Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4c1add43-0aab-4e13-a124-b39a7c7c38fd.roa
File:                     4c1add43-0aab-4e13-a124-b39a7c7c38fd.roa (raw, json)
Hash identifier:          WQkQxU4stkrNdKCXrqth6Pxe4YVJIcVZ8Te+TMBcx4E=
Subject key identifier:   6A:F9:8B:9E:CD:53:B1:35:77:99:6F:C9:A1:4F:E7:DD:25:85:B1:DA
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       7992CA2CBD6C328C265A72E9926753C733217B5E
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4c1add43-0aab-4e13-a124-b39a7c7c38fd.roa
Signing time:             Tue 28 May 2024 00:00:00 +0000
ROA not before:           Tue 28 May 2024 00:00:00 +0000
ROA not after:            Tue 02 Jul 2024 23:59:59 +0000
asID:                     8987
IP address blocks:        18.103.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 14 Jun 2024 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:92:ca:2c:bd:6c:32:8c:26:5a:72:e9:92:67:53:c7:33:21:7b:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 28 00:00:00 2024 GMT
            Not After : Jul  2 23:59:59 2024 GMT
        Subject: serialNumber=7e40dbef3e8c963f24747da266c60f8e10c8fa6d950af3ed02aaaa73557a2b40, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:33:b6:f2:39:8e:80:35:b8:ca:87:b3:84:7f:
                    51:79:ee:00:03:61:c9:d4:08:d5:ab:16:cb:a1:9a:
                    5a:d1:6b:0c:0f:e8:52:a5:db:c6:c9:e8:27:91:36:
                    45:b7:05:db:b4:07:7b:a9:a1:63:0c:51:d1:37:69:
                    1d:c7:5c:9f:f7:f5:d7:76:85:dc:34:be:9b:7c:22:
                    cc:07:b6:20:b6:0a:b9:de:6e:2d:b2:b4:8e:b5:b1:
                    d6:c0:47:1c:ae:bf:7f:18:d9:7a:ad:55:dd:be:26:
                    6e:10:01:eb:59:3c:82:13:f7:f6:40:4a:c8:11:28:
                    80:bd:dc:28:21:0c:71:af:4e:ab:34:bb:8f:89:e6:
                    39:46:6b:0f:22:2d:4b:e8:73:8f:da:a5:45:c4:3c:
                    e0:19:ab:3d:33:a4:26:80:65:32:06:92:a5:cb:41:
                    90:95:45:22:00:10:85:82:60:95:f1:b4:67:ae:97:
                    b3:57:c9:bd:2a:da:70:c3:b2:b4:a0:ca:5b:b2:9e:
                    88:97:53:f0:03:99:33:01:fb:f6:81:d5:78:c4:d9:
                    86:df:ec:3c:30:28:0a:5a:b5:bc:f0:9c:14:b4:0f:
                    43:62:3c:e5:6e:6f:aa:96:43:42:54:98:ae:d8:26:
                    ca:f8:5b:a6:46:25:2f:53:ff:ec:87:dc:2b:7d:20:
                    b2:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:F9:8B:9E:CD:53:B1:35:77:99:6F:C9:A1:4F:E7:DD:25:85:B1:DA
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4c1add43-0aab-4e13-a124-b39a7c7c38fd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.103.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         38:24:6e:b8:84:26:5c:8b:a0:c3:24:97:bc:61:aa:6c:10:17:
         46:c1:21:13:51:42:45:7f:41:9a:38:3a:79:cd:fe:85:6c:e1:
         08:61:a2:02:50:0d:5c:94:91:bb:31:33:8a:d5:ff:34:35:d6:
         ff:42:c9:a3:64:12:9b:4c:c3:5a:a8:10:5c:22:ff:9c:14:2c:
         95:3b:b2:3c:e7:0a:5e:e2:6c:93:95:7a:21:70:c3:f6:3e:8e:
         ec:bc:e7:a7:7e:23:7c:85:ad:60:52:3c:ac:d2:26:6c:df:76:
         c8:c1:f4:93:d9:c0:59:55:e8:f6:1c:a7:45:d6:78:ed:38:a0:
         25:06:fe:cd:44:f3:cd:54:35:45:6d:6d:18:3d:d9:52:ef:d1:
         08:d3:01:bb:70:46:ed:7e:a8:7b:12:e5:1b:bc:fa:fa:c1:15:
         08:c3:bf:86:0a:54:a2:2c:a1:9a:9b:91:43:a9:bd:a0:5b:4e:
         54:a1:d4:f3:6c:bd:9f:f4:a5:14:8f:cf:52:07:21:55:4d:5c:
         08:2a:6d:39:9e:e5:a6:6a:71:42:75:2d:ec:ce:ff:b2:c7:4e:
         30:42:42:10:1d:55:fa:16:da:dc:1d:09:7a:91:65:6c:b8:99:
         9c:c7:e2:dc:73:8d:a6:54:d0:be:b6:eb:4c:59:e7:98:b0:2a:
         7d:04:c1:74
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUeZLKLL1sMowmWnLpkmdTxzMhe14wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNTI4MDAwMDAwWhcNMjQwNzAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A3ZTQwZGJlZjNlOGM5NjNmMjQ3NDdkYTI2NmM2MGY4ZTEw
YzhmYTZkOTUwYWYzZWQwMmFhYWE3MzU1N2EyYjQwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCwM7byOY6ANbjKh7OEf1F57gADYcnUCNWrFsuhmlrRawwP
6FKl28bJ6CeRNkW3Bdu0B3upoWMMUdE3aR3HXJ/39dd2hdw0vpt8IswHtiC2Crne
bi2ytI61sdbARxyuv38Y2XqtVd2+Jm4QAetZPIIT9/ZASsgRKIC93CghDHGvTqs0
u4+J5jlGaw8iLUvoc4/apUXEPOAZqz0zpCaAZTIGkqXLQZCVRSIAEIWCYJXxtGeu
l7NXyb0q2nDDsrSgyluynoiXU/ADmTMB+/aB1XjE2Ybf7DwwKApatbzwnBS0D0Ni
POVub6qWQ0JUmK7YJsr4W6ZGJS9T/+yH3Ct9ILJ7AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUavmLns1TsTV3mW/JoU/n3SWFsdowHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzRjMWFkZDQzLTBhYWItNGUxMy1hMTI0LWIzOWE3YzdjMzhmZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwASZzANBgkqhkiG9w0BAQsFAAOCAQEAOCRuuIQmXIugwySXvGGqbBAXRsEh
E1FCRX9Bmjg6ec3+hWzhCGGiAlANXJSRuzEzitX/NDXW/0LJo2QSm0zDWqgQXCL/
nBQslTuyPOcKXuJsk5V6IXDD9j6O7Lznp34jfIWtYFI8rNImbN92yMH0k9nAWVXo
9hynRdZ47TigJQb+zUTzzVQ1RW1tGD3ZUu/RCNMBu3BG7X6oexLlG7z6+sEVCMO/
hgpUoiyhmpuRQ6m9oFtOVKHU82y9n/SlFI/PUgchVU1cCCptOZ7lpmpxQnUt7M7/
ssdOMEJCEB1V+hba3B0JepFlbLiZnMfi3HONplTQvrbrTFnnmLAqfQTBdA==
-----END CERTIFICATE-----
Generated at Thu Jun 13 17:54:02 2024 by rpki-client on console-ams.rpki-client.org