Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6c5efc4b-f494-480e-9cb4-c0dc5221861f.roa
File:                     6c5efc4b-f494-480e-9cb4-c0dc5221861f.roa (raw, json)
Hash identifier:          uPwBf8V2E08CRkUohchxS5gaTzrl6JUv8PtJnJFsad4=
Subject key identifier:   35:8B:49:B6:52:F6:61:B5:73:3B:AF:25:40:1D:74:58:E5:8B:F8:3C
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       0A36A6CF054462CC7CAA7248DAC3475B43B5797D
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6c5efc4b-f494-480e-9cb4-c0dc5221861f.roa
Signing time:             Tue 28 May 2024 00:00:00 +0000
ROA not before:           Tue 28 May 2024 00:00:00 +0000
ROA not after:            Tue 02 Jul 2024 23:59:59 +0000
asID:                     14618
IP address blocks:        136.135.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 20 Jun 2024 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:36:a6:cf:05:44:62:cc:7c:aa:72:48:da:c3:47:5b:43:b5:79:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 28 00:00:00 2024 GMT
            Not After : Jul  2 23:59:59 2024 GMT
        Subject: serialNumber=d8e34ae0b99bda109f0aec866c89c3c94220736c7a0f59a3087f874395839782, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:8c:43:ae:ee:35:ec:6c:0d:64:03:4d:8c:30:
                    c0:42:f8:27:af:a7:20:3b:61:ab:69:ca:16:e2:f9:
                    de:52:8c:d8:73:9c:51:5c:52:56:c1:19:99:5c:1e:
                    0b:5e:75:80:87:51:8b:fd:0c:d1:a7:80:01:8d:b5:
                    90:e1:54:1e:ad:7a:cc:c4:5d:8a:5f:30:cf:67:d9:
                    cc:f7:ab:f5:41:54:4b:09:bd:df:cc:49:39:f6:d3:
                    a3:9c:2a:11:fe:95:1c:35:04:85:ba:dd:37:9d:85:
                    3f:37:16:fd:79:b0:62:9a:25:30:db:c8:32:5b:6d:
                    81:77:5d:0e:44:bb:66:9b:dc:8e:e6:9f:15:c9:cc:
                    5f:6d:42:fc:38:e0:d3:eb:17:5c:26:7b:53:be:d0:
                    d3:21:ca:6a:ec:b0:d3:09:30:ec:83:7a:84:35:eb:
                    e5:57:b7:46:2f:b4:cd:37:e3:5a:46:63:a6:d9:e1:
                    5e:6e:64:93:08:1f:9c:05:b6:ab:59:d0:44:a9:c7:
                    29:8b:b4:f2:9f:06:0e:ac:98:ed:f4:46:7e:7e:55:
                    42:91:86:8b:39:44:b1:22:5e:cc:4b:d8:e4:19:b2:
                    35:90:0c:b5:86:20:e2:78:5b:66:c4:27:00:42:55:
                    27:30:21:53:d5:bc:ac:7d:de:9a:3a:e1:c7:30:a4:
                    7b:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:8B:49:B6:52:F6:61:B5:73:3B:AF:25:40:1D:74:58:E5:8B:F8:3C
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6c5efc4b-f494-480e-9cb4-c0dc5221861f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  136.135.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         1f:5c:3d:1b:ba:ed:19:c6:76:0a:bf:06:4f:dd:48:b8:4d:92:
         5d:a1:e1:3c:a7:b2:e9:59:81:cc:65:7f:23:a7:17:dc:f0:34:
         b9:24:d3:93:e1:1c:f3:80:c4:fe:48:b8:4f:30:8c:e8:bd:13:
         13:2f:26:af:56:8b:39:39:3c:a8:fd:f7:50:d2:95:89:98:17:
         69:f2:53:23:bc:5f:ea:48:81:b9:54:99:1e:48:d1:29:39:26:
         b7:b6:e3:4d:45:66:cf:49:84:fc:3f:8e:f6:f6:a5:15:b7:cc:
         61:53:df:f8:77:d7:42:5d:a7:31:bc:b6:5c:99:50:25:be:27:
         4f:8e:de:24:d6:26:c8:3d:1a:b8:70:cc:a9:b9:7a:eb:59:72:
         9c:a5:82:c4:80:11:37:3b:25:3e:7a:6e:dc:24:0f:2a:a2:ee:
         c7:dd:43:ef:c3:2b:96:61:f0:f9:ca:7d:23:6a:eb:a7:e4:10:
         0c:dd:4c:77:10:41:1c:1d:88:08:e1:b1:7d:7b:d6:06:97:b6:
         2e:cc:0a:07:91:f8:0d:5d:0c:24:5f:21:24:ca:e7:8b:94:76:
         f6:c9:c0:a4:7e:9d:10:72:c2:56:f0:c6:ba:62:5b:83:f8:fb:
         f8:72:16:9b:9a:88:03:3a:c5:8a:21:36:d4:25:24:d3:80:78:
         21:c7:93:63
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUCjamzwVEYsx8qnJI2sNHW0O1eX0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNTI4MDAwMDAwWhcNMjQwNzAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BkOGUzNGFlMGI5OWJkYTEwOWYwYWVjODY2Yzg5YzNjOTQy
MjA3MzZjN2EwZjU5YTMwODdmODc0Mzk1ODM5NzgyMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDZjEOu7jXsbA1kA02MMMBC+CevpyA7Yatpyhbi+d5SjNhz
nFFcUlbBGZlcHgtedYCHUYv9DNGngAGNtZDhVB6teszEXYpfMM9n2cz3q/VBVEsJ
vd/MSTn206OcKhH+lRw1BIW63TedhT83Fv15sGKaJTDbyDJbbYF3XQ5Eu2ab3I7m
nxXJzF9tQvw44NPrF1wme1O+0NMhymrssNMJMOyDeoQ16+VXt0YvtM0341pGY6bZ
4V5uZJMIH5wFtqtZ0ESpxymLtPKfBg6smO30Rn5+VUKRhos5RLEiXsxL2OQZsjWQ
DLWGIOJ4W2bEJwBCVScwIVPVvKx93po64ccwpHtvAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUNYtJtlL2YbVzO68lQB10WOWL+DwwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzZjNWVmYzRiLWY0OTQtNDgwZS05Y2I0LWMwZGM1MjIxODYxZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCIhzANBgkqhkiG9w0BAQsFAAOCAQEAH1w9G7rtGcZ2Cr8GT91IuE2SXaHh
PKey6VmBzGV/I6cX3PA0uSTTk+Ec84DE/ki4TzCM6L0TEy8mr1aLOTk8qP33UNKV
iZgXafJTI7xf6kiBuVSZHkjRKTkmt7bjTUVmz0mE/D+O9valFbfMYVPf+HfXQl2n
Mby2XJlQJb4nT47eJNYmyD0auHDMqbl661lynKWCxIARNzslPnpu3CQPKqLux91D
78MrlmHw+cp9I2rrp+QQDN1MdxBBHB2ICOGxfXvWBpe2LswKB5H4DV0MJF8hJMrn
i5R29snApH6dEHLCVvDGumJbg/j7+HIWm5qIAzrFiiE21CUk04B4IceTYw==
-----END CERTIFICATE-----
Generated at Tue Jun 18 01:54:32 2024 by rpki-client on console-fra.rpki-client.org