Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7c762441-67a4-4d84-9bb6-d3feec3c9100.roa
File:                     7c762441-67a4-4d84-9bb6-d3feec3c9100.roa (raw, json)
Hash identifier:          HJXvWa4S1nfundxLg6lKqjPT2He1GavYjKYriJoYens=
Subject key identifier:   09:C0:96:52:B1:A6:3D:85:A0:17:D0:74:23:94:35:96:6D:60:E3:99
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       413B92A1DE203655488EE1CD3C48F7E31EB93C7E
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7c762441-67a4-4d84-9bb6-d3feec3c9100.roa
Signing time:             Fri 08 Mar 2024 00:00:00 +0000
ROA not before:           Fri 08 Mar 2024 00:00:00 +0000
ROA not after:            Fri 12 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        52.95.60.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:3b:92:a1:de:20:36:55:48:8e:e1:cd:3c:48:f7:e3:1e:b9:3c:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar  8 00:00:00 2024 GMT
            Not After : Apr 12 23:59:59 2024 GMT
        Subject: serialNumber=d93788a93d4714c13d4f019b00c11eee41ffe342e862aa291062cf5a72e30167, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:40:52:b7:22:c2:8c:63:bf:ff:99:93:9c:83:
                    b3:bd:de:21:54:c1:4a:f5:5e:35:4f:6a:a1:88:b5:
                    30:bb:08:1f:8d:70:28:16:53:6e:87:0b:75:a6:e5:
                    f7:fa:bf:d5:86:23:23:55:c7:e6:b1:b2:07:94:9b:
                    20:aa:b9:57:1d:f6:d8:84:b2:78:21:4b:7a:ce:a9:
                    04:7a:4c:b0:81:9b:af:6d:97:6c:75:4a:bf:75:8c:
                    53:df:05:e6:8a:0f:78:fb:5e:5b:25:92:65:55:b6:
                    16:9a:38:29:df:28:14:7e:0e:09:bd:49:8f:72:ca:
                    fa:2d:b4:14:0a:40:16:c0:e8:31:8b:54:6d:8f:20:
                    66:c7:63:8f:2b:f0:41:0e:c7:2b:73:95:b2:6c:ed:
                    3d:b0:87:6a:e2:61:6b:11:b6:99:47:ff:8c:b2:f4:
                    b6:60:8a:de:9d:ac:9e:ce:20:0b:0e:fa:35:e8:1d:
                    84:da:d2:f1:ba:ee:bd:02:7c:bb:55:9c:8d:19:e7:
                    9c:df:d8:6b:77:ad:e6:4f:83:fb:30:6b:1c:ad:b7:
                    18:bd:f4:29:91:d3:3b:50:87:9b:71:6a:91:50:42:
                    22:62:56:0c:56:84:59:3