Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4710cb95-fe9c-4b17-b2d1-78e930691bd7.roa
File:                     4710cb95-fe9c-4b17-b2d1-78e930691bd7.roa (raw, json)
Hash identifier:          dje2LPwShwIpi9Yjxp//lY2WGfAxpktmNOlg2rvSQpg=
Subject key identifier:   B2:D3:04:75:01:F4:59:4E:49:23:0A:24:E0:DE:75:6B:93:30:F0:16
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       2E55DB9C05DA0A72F29E6AD5F75D7FCFCAB25E75
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4710cb95-fe9c-4b17-b2d1-78e930691bd7.roa
Signing time:             Fri 14 Jun 2024 00:00:00 +0000
ROA not before:           Fri 14 Jun 2024 00:00:00 +0000
ROA not after:            Fri 19 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        3.101.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 20 Jun 2024 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:55:db:9c:05:da:0a:72:f2:9e:6a:d5:f7:5d:7f:cf:ca:b2:5e:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jun 14 00:00:00 2024 GMT
            Not After : Jul 19 23:59:59 2024 GMT
        Subject: serialNumber=d7b2f97513b79873666dee96ed0d6a118f736ca4bf605712be01ece5cf9375e1, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:bd:7d:3e:51:cb:eb:ca:6d:3d:72:fb:e7:fc:
                    21:3d:e0:e3:bb:9d:c3:3c:aa:5b:78:30:b2:10:e3:
                    2c:62:5e:6a:d2:74:bc:da:74:87:3b:a4:0c:6e:3a:
                    f5:6b:2f:9f:66:a3:44:a5:03:30:0e:6c:0a:c7:30:
                    d0:c8:d3:e7:78:3a:ed:3d:b2:9f:9c:f9:2c:87:2f:
                    e6:da:44:41:d6:4d:86:40:45:4d:27:74:6e:5e:90:
                    7e:94:f4:d8:24:82:1f:c0:6e:49:37:d2:a5:2e:29:
                    0e:56:33:e1:52:f3:34:26:b2:cd:38:1b:50:70:8b:
                    51:02:a3:02:e4:51:9c:eb:15:95:02:2c:cb:9e:d0:
                    5b:09:16:aa:9d:e0:ab:96:ce:a2:b8:bd:71:f1:e6:
                    6c:ee:fd:6b:47:7a:8b:14:9a:ab:42:53:af:62:58:
                    b1:6c:dc:09:d6:75:e8:dd:aa:54:de:81:53:7b:1c:
                    88:f0:93:89:28:5c:2f:85:e6:bd:9e:c7:80:0d:ba:
                    7b:3f:a3:d0:6b:5d:b5:c2:f6:90:17:13:e0:e5:7a:
                    a4:3a:79:5b:42:03:de:90:f7:56:06:02:23:4f:84:
                    da:52:fb:9d:eb:8b:c3:ec:e7:29:a7:a6:1e:ba:db:
                    7c:4c:b7:ad:2d:d1:d6:52:ca:c8:44:bb:2f:79:e6:
                    12:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:D3:04:75:01:F4:59:4E:49:23:0A:24:E0:DE:75:6B:93:30:F0:16
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4710cb95-fe9c-4b17-b2d1-78e930691bd7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.101.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         b0:6f:2f:26:75:7e:fe:25:0e:6b:2d:2f:7c:53:cc:65:56:d9:
         a0:c2:6a:37:a0:65:4e:92:97:53:5f:95:91:d4:68:4f:73:fc:
         5d:71:6c:6b:1a:9d:c0:b1:f0:1f:fe:6a:54:d0:bb:60:4d:ac:
         a1:a4:35:7d:5a:dc:42:c0:2d:cb:3d:5d:3d:03:1c:da:68:71:
         7e:b3:22:1a:9a:9b:d8:f0:a8:23:f9:8b:17:d8:04:82:95:66:
         99:df:ea:fe:26:03:9e:e0:e1:df:b5:27:41:80:55:90:0d:fe:
         90:f7:3b:2a:74:04:05:9d:bb:d5:dd:af:e9:c4:97:af:e6:69:
         03:d1:72:52:07:98:88:07:63:06:e4:13:7a:a4:c0:f9:98:9b:
         9a:cb:f7:8c:e5:e3:0d:dd:14:f3:7c:2e:2f:e3:1a:80:f7:bd:
         7a:e6:3b:d9:77:45:8b:8c:73:2f:f8:be:f3:e4:dc:e8:66:ef:
         a1:ad:e3:85:c7:19:49:12:9a:72:58:2d:8f:2d:c2:a8:4b:4f:
         29:dd:63:da:06:fc:20:34:97:25:aa:ec:31:de:49:35:d0:49:
         a4:a0:81:79:3a:51:c9:94:46:62:cb:2d:33:fb:a4:9f:5a:7d:
         59:49:6e:18:49:42:59:f6:13:72:07:c5:fd:ee:fa:03:c4:54:
         4c:ef:fe:11
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIULlXbnAXaCnLynmrV911/z8qyXnUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNjE0MDAwMDAwWhcNMjQwNzE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BkN2IyZjk3NTEzYjc5ODczNjY2ZGVlOTZlZDBkNmExMThm
NzM2Y2E0YmY2MDU3MTJiZTAxZWNlNWNmOTM3NWUxMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCcvX0+Ucvrym09cvvn/CE94OO7ncM8qlt4MLIQ4yxiXmrS
dLzadIc7pAxuOvVrL59mo0SlAzAObArHMNDI0+d4Ou09sp+c+SyHL+baREHWTYZA
RU0ndG5ekH6U9Ngkgh/Abkk30qUuKQ5WM+FS8zQmss04G1Bwi1ECowLkUZzrFZUC
LMue0FsJFqqd4KuWzqK4vXHx5mzu/WtHeosUmqtCU69iWLFs3AnWdejdqlTegVN7
HIjwk4koXC+F5r2ex4ANuns/o9BrXbXC9pAXE+DleqQ6eVtCA96Q91YGAiNPhNpS
+53ri8Ps5ymnph6623xMt60t0dZSyshEuy955hIFAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUstMEdQH0WU5JIwok4N51a5Mw8BYwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzQ3MTBjYjk1LWZlOWMtNGIxNy1iMmQxLTc4ZTkzMDY5MWJkNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwADZTANBgkqhkiG9w0BAQsFAAOCAQEAsG8vJnV+/iUOay0vfFPMZVbZoMJq
N6BlTpKXU1+VkdRoT3P8XXFsaxqdwLHwH/5qVNC7YE2soaQ1fVrcQsAtyz1dPQMc
2mhxfrMiGpqb2PCoI/mLF9gEgpVmmd/q/iYDnuDh37UnQYBVkA3+kPc7KnQEBZ27
1d2v6cSXr+ZpA9FyUgeYiAdjBuQTeqTA+Zibmsv3jOXjDd0U83wuL+MagPe9euY7
2XdFi4xzL/i+8+Tc6Gbvoa3jhccZSRKaclgtjy3CqEtPKd1j2gb8IDSXJarsMd5J
NdBJpKCBeTpRyZRGYsstM/ukn1p9WUluGElCWfYTcgfF/e76A8RUTO/+EQ==
-----END CERTIFICATE-----
Generated at Tue Jun 18 03:15:26 2024 by rpki-client on console-ams.rpki-client.org