Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3ad746a5-4122-4fe1-a6c1-09c23d7c31f0.roa
File:                     3ad746a5-4122-4fe1-a6c1-09c23d7c31f0.roa (raw, json)
Hash identifier:          paYipCbf71ydCR1X0Gcdw34PM/1m1UbHNd833h0AwGo=
Subject key identifier:   DF:6E:4E:73:B2:F1:33:0F:F3:1B:59:4A:EA:42:A2:AB:BA:A9:2A:44
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       675E13702252A89E45E50CC3CEC3FAC0C41227B0
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3ad746a5-4122-4fe1-a6c1-09c23d7c31f0.roa
Signing time:             Tue 28 May 2024 00:00:00 +0000
ROA not before:           Tue 28 May 2024 00:00:00 +0000
ROA not after:            Tue 02 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        18.44.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 24 Jun 2024 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:5e:13:70:22:52:a8:9e:45:e5:0c:c3:ce:c3:fa:c0:c4:12:27:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 28 00:00:00 2024 GMT
            Not After : Jul  2 23:59:59 2024 GMT
        Subject: serialNumber=a92582acd5a9be3bbfd0475906133d6d7137461ccc53a215b4355ab3033e7927, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:ce:98:c7:45:ad:dd:f9:17:e8:ab:b7:24:7c:
                    ff:f9:69:aa:a7:eb:ba:bb:df:f6:f2:2d:d5:95:54:
                    eb:94:53:d7:b9:61:b5:5d:11:96:db:29:5e:17:0a:
                    ec:70:f3:d1:d0:f8:7c:c5:65:f7:6c:a2:59:80:2f:
                    db:76:09:5e:7c:9e:5a:40:07:a0:99:f0:1a:13:e7:
                    42:c8:fb:ec:9e:b4:16:c9:14:8b:b7:9e:cc:0e:04:
                    2c:e5:6b:bb:1b:3d:42:51:49:16:a8:cb:3a:7b:67:
                    4a:4f:9c:2c:20:44:f6:1b:29:b5:21:0c:18:3f:11:
                    9f:cf:a4:88:a9:07:dc:d1:69:88:91:20:ce:9e:33:
                    03:93:9e:d4:8b:fb:1e:9e:2e:97:1e:f8:02:46:5d:
                    60:3a:3f:98:36:a9:af:b0:f7:0b:f2:d2:e4:d6:a9:
                    b6:5b:57:48:8a:4a:c1:58:f9:57:15:08:f9:50:05:
                    4f:3f:ed:34:8f:9d:01:58:6b:24:cb:81:dd:bd:61:
                    af:8e:ab:2e:c7:a7:de:f2:62:31:f2:24:6f:0a:c2:
                    57:4f:b0:f2:9d:66:9a:f6:55:56:86:a1:40:93:5b:
                    9d:3e:73:95:a0:ea:38:0a:86:ee:b7:99:4e:d2:45:
                    12:f7:a8:24:c9:15:c1:c1:9a:be:7b:24:8b:6b:6b:
                    1a:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:6E:4E:73:B2:F1:33:0F:F3:1B:59:4A:EA:42:A2:AB:BA:A9:2A:44
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3ad746a5-4122-4fe1-a6c1-09c23d7c31f0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.44.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         79:5f:c0:d1:00:56:c0:bf:74:0f:20:ba:67:01:00:b5:44:f9:
         80:eb:79:b9:7a:9c:40:90:e6:04:32:cd:c1:38:9b:d0:a3:b6:
         50:bf:52:16:9e:2b:70:22:84:c0:93:73:f2:81:1f:51:95:a6:
         37:a1:74:cf:87:9f:56:ca:57:1e:c8:15:f4:88:ef:ef:2f:b7:
         3f:c7:e0:81:fe:11:22:1a:c7:16:3a:fb:e7:08:dc:bc:19:e7:
         1e:03:0b:c8:95:3e:b9:b7:36:54:74:db:d4:6b:fb:ac:c6:ec:
         f9:0c:f9:45:a1:b5:07:9b:2d:c8:6f:9e:e0:5e:eb:21:24:e6:
         6d:94:01:e5:2d:2f:c5:98:65:ac:1d:50:27:0b:db:b4:72:69:
         70:2b:af:02:85:3f:ad:06:b3:f7:30:37:44:ea:b4:68:23:18:
         a1:9f:cf:ea:e2:bc:88:f3:eb:fa:e8:f6:17:28:57:7c:8e:bd:
         52:42:bb:e8:07:47:d5:e3:29:71:70:fa:b4:f6:d4:fd:c7:82:
         b9:b3:e1:7d:8f:12:c8:ef:21:19:b8:21:48:ab:ee:3b:e8:9f:
         e2:ce:ea:0c:e7:9a:cc:58:1e:03:2a:87:bf:c5:c7:a7:e2:ce:
         ad:78:cd:7d:1e:96:a0:97:59:99:98:88:b7:1a:6d:5d:93:7c:
         39:20:7c:01
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUZ14TcCJSqJ5F5QzDzsP6wMQSJ7AwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNTI4MDAwMDAwWhcNMjQwNzAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BhOTI1ODJhY2Q1YTliZTNiYmZkMDQ3NTkwNjEzM2Q2ZDcx
Mzc0NjFjY2M1M2EyMTViNDM1NWFiMzAzM2U3OTI3MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDCzpjHRa3d+Rfoq7ckfP/5aaqn67q73/byLdWVVOuUU9e5
YbVdEZbbKV4XCuxw89HQ+HzFZfdsolmAL9t2CV58nlpAB6CZ8BoT50LI++yetBbJ
FIu3nswOBCzla7sbPUJRSRaoyzp7Z0pPnCwgRPYbKbUhDBg/EZ/PpIipB9zRaYiR
IM6eMwOTntSL+x6eLpce+AJGXWA6P5g2qa+w9wvy0uTWqbZbV0iKSsFY+VcVCPlQ
BU8/7TSPnQFYayTLgd29Ya+Oqy7Hp97yYjHyJG8KwldPsPKdZpr2VVaGoUCTW50+
c5Wg6jgKhu63mU7SRRL3qCTJFcHBmr57JItraxrjAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU325Oc7LxMw/zG1lK6kKiq7qpKkQwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzNhZDc0NmE1LTQxMjItNGZlMS1hNmMxLTA5YzIzZDdjMzFmMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwASLDANBgkqhkiG9w0BAQsFAAOCAQEAeV/A0QBWwL90DyC6ZwEAtUT5gOt5
uXqcQJDmBDLNwTib0KO2UL9SFp4rcCKEwJNz8oEfUZWmN6F0z4efVspXHsgV9Ijv
7y+3P8fggf4RIhrHFjr75wjcvBnnHgMLyJU+ubc2VHTb1Gv7rMbs+Qz5RaG1B5st
yG+e4F7rISTmbZQB5S0vxZhlrB1QJwvbtHJpcCuvAoU/rQaz9zA3ROq0aCMYoZ/P
6uK8iPPr+uj2FyhXfI69UkK76AdH1eMpcXD6tPbU/ceCubPhfY8SyO8hGbghSKvu
O+if4s7qDOeazFgeAyqHv8XHp+LOrXjNfR6WoJdZmZiItxptXZN8OSB8AQ==
-----END CERTIFICATE-----
Generated at Sat Jun 22 03:13:22 2024 by rpki-client on console-ams.rpki-client.org