Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/726ab840-91a1-4d06-8d70-66d240e7ea7d.roa
File:                     726ab840-91a1-4d06-8d70-66d240e7ea7d.roa (raw, json)
Hash identifier:          pjI2F4EXKnv2doOuhIrxeGfNZAXbW5HMv/62Z3aViNg=
Subject key identifier:   3C:5E:20:ED:AB:C5:DD:B1:80:EB:36:EE:2D:78:2A:03:F6:44:EE:0B
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       2521D933AA90A2171C79E372C6B73A72D28115DA
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/726ab840-91a1-4d06-8d70-66d240e7ea7d.roa
Signing time:             Tue 28 May 2024 00:00:00 +0000
ROA not before:           Tue 28 May 2024 00:00:00 +0000
ROA not after:            Tue 02 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        18.112.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 20 Jun 2024 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:21:d9:33:aa:90:a2:17:1c:79:e3:72:c6:b7:3a:72:d2:81:15:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 28 00:00:00 2024 GMT
            Not After : Jul  2 23:59:59 2024 GMT
        Subject: serialNumber=c0d48b6e4f112eb5ac7a9c05cd001511a24cf8cc919cddd82e75d359c1733eed, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:4a:a0:57:dd:0a:03:44:5a:92:50:3d:08:34:
                    7f:13:1a:23:31:9d:20:b0:aa:92:5a:1c:20:d8:de:
                    32:f1:4a:89:08:10:0e:16:df:11:04:1e:a7:6c:f3:
                    8a:ee:d8:c5:ee:ca:61:55:39:42:39:a8:c9:8e:fc:
                    e4:a4:00:30:37:34:15:12:41:df:c5:f9:fd:4e:a5:
                    df:1b:cb:d4:01:33:ff:e4:cb:2c:2c:0e:a5:95:43:
                    a0:0b:33:de:43:d1:c5:ab:eb:ca:85:7c:0f:f3:a4:
                    db:a4:f5:97:bd:6a:16:7d:c0:64:bf:11:3a:17:e0:
                    dc:16:e6:dd:be:01:7f:c7:72:ea:5b:a5:32:61:31:
                    76:93:31:eb:15:ea:23:4b:82:b0:52:60:18:e4:a4:
                    3e:8f:83:cb:82:b0:a7:29:27:fe:eb:8e:d0:f1:ba:
                    ac:b9:cd:aa:05:2d:34:4b:22:74:87:f3:a0:93:19:
                    5d:75:e8:3e:8a:51:b7:70:9e:4f:ec:29:99:d2:c5:
                    26:e9:7e:69:81:d3:f1:11:12:be:d7:9a:69:40:c6:
                    20:23:cf:e4:6f:dc:e2:d3:3d:bf:9a:3e:73:75:d2:
                    fd:66:2a:17:06:1e:06:2e:97:0b:44:c4:49:af:61:
                    ff:e3:1f:51:19:42:58:0d:60:f9:0e:23:6b:f6:28:
                    e3:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:5E:20:ED:AB:C5:DD:B1:80:EB:36:EE:2D:78:2A:03:F6:44:EE:0B
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/726ab840-91a1-4d06-8d70-66d240e7ea7d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.112.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         22:bc:de:73:83:1e:93:2b:06:86:f7:75:e6:92:34:b4:26:b4:
         74:73:ba:24:69:95:e4:ce:16:8f:55:8a:50:63:cb:c7:0f:36:
         2c:e9:ca:32:44:98:31:03:f6:2a:d2:18:c2:57:aa:90:6e:3f:
         ff:cd:ac:c0:1e:58:67:92:79:e2:5f:f5:df:66:ba:b8:66:9e:
         10:5c:b1:7e:dd:79:bb:ec:83:bd:24:3a:56:b4:41:fa:25:b5:
         21:05:40:2d:30:4c:a5:e7:67:9c:66:ef:da:ad:11:c7:75:11:
         20:b4:31:95:db:b0:31:49:ee:96:d1:e9:cc:89:7a:ed:33:12:
         c7:43:ac:b7:33:59:f0:c8:9c:e6:0c:50:97:a7:93:47:1b:60:
         cd:9c:92:99:bb:01:19:9d:eb:9e:bb:4f:3d:52:bd:3c:4f:0e:
         34:27:81:d0:0f:35:48:12:83:4c:19:9f:2a:ca:c1:3b:a4:61:
         07:fb:c9:32:f6:55:e4:c9:9d:10:c5:e4:3b:e0:83:e7:69:58:
         2e:f0:f3:fe:11:ea:37:9f:23:b8:e5:8c:40:98:82:92:bd:64:
         4f:6b:ff:0a:b6:26:5e:a6:5e:7f:8c:73:42:7d:7e:0b:ae:14:
         46:29:89:d8:46:2f:ac:c9:ab:94:eb:d4:16:45:e5:b3:6d:27:
         bf:e1:04:5b
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUJSHZM6qQohcceeNyxrc6ctKBFdowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNTI4MDAwMDAwWhcNMjQwNzAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BjMGQ0OGI2ZTRmMTEyZWI1YWM3YTljMDVjZDAwMTUxMWEy
NGNmOGNjOTE5Y2RkZDgyZTc1ZDM1OWMxNzMzZWVkMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC6SqBX3QoDRFqSUD0INH8TGiMxnSCwqpJaHCDY3jLxSokI
EA4W3xEEHqds84ru2MXuymFVOUI5qMmO/OSkADA3NBUSQd/F+f1Opd8by9QBM//k
yywsDqWVQ6ALM95D0cWr68qFfA/zpNuk9Ze9ahZ9wGS/EToX4NwW5t2+AX/Hcupb
pTJhMXaTMesV6iNLgrBSYBjkpD6Pg8uCsKcpJ/7rjtDxuqy5zaoFLTRLInSH86CT
GV116D6KUbdwnk/sKZnSxSbpfmmB0/EREr7XmmlAxiAjz+Rv3OLTPb+aPnN10v1m
KhcGHgYulwtExEmvYf/jH1EZQlgNYPkOI2v2KOOzAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUPF4g7avF3bGA6zbuLXgqA/ZE7gswHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzcyNmFiODQwLTkxYTEtNGQwNi04ZDcwLTY2ZDI0MGU3ZWE3ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAScDANBgkqhkiG9w0BAQsFAAOCAQEAIrzec4MekysGhvd15pI0tCa0dHO6
JGmV5M4Wj1WKUGPLxw82LOnKMkSYMQP2KtIYwleqkG4//82swB5YZ5J54l/132a6
uGaeEFyxft15u+yDvSQ6VrRB+iW1IQVALTBMpednnGbv2q0Rx3URILQxlduwMUnu
ltHpzIl67TMSx0OstzNZ8Mic5gxQl6eTRxtgzZySmbsBGZ3rnrtPPVK9PE8ONCeB
0A81SBKDTBmfKsrBO6RhB/vJMvZV5MmdEMXkO+CD52lYLvDz/hHqN58juOWMQJiC
kr1kT2v/CrYmXqZef4xzQn1+C64URimJ2EYvrMmrlOvUFkXls20nv+EEWw==
-----END CERTIFICATE-----
Generated at Tue Jun 18 03:15:29 2024 by rpki-client on console-ams.rpki-client.org