Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/58c18960-20bc-46a1-9902-aafc4036251d.roa
File:                     58c18960-20bc-46a1-9902-aafc4036251d.roa (raw, json)
Hash identifier:          uFc/j3zj7r6PZm8VoGO2hg1RJGSJwqiZ8TC8JwFfzuU=
Subject key identifier:   66:67:A6:01:41:99:1B:10:E2:F6:62:7B:96:E2:DD:93:98:08:C8:96
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       590480D8BF2207BB3F4EF6897BF82CD12B56EBF8
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/58c18960-20bc-46a1-9902-aafc4036251d.roa
Signing time:             Sat 09 Mar 2024 00:00:00 +0000
ROA not before:           Sat 09 Mar 2024 00:00:00 +0000
ROA not after:            Sat 13 Apr 2024 23:59:59 +0000
asID:                     8987
IP address blocks:        15.138.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:04:80:d8:bf:22:07:bb:3f:4e:f6:89:7b:f8:2c:d1:2b:56:eb:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar  9 00:00:00 2024 GMT
            Not After : Apr 13 23:59:59 2024 GMT
        Subject: serialNumber=9f3110e0c67e897f39defd53053689c58a59f600ef2611c309e1f63d0c2c7578, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:3d:cf:98:9b:43:a0:60:1d:a4:e0:dd:34:9e:
                    0a:58:2c:9d:36:e6:49:2c:b9:e2:17:14:97:b5:50:
                    c7:c8:f4:89:c0:78:46:13:b2:20:ca:8d:7c:28:f7:
                    07:1f:76:2a:e3:78:1b:9e:ea:c8:f0:b8:a2:01:39:
                    4a:21:af:e3:37:1d:0b:3b:6d:96:ed:da:5a:ce:c4:
                    e4:4b:81:ac:53:16:2d:74:61:48:a8:32:32:3c:a7:
                    bc:b9:44:27:98:73:dc:45:c4:cd:13:15:ba:26:81:
                    a8:63:ea:84:79:c1:5c:22:af:5b:71:47:fc:c6:32:
                    4f:a2:f2:b0:50:18:52:24:53:70:8c:5a:1c:ac:b8:
                    bf:23:21:79:88:3a:8b:87:3f:ae:18:78:47:4f:9b:
                    2f:df:d8:a1:e1:6d:44:24:a7:00:83:aa:fb:14:7e:
                    18:1b:20:5d:55:74:a1:68:d2:df:ca:55:73:c5:a8:
                    57:6f:1b:ec:4c:a7:e6:d6:3c:c5:ca:16:df:bb:82:
                    89:ba:a0:f7:78:c1:37:01:70:51:39:78:96:44:60:
                    f9:95:dd:1b:82:cb:4d:e3:44:dc:92:88:f9:eb:fb:
                    60:1c:c2:6c:c1:c6:6b:fc:d2:82:b5:fe:1b:65:61:
                    cc:36:6d:b2:16:d9:62:7c:61:ef:d6:68:33:54:5f:
                    74:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:67:A6:01:41:99:1B:10:E2:F6:62:7B:96:E2:DD:93:98:08:C8:96
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/58c18960-20bc-46a1-9902-aafc4036251d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.138.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         1f:97:40:fd:7b:4f:88:7d:d5:07:45:c4:71:2e:bd:cc:95:95:
         27:e5:13:a4:a0:60:e9:98:9e:6c:40:5c:63:48:a7:4c:a3:06:
         b8:29:88:b0:81:c4:f2:5b:9f:09:29:da:cf:be:b8:20:b2:2e:
         bf:ac:8e:59:87:af:bb:b6:b0:ca:22:7b:6d:c1:05:0d:7e:94:
         b3:8e:ed:be:71:5b:cb:52:8f:33:c8:9c:0e:c2:53:64:20:8b:
         aa:2f:9f:ef:5c:00:bf:a2:6f:db:0a:50:a6:75:ac:82:80:af:
         79:50:f3:a9:24:d3:ef:d0:b4:64:e1:67:76:f8:f6:bc:71:45:
         8c:76:0e:73:f6:59:52:4e:79:fb:c3:32:b2:84:89:5c:ab:41:
         2b:bd:66:d3:d8:fc:77:11:a3:e9:e9:33:b3:a2:ce:33:7f:f9:
         fa:cf:7d:84:c8:d4:95:ff:01:2e:f1:41:6d:01:87:c2:0c:f7:
         8d:bd:29:ed:43:15:30:95:08:0f:c0:c4:86:01:19:83:59:20:
         27:26:e9:3c:30:a8:a6:a9:ce:aa:ad:57:aa:f9:a0:60:c6:eb:
         72:d2:b8:17:4d:03:62:61:b0:31:64:3f:d5:78:18:d5:02:b1:
         e7:68:1c:e2:cb:c0:d5:38:f0:a0:5b:c9:c0:71:98:8b:5f:a8:
         0d:a6:97:57
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUWQSA2L8iB7s/TvaJe/gs0StW6/gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwMzA5MDAwMDAwWhcNMjQwNDEzMjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZjMxMTBlMGM2N2U4OTdmMzlkZWZkNTMwNTM2ODljNThh
NTlmNjAwZWYyNjExYzMwOWUxZjYzZDBjMmM3NTc4MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDQPc+Ym0OgYB2k4N00ngpYLJ025kksueIXFJe1UMfI9InA
eEYTsiDKjXwo9wcfdirjeBue6sjwuKIBOUohr+M3HQs7bZbt2lrOxORLgaxTFi10
YUioMjI8p7y5RCeYc9xFxM0TFbomgahj6oR5wVwir1txR/zGMk+i8rBQGFIkU3CM
WhysuL8jIXmIOouHP64YeEdPmy/f2KHhbUQkpwCDqvsUfhgbIF1VdKFo0t/KVXPF
qFdvG+xMp+bWPMXKFt+7gom6oPd4wTcBcFE5eJZEYPmV3RuCy03jRNySiPnr+2Ac
wmzBxmv80oK1/htlYcw2bbIW2WJ8Ye/WaDNUX3Q9AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUZmemAUGZGxDi9mJ7luLdk5gIyJYwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzU4YzE4OTYwLTIwYmMtNDZhMS05OTAyLWFhZmM0MDM2MjUxZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAPijANBgkqhkiG9w0BAQsFAAOCAQEAH5dA/XtPiH3VB0XEcS69zJWVJ+UT
pKBg6ZiebEBcY0inTKMGuCmIsIHE8lufCSnaz764ILIuv6yOWYevu7awyiJ7bcEF
DX6Us47tvnFby1KPM8icDsJTZCCLqi+f71wAv6Jv2wpQpnWsgoCveVDzqSTT79C0
ZOFndvj2vHFFjHYOc/ZZUk55+8MysoSJXKtBK71m09j8dxGj6ekzs6LOM3/5+s99
hMjUlf8BLvFBbQGHwgz3jb0p7UMVMJUID8DEhgEZg1kgJybpPDCopqnOqq1Xqvmg
YMbrctK4F00DYmGwMWQ/1XgY1QKx52gc4svA1TjwoFvJwHGYi1+oDaaXVw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 01:01:31 2024 by rpki-client on console-fra.rpki-client.org