Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1d9e8f6b-3575-4fa0-b165-375a083ef49a.roa
File:                     1d9e8f6b-3575-4fa0-b165-375a083ef49a.roa (raw, json)
Hash identifier:          6Ku+h+IUMY6h4d5Ryo52G2H0G/09zNHW45jO1TNjOb4=
Subject key identifier:   8C:E0:CF:48:8A:83:C3:D8:BD:D2:B7:8A:3E:D7:D5:09:AF:DC:28:D7
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       266C05C746AB04D382BF6C836814842DF6F64568
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1d9e8f6b-3575-4fa0-b165-375a083ef49a.roa
Signing time:             Sat 09 Mar 2024 00:00:00 +0000
ROA not before:           Sat 09 Mar 2024 00:00:00 +0000
ROA not after:            Sat 13 Apr 2024 23:59:59 +0000
asID:                     14618
IP address blocks:        15.188.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:6c:05:c7:46:ab:04:d3:82:bf:6c:83:68:14:84:2d:f6:f6:45:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar  9 00:00:00 2024 GMT
            Not After : Apr 13 23:59:59 2024 GMT
        Subject: serialNumber=35977cd993d481b60ca0da5894a9182aec921d2e0aaca52410f3198e3c85b31d, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:4c:68:c5:6a:6a:74:66:07:38:a2:db:1a:35:
                    51:13:33:d7:ba:1f:2c:86:20:e7:e4:d6:0e:79:c9:
                    f9:19:0b:13:91:ac:bc:95:c9:66:2a:e2:38:fd:11:
                    07:7b:49:5c:c4:fe:1b:99:8c:25:9b:75:64:08:98:
                    90:c6:7e:66:87:41:1b:b4:eb:f0:6f:08:41:b5:cc:
                    9f:09:93:e1:f5:7f:ed:6a:de:f0:a2:b0:a2:b1:42:
                    71:d6:c6:27:8b:f4:99:aa:d0:b1:1a:b4:8e:96:eb:
                    2a:92:25:1b:4e:df:d2:f1:28:b7:9e:02:cf:99:3b:
                    12:c1:89:b6:d2:1e:11:43:e6:ee:75:c7:ad:b9:9e:
                    15:5b:48:a8:92:40:d7:78:26:c7:10:a2:95:77:af:
                    e5:0c:d7:78:27:ad:a1:1e:1b:10:7e:a2:2f:c9:02:
                    95:22:67:2e:46:de:9c:5e:8d:5c:7a:a3:32:19:18:
                    13:71:4b:ce:41:04:cc:e2:ea:6d:31:4c:bd:30:cf:
                    e9:42:fa:80:9e:bb:80:74:5b:69:73:31:7d:2d:b2:
                    3e:f6:fc:3f:85:19:0b:39:0b:1d:a9:0e:a0:c5:2b:
                    3e:8e:9a:c3:d8:52:e0:78:a8:09:56:25:c0:4c:d8:
                    44:ac:a3:58:fc:5d:76:31:4e:17:e2:15:eb:95:f8:
                    47:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:E0:CF:48:8A:83:C3:D8:BD:D2:B7:8A:3E:D7:D5:09:AF:DC:28:D7
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1d9e8f6b-3575-4fa0-b165-375a083ef49a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.188.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         89:21:1f:df:61:5d:f4:68:5f:d3:7b:1f:f0:89:0e:8b:08:70:
         f9:e3:2a:d9:70:d6:24:b6:a0:73:7b:2d:ae:0e:c2:5a:74:e1:
         85:7d:47:34:68:e9:f2:bf:eb:55:f0:4c:b5:3f:5c:50:c2:ee:
         71:5e:e2:93:6d:11:24:20:7c:cc:4f:fc:5a:53:d1:9c:b1:41:
         a4:b7:95:54:f7:2d:88:01:ca:2f:e9:5b:e2:13:4d:13:4e:3b:
         d7:b0:18:27:79:8f:d5:ec:e5:69:68:c4:c6:e2:f8:ce:51:8c:
         d6:69:90:32:71:bf:4d:20:8c:74:5f:df:60:8c:74:60:71:d0:
         94:da:d1:ef:5b:80:28:be:9a:96:94:49:4b:d6:03:32:52:65:
         85:dd:5b:98:4b:be:0b:e9:d0:c2:5a:47:21:ea:79:4a:97:8c:
         1a:dd:91:55:09:97:9b:99:93:1b:69:e7:0a:ec:45:d8:e2:38:
         85:38:55:61:cb:57:50:c3:74:5e:e3:dd:55:cd:60:30:23:7d:
         e9:4c:14:51:bb:3c:5e:63:27:a4:73:d7:3b:9c:b5:a1:0e:43:
         86:dd:34:41:59:e1:32:60:91:e8:a0:49:03:82:8a:bf:74:eb:
         75:9b:e6:a3:a3:cf:3a:03:4a:f1:b3:b3:7e:2e:c4:41:a5:c9:
         c5:62:af:0a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUJmwFx0arBNOCv2yDaBSELfb2RWgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwMzA5MDAwMDAwWhcNMjQwNDEzMjM1OTU5
WjB6MUkwRwYDVQQFE0AzNTk3N2NkOTkzZDQ4MWI2MGNhMGRhNTg5NGE5MTgyYWVj
OTIxZDJlMGFhY2E1MjQxMGYzMTk4ZTNjODViMzFkMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+TGjFamp0Zgc4otsaNVETM9e6HyyGIOfk1g55yfkZCxOR
rLyVyWYq4jj9EQd7SVzE/huZjCWbdWQImJDGfmaHQRu06/BvCEG1zJ8Jk+H1f+1q
3vCisKKxQnHWxieL9Jmq0LEatI6W6yqSJRtO39LxKLeeAs+ZOxLBibbSHhFD5u51
x625nhVbSKiSQNd4JscQopV3r+UM13gnraEeGxB+oi/JApUiZy5G3pxejVx6ozIZ
GBNxS85BBMzi6m0xTL0wz+lC+oCeu4B0W2lzMX0tsj72/D+FGQs5Cx2pDqDFKz6O
msPYUuB4qAlWJcBM2ESso1j8XXYxThfiFeuV+Ec7AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUjODPSIqDw9i90reKPtfVCa/cKNcwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzFkOWU4ZjZiLTM1NzUtNGZhMC1iMTY1LTM3NWEwODNlZjQ5YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAPvDANBgkqhkiG9w0BAQsFAAOCAQEAiSEf32Fd9Ghf03sf8IkOiwhw+eMq
2XDWJLagc3strg7CWnThhX1HNGjp8r/rVfBMtT9cUMLucV7ik20RJCB8zE/8WlPR
nLFBpLeVVPctiAHKL+lb4hNNE04717AYJ3mP1ezlaWjExuL4zlGM1mmQMnG/TSCM
dF/fYIx0YHHQlNrR71uAKL6alpRJS9YDMlJlhd1bmEu+C+nQwlpHIep5SpeMGt2R
VQmXm5mTG2nnCuxF2OI4hThVYctXUMN0XuPdVc1gMCN96UwUUbs8XmMnpHPXO5y1
oQ5Dht00QVnhMmCR6KBJA4KKv3TrdZvmo6PPOgNK8bOzfi7EQaXJxWKvCg==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:38:26 2024 by rpki-client on console-fra.rpki-client.org