:ff:
                    43:be:4e:1e:7b:9f:9c:c2:14:f9:20:b3:51:7e:10:
                    79:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:D9:DF:D3:1B:32:0D:FA:9D:F4:3E:79:E9:FC:85:02:D9:C1:6D:82
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1d15ac64-6693-4feb-ac1d-e3130eb64c10.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.168.0.0/13

    Signature Algorithm: sha256WithRSAEncryption
         34:67:e5:86:03:b5:ec:ba:48:d7:ae:28:e5:3c:22:5b:14:42:
         5d:8a:84:d0:7a:ee:13:8c:e0:15:af:1a:c6:75:c4:1e:30:43:
         36:73:8a:04:40:d2:c4:3a:23:05:fb:cc:72:4e:4d:79:50:b1:
         c2:0f:8a:d9:d2:5f:6d:85:21:ff:fd:09:72:55:92:5c:6a:1f:
         f8:0f:db:7b:ee:cd:29:d1:9d:84:f8:1c:47:e7:22:ec:d4:a5:
         d5:37:c4:f5:4c:f4:38:16:5b:69:a7:87:00:57:64:63:34:e0:
         73:00:2d:99:cd:f8:52:5a:03:7f:b5:be:53:c6:44:f4:38:15:
         5c:d9:e0:76:47:e3:e4:d3:55:0f:88:f8:4a:69:aa:9e:a3:6e:
         e1:40:1f:d8:57:d6:97:ba:ea:67:92:fe:83:2d:ab:31:06:24:
         e5:76:05:0d:03:53:da:56:05:e2:d6:53:11:33:16:8d:d2:b2:
         04:8c:fa:cd:14:28:85:7e:31:8c:48:35:f7:4e:d9:03:dd:9e:
         9f:1e:49:4c:36:40:ec:a9:b5:0f:65:dd:e7:05:6c:23:59:e7:
         66:ab:3e:a2:3c:0d:13:6b:ac:fa:0c:4f:2d:25:99:44:04:11:
         9a:d7:54:77:2e:52:f5:c0:66:17:64:4a:cc:a2:71:eb:ff:55:
         e8:51:d5:32
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUZRBb9RkGNSprsTSm/hsPz9cApBwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNTIxMDAwMDAwWhcNMjQwNjI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A0NWU3YjU0MmJiYzYwODUxOTYwY2NjYTFlY2U5MjNmN2Mw
MGU3ZTlkYThmMTE1OGRmZGU1YWVjNGU0MzYwMGI4MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCeAJJT/mi/X5qzSInWLukFr9sOjKsHRnlyxeoqGeICpncI
cwWCnEZqqEKwJlP+JEn+wT+OPI5cQsVsKAm3eZ7+8j5Szj327yss8VCrP1D7ltFH
eEEvjThZAWzt34oe1p3nByV4zYA3SkrnKPOfZXSNVNdgdbh15nRAvJvdUrgXZ3M6
9TmpEK2fa3ye/F2zI6RRAKqLx+UO1rR1uB8lV+yEo2wHvOfnaLf1ygOhBM11p5Rq
Zs3jYQuppBDpI6/CuuXufuQJwFq9MevYLoweLKrbqt+qp3JIVYU3auTIBa7q489D
R9k1HLAWIKloIT/c/0O+Th57n5zCFPkgs1F+EHnbAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUudnf0xsyDfqd9D556fyFAtnBbYIwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzFkMTVhYzY0LTY2OTMtNGZlYi1hYzFkLWUzMTMwZWI2NGMxMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwMjqDANBgkqhkiG9w0BAQsFAAOCAQEANGflhgO17LpI164o5TwiWxRCXYqE
0HruE4zgFa8axnXEHjBDNnOKBEDSxDojBfvMck5NeVCxwg+K2dJfbYUh//0JclWS
XGof+A/be+7NKdGdhPgcR+ci7NSl1TfE9Uz0OBZbaaeHAFdkYzTgcwAtmc34UloD
f7W+U8ZE9DgVXNngdkfj5NNVD4j4SmmqnqNu4UAf2FfWl7rqZ5L+gy2rMQYk5XYF
DQNT2lYF4tZTETMWjdKyBIz6zRQohX4xjEg1907ZA92enx5JTDZA7Km1D2Xd5wVs
I1nnZqs+ojwNE2us+gxPLSWZRAQRmtdUdy5S9cBmF2RKzKJx6/9V6FHVMg==
-----END CERTIFICATE-----
Generated at Wed Jun 12 15:44:39 2024 by rpki-client on console-ams.rpki-client.org