Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5e9689be-d86a-4ada-9b31-610dcf35ec4b.roa
File:                     5e9689be-d86a-4ada-9b31-610dcf35ec4b.roa (raw, json)
Hash identifier:          aiVSrI6vrd0BBKJHCTa8ZsNOvkJAMDR98H7tlzmDg4o=
Subject key identifier:   8B:7E:EC:CD:AF:7D:0E:60:67:CF:0C:B0:10:55:07:C1:0A:F7:28:14
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       733F87D32244563127576A9892CC406637BA571F
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5e9689be-d86a-4ada-9b31-610dcf35ec4b.roa
Signing time:             Fri 24 May 2024 00:00:00 +0000
ROA not before:           Fri 24 May 2024 00:00:00 +0000
ROA not after:            Fri 28 Jun 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        128.181.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 14 Jun 2024 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:3f:87:d3:22:44:56:31:27:57:6a:98:92:cc:40:66:37:ba:57:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 24 00:00:00 2024 GMT
            Not After : Jun 28 23:59:59 2024 GMT
        Subject: serialNumber=3f2361eac6c3851f75d0df6ba44fd6e5edd2c27e1a0429ada89f117e51b0b539, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:33:df:cf:30:66:39:6b:62:70:93:84:d8:16:
                    3b:64:19:0f:31:c0:90:4e:3b:3b:a0:01:f1:7a:a6:
                    93:61:54:59:b4:91:4e:92:0c:4c:09:21:94:98:a5:
                    dc:86:84:bb:a4:83:4b:ef:a2:2e:a1:19:05:73:65:
                    70:85:31:ec:ab:ff:2d:e2:9a:2c:11:3e:66:22:41:
                    48:28:55:41:33:9b:59:c7:9b:b8:2a:6e:f7:3f:00:
                    19:5f:35:b1:42:16:5e:fe:4e:0b:fc:c9:98:dd:5b:
                    15:ad:c1:35:e3:9e:ca:6c:38:38:bc:62:30:14:dd:
                    8d:08:8b:e2:3f:26:49:6c:9d:b2:32:ff:0e:ee:b7:
                    d7:2c:8a:5b:2e:f8:23:b8:bd:b5:f3:68:45:df:c6:
                    27:44:77:d3:a3:11:c4:4f:78:50:90:ab:38:2f:cb:
                    a3:75:6c:2e:c6:77:1a:a9:7e:2b:99:11:1b:73:cf:
                    48:3b:5a:90:11:a1:43:40:83:58:b1:e4:29:a8:97:
                    03:20:54:e8:0d:3e:d5:34:46:d7:99:89:b1:9a:dd:
                    1e:eb:c2:69:57:f7:54:81:1d:6f:71:82:d4:71:96:
                    0f:97:b9:0d:e1:3b:98:78:32:dc:c0:df:33:46:83:
                    75:02:91:9a:c3:61:e3:ff:db:21:11:13:19:fb:11:
                    fb:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:7E:EC:CD:AF:7D:0E:60:67:CF:0C:B0:10:55:07:C1:0A:F7:28:14
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5e9689be-d86a-4ada-9b31-610dcf35ec4b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  128.181.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         0f:a6:2e:03:c3:47:dc:b6:f0:44:86:bb:66:9e:62:db:45:dc:
         cb:9a:75:a9:6e:2a:67:52:38:c3:ab:8e:ec:f2:94:96:8f:30:
         7b:bc:d7:53:98:43:e9:c9:4d:c9:0d:22:82:49:50:90:2b:18:
         46:03:be:38:e9:0e:1d:1b:37:19:14:3b:db:f4:63:2a:38:fc:
         dd:87:b3:9d:cf:1d:74:e6:66:dc:50:76:ab:3f:01:07:b7:36:
         bf:4f:c0:83:57:4c:27:51:38:ff:bb:1a:4c:6a:de:3f:c1:f5:
         c2:e0:58:1f:66:76:6b:75:46:14:01:f5:6b:5e:90:46:44:48:
         7c:1c:26:6f:8f:86:01:39:bb:5e:ff:25:70:4a:e3:a5:73:ab:
         ea:6b:6e:28:24:c4:6a:0b:17:66:6e:6c:e8:62:78:d0:f8:b1:
         3f:45:de:c0:b1:a8:5f:ff:1a:69:c4:88:af:52:8b:01:e9:ac:
         dd:f8:9a:48:65:e5:9c:d9:4b:c5:ae:ac:0c:62:c3:98:c3:db:
         80:8a:16:c2:3b:dd:95:69:a2:7f:6c:8e:f0:a1:4b:68:b7:93:
         4d:a3:8b:6f:39:e5:a0:15:06:15:c2:6a:44:45:10:77:e0:47:
         8e:2a:47:94:b2:a4:5f:a5:47:01:7a:08:dd:b2:34:06:a8:3e:
         26:3d:03:b9
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUcz+H0yJEVjEnV2qYksxAZje6Vx8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNTI0MDAwMDAwWhcNMjQwNjI4MjM1OTU5
WjB6MUkwRwYDVQQFE0AzZjIzNjFlYWM2YzM4NTFmNzVkMGRmNmJhNDRmZDZlNWVk
ZDJjMjdlMWEwNDI5YWRhODlmMTE3ZTUxYjBiNTM5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4M9/PMGY5a2Jwk4TYFjtkGQ8xwJBOOzugAfF6ppNhVFm0
kU6SDEwJIZSYpdyGhLukg0vvoi6hGQVzZXCFMeyr/y3imiwRPmYiQUgoVUEzm1nH
m7gqbvc/ABlfNbFCFl7+Tgv8yZjdWxWtwTXjnspsODi8YjAU3Y0Ii+I/JklsnbIy
/w7ut9csilsu+CO4vbXzaEXfxidEd9OjEcRPeFCQqzgvy6N1bC7GdxqpfiuZERtz
z0g7WpARoUNAg1ix5CmolwMgVOgNPtU0RteZibGa3R7rwmlX91SBHW9xgtRxlg+X
uQ3hO5h4MtzA3zNGg3UCkZrDYeP/2yERExn7Efv5AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUi37sza99DmBnzwywEFUHwQr3KBQwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzVlOTY4OWJlLWQ4NmEtNGFkYS05YjMxLTYxMGRjZjM1ZWM0Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCAtTANBgkqhkiG9w0BAQsFAAOCAQEAD6YuA8NH3LbwRIa7Zp5i20Xcy5p1
qW4qZ1I4w6uO7PKUlo8we7zXU5hD6clNyQ0igklQkCsYRgO+OOkOHRs3GRQ72/Rj
Kjj83Yeznc8ddOZm3FB2qz8BB7c2v0/Ag1dMJ1E4/7saTGreP8H1wuBYH2Z2a3VG
FAH1a16QRkRIfBwmb4+GATm7Xv8lcErjpXOr6mtuKCTEagsXZm5s6GJ40PixP0Xe
wLGoX/8aacSIr1KLAems3fiaSGXlnNlLxa6sDGLDmMPbgIoWwjvdlWmif2yO8KFL
aLeTTaOLbznloBUGFcJqREUQd+BHjipHlLKkX6VHAXoI3bI0Bqg+Jj0DuQ==
-----END CERTIFICATE-----
Generated at Thu Jun 13 17:54:02 2024 by rpki-client on console-ams.rpki-client.org