Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/40b3b09f-480a-4149-bfe2-ffb4077e4849.roa
File:                     40b3b09f-480a-4149-bfe2-ffb4077e4849.roa (raw, json)
Hash identifier:          Ftqy2rn4ssS0x+Ss5Auw2ostD0ABonx8c2boFmoK+d4=
Subject key identifier:   01:B3:A4:47:C9:5F:23:A7:56:F1:07:21:AB:44:72:93:A8:A3:6A:7C
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       7F7A96415526D494B481736BB288F76DC6413391
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/40b3b09f-480a-4149-bfe2-ffb4077e4849.roa
Signing time:             Sat 25 Mar 2023 00:00:00 +0000
ROA not before:           Sat 25 Mar 2023 00:00:00 +0000
ROA not after:            Sat 29 Apr 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        13.212.0.0/14 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 26 Mar 2023 12:09:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:7a:96:41:55:26:d4:94:b4:81:73:6b:b2:88:f7:6d:c6:41:33:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar 25 00:00:00 2023 GMT
            Not After : Apr 29 23:59:59 2023 GMT
        Subject: serialNumber=08a301d7462a04f58fffa75c4cfe92ea3193054644997568acfde3f8df52e5ab, CN=5f276045-5b9f-45ef-923d-f3fce24a6225, OU=Amazon RPKI, O=Amazon.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:53:67:2f:09:ce:5c:60:3d:40:49:2d:39:f8:
                    c6:b9:26:fc:c0:3d:a9:c7:fc:3e:86:0a:4b:d2:26:
                    35:54:e5:03:7e:16:2e:43:c1:c7:14:06:23:fd:b7:
                    6e:e7:6b:06:f6:96:7f:71:e5:c5:88:e6:e8:82:81:
                    67:61:eb:f9:20:de:86:55:68:91:48:2d:38:91:9c:
                    33:5a:be:09:83:a5:37:b1:c9:fe:63:dd:cc:1e:b6:
                    c9:39:d5:90:6f:52:6c:43:3c:e2:2b:53:e4:11:f7:
                    a0:90:47:79:21:0c:82:ad:4d:82:a6:90:03:ff:81:
                    5f:9f:d3:09:3e:95:db:bb:63:6a:bd:cd:bc:73:5a:
                    ff:e2:45:d7:32:59:67:d7:8f:47:99:ff:45:90:68:
                    a3:8a:5f:b7:bf:27:de:6f:07:40:a6:9b:50:f5:62:
                    c3:14:37:de:ca:28:c9:37:d2:2b:0c:b1:91:5e:1d:
                    13:b0:b2:c9:b2:58:3d:a5:0a:40:6a:ff:7f:f3:3e:
                    bf:24:22:8c:ff:58:29:e9:63:3e:6b:c8:35:88:88:
                    46:3d:16:a1:81:7d:64:29:c8:a8:9b:7b:3b:e5:58:
                    b4:31:a9:e3:7b:f4:17:d4:56:0d:19:9b:fe:cc:46:
                    27:06:c2:35:6e:28:f7:d7:49:00:db:08:c2:21:6e:
                    36:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                01:B3:A4:47:C9:5F:23:A7:56:F1:07:21:AB:44:72:93:A8:A3:6A:7C
            X509v3 Authority Key Identifier: 
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/40b3b09f-480a-4149-bfe2-ffb4077e4849.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.212.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         3b:f0:24:54:4a:fe:60:ea:80:49:c7:f4:05:22:b4:c5:f2:64:
