Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/76eb2277-b182-4cd2-a4b2-ef65da2565a9.roa
File:                     76eb2277-b182-4cd2-a4b2-ef65da2565a9.roa (raw, json)
Hash identifier:          gnFif9dxsuQtx+6tPndtwrBN46kPtDrmaW3KAcWwniQ=
Subject key identifier:   17:D9:57:D4:0B:94:27:F7:5A:EC:1B:E2:5D:14:2E:4D:72:96:13:FF
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       356BF9609D7524DC3E49B59C5E763E0138CF0C67
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/76eb2277-b182-4cd2-a4b2-ef65da2565a9.roa
Signing time:             Tue 28 May 2024 00:00:00 +0000
ROA not before:           Tue 28 May 2024 00:00:00 +0000
ROA not after:            Tue 02 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        47.10.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 22 Jun 2024 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:6b:f9:60:9d:75:24:dc:3e:49:b5:9c:5e:76:3e:01:38:cf:0c:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 28 00:00:00 2024 GMT
            Not After : Jul  2 23:59:59 2024 GMT
        Subject: serialNumber=f2444bd5fca028bb2acad0fb9eeb630af2653fac04cd8734e5ea2db64777d2c5, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:2c:33:17:8f:51:25:08:a5:65:d3:82:fe:c1:
                    cb:77:a3:f8:84:83:12:02:f9:0d:fa:bc:7d:ca:78:
                    6a:20:82:59:fc:bc:f0:e2:05:87:bc:43:44:5e:d7:
                    b6:61:c2:b0:75:a2:21:1d:bf:48:93:05:55:ea:99:
                    f9:21:d8:ab:2e:78:66:62:00:31:0b:94:fa:54:6c:
                    ef:e4:be:14:0a:89:3c:59:f6:85:1c:42:4f:d6:0f:
                    8e:15:10:b7:63:31:c4:b6:e5:48:91:88:cf:c5:e8:
                    9b:2d:01:c9:27:cd:98:a9:20:2a:1b:47:cf:78:ee:
                    ab:ee:ea:1a:ad:d0:d5:5d:14:ae:4f:e7:e9:fa:32:
                    df:f7:cf:82:34:2c:34:72:19:cc:35:91:13:6a:e5:
                    f1:20:35:0b:30:28:aa:67:c0:24:80:98:20:e4:f3:
                    23:dc:0f:0c:43:77:2e:37:60:2e:1a:e4:99:7e:9e:
                    0a:bd:0c:c6:98:f4:ad:0e:a5:6a:d1:0f:98:25:bb:
                    a7:d6:09:e4:55:6e:3b:d8:1a:6f:5c:aa:fb:ea:fa:
                    9f:44:30:22:8d:6e:85:6f:8e:5b:59:f4:5b:d2:bc:
                    ff:36:b4:09:c3:f5:43:59:31:c7:4f:03:2c:30:e8:
                    46:d7:3c:9a:32:ad:a1:95:73:10:6e:4b:d6:ae:8e:
                    ad:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:D9:57:D4:0B:94:27:F7:5A:EC:1B:E2:5D:14:2E:4D:72:96:13:FF
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/76eb2277-b182-4cd2-a4b2-ef65da2565a9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  47.10.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         a0:b9:7c:01:69:9c:ec:5d:18:74:a8:a3:d3:50:71:95:4d:45:
         e2:4f:55:6b:70:ee:09:82:03:0e:94:3d:cd:1e:52:24:97:8c:
         7c:36:fd:c7:d2:f3:ef:14:cc:f7:23:b1:1b:67:3a:db:ae:83:
         d2:82:05:41:c5:15:3c:41:a9:ad:90:05:02:07:fa:5b:fe:95:
         bc:73:dd:46:a3:ca:ce:41:c0:b0:3d:b0:d4:e3:f1:b1:8e:9c:
         5a:64:b9:83:e4:44:c3:8e:5f:2d:e9:18:fe:8e:ba:85:be:f2:
         8c:c6:04:be:80:2e:99:fc:51:92:b1:44:28:2f:9c:82:55:75:
         4d:98:2d:44:d8:95:12:a8:14:49:d4:4e:2a:b4:03:53:47:2f:
         e3:23:f9:1d:bf:85:cd:9f:9f:cc:98:13:50:d8:b8:1f:be:4b:
         2a:44:39:c2:fb:98:42:2b:e2:1d:22:b7:1c:89:56:4b:5c:b0:
         ad:35:7b:a4:bd:60:c2:f4:fc:2c:af:0e:de:91:c2:eb:e5:15:
         8c:30:49:40:e4:70:07:38:7a:ed:f4:21:65:43:02:b8:96:24:
         01:6a:96:d6:b3:a9:19:a9:49:50:e0:10:80:88:6d:80:4d:2b:
         bb:cf:a0:70:22:d6:34:83:89:b0:f8:15:65:90:1e:43:a5:d9:
         a5:ea:74:cb
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUNWv5YJ11JNw+SbWcXnY+ATjPDGcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNTI4MDAwMDAwWhcNMjQwNzAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BmMjQ0NGJkNWZjYTAyOGJiMmFjYWQwZmI5ZWViNjMwYWYy
NjUzZmFjMDRjZDg3MzRlNWVhMmRiNjQ3NzdkMmM1MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDyLDMXj1ElCKVl04L+wct3o/iEgxIC+Q36vH3KeGoggln8
vPDiBYe8Q0Re17ZhwrB1oiEdv0iTBVXqmfkh2KsueGZiADELlPpUbO/kvhQKiTxZ
9oUcQk/WD44VELdjMcS25UiRiM/F6JstAcknzZipICobR8947qvu6hqt0NVdFK5P
5+n6Mt/3z4I0LDRyGcw1kRNq5fEgNQswKKpnwCSAmCDk8yPcDwxDdy43YC4a5Jl+
ngq9DMaY9K0OpWrRD5glu6fWCeRVbjvYGm9cqvvq+p9EMCKNboVvjltZ9FvSvP82
tAnD9UNZMcdPAyww6EbXPJoyraGVcxBuS9aujq3bAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUF9lX1AuUJ/da7BviXRQuTXKWE/8wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzc2ZWIyMjc3LWIxODItNGNkMi1hNGIyLWVmNjVkYTI1NjVhOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAvCjANBgkqhkiG9w0BAQsFAAOCAQEAoLl8AWmc7F0YdKij01BxlU1F4k9V
a3DuCYIDDpQ9zR5SJJeMfDb9x9Lz7xTM9yOxG2c6266D0oIFQcUVPEGprZAFAgf6
W/6VvHPdRqPKzkHAsD2w1OPxsY6cWmS5g+REw45fLekY/o66hb7yjMYEvoAumfxR
krFEKC+cglV1TZgtRNiVEqgUSdROKrQDU0cv4yP5Hb+FzZ+fzJgTUNi4H75LKkQ5
wvuYQiviHSK3HIlWS1ywrTV7pL1gwvT8LK8O3pHC6+UVjDBJQORwBzh67fQhZUMC
uJYkAWqW1rOpGalJUOAQgIhtgE0ru8+gcCLWNIOJsPgVZZAeQ6XZpep0yw==
-----END CERTIFICATE-----
Generated at Thu Jun 20 01:11:48 2024 by rpki-client on console-fra.rpki-client.org