         b9:dc:06:d1:71:09:b4:2f:d4:7e:52:a9:25:1c:03:4c:92:9d:
         2c:7c:55:4c:c8:7e:0c:53:5e:21:f5:7a:02:00:c9:70:02:2b:
         ae:54:5b:df:c7:af:1f:7b:c9:5d:69:39:7a:e5:92:a3:9e:67:
         a3:4f:60:66:4b:6f:1a:a9:08:bc:d5:fb:b0:59:d3:71:3a:25:
         52:87:e6:3e:b5:2f:f5:7a:0b:01:43:e2:84:89:6b:99:7e:a9:
         cc:ee:ad:3c:98:fe:6f:8b:8e:e0:c0:8d:19:ce:82:e5:da:a3:
         6e:3d:31:6f:20:f1:5a:eb:c2:ef:07:cd:42:44:1f:93:6c:0d:
         10:87:2c:fa:82:f1:c0:8a:0e:c9:f0:3d:c1:34:60:85:98:ce:
         0c:1f:73:fd:52:ee:f8:c2:ff:6b:12:f7:fd:9d:3c:79:32:28:
         71:fa:44:a8:72:28:0f:ce:66:c8:98:6b:79:90:b0:35:6a:b6:
         af:51:59:41:2d:50:0a:a7:3d:6f:72:09:0f:9a:72:dd:97:2c:
         e3:99:59:24:2b:78:30:4d:ad:7a:bf:72:3a:94:61:7e:c2:9f:
         67:0c:51:0e:89:4b:1e:4c:dc:cb:89:a8:19:03:14:f0:44:32:
         15:5d:9e:a5
-----BEGIN CERTIFICATE-----
MIIGIzCCBQugAwIBAgIUf3qWQVUm1JS0gXNrsoj3bcZBM5EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjMwMzI1MDAwMDAwWhcNMjMwNDI5MjM1OTU5
WjCBpTFJMEcGA1UEBRNAMDhhMzAxZDc0NjJhMDRmNThmZmZhNzVjNGNmZTkyZWEz
MTkzMDU0NjQ0OTk3NTY4YWNmZGUzZjhkZjUyZTVhYjEtMCsGA1UEAxMkNWYyNzYw
NDUtNWI5Zi00NWVmLTkyM2QtZjNmY2UyNGE2MjI1MRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALZTZy8JzlxgPUBJLTn4xrkm/MA9qcf8PoYKS9ImNVTlA34WLkPB
xxQGI/23budrBvaWf3HlxYjm6IKBZ2Hr+SDehlVokUgtOJGcM1q+CYOlN7HJ/mPd
zB62yTnVkG9SbEM84itT5BH3oJBHeSEMgq1NgqaQA/+BX5/TCT6V27tjar3NvHNa
/+JF1zJZZ9ePR5n/RZBoo4pft78n3m8HQKabUPViwxQ33sooyTfSKwyxkV4dE7Cy
ybJYPaUKQGr/f/M+vyQijP9YKeljPmvINYiIRj0WoYF9ZCnIqJt7O+VYtDGp43v0
F9RWDRmb/sxGJwbCNW4o99dJANsIwiFuNosCAwEAAaOCArAwggKsMB0GA1UdDgQW
BBQBs6RHyV8jp1bxByGrRHKTqKNqfDAfBgNVHSMEGDAWgBQlrdNCsB63pY6tGZAm
iLVLP4H0uDAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMmEy
NDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzg1MWNlZjE3LTEzMmEt
NDMzNy1iN2QxLWJmMTZhNTJmZmQwMy9kZjZmM2IzYTM0YjYzODZkMWEzMmQ4ZjRm
YTMxNzhlZjMxODg3ZDhiNDI4ZGZhYTQ3Ni5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9mNzAzNjk2ZS1lNDdiLTRjMjAtYmQ5My02ZjgwOTA0
ZTQyZDIvNDBiM2IwOWYtNDgwYS00MTQ5LWJmZTItZmZiNDA3N2U0ODQ5LnJvYTCB
iAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL3RqaHRHakxZOVBveGVPOHhpSDJMUW8zNnBIWS5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMD
Ag3UMA0GCSqGSIb3DQEBCwUAA4IBAQA78CRUSv5g6oBJx/QFIrTF8mS53AbRcQm0
L9R+UqklHANMkp0sfFVMyH4MU14h9XoCAMlwAiuuVFvfx68fe8ldaTl65ZKjnmej
T2BmS28aqQi81fuwWdNxOiVSh+Y+tS/1egsBQ+KEiWuZfqnM7q08mP5vi47gwI0Z
zoLl2qNuPTFvIPFa68LvB81CRB+TbA0Qhyz6gvHAig7J8D3BNGCFmM4MH3P9Uu74
wv9rEvf9nTx5Mihx+kSocigPzmbImGt5kLA1aravUVlBLVAKpz1vcgkPmnLdlyzj
mVkkK3gwTa16v3I6lGF+wp9nDFEOiUseTNzLiagZAxTwRDIVXZ6l
-----END CERTIFICATE-----
Generated at Sat Mar 25 00:23:12 2023 by rpki-client on console-ams.rpki-client.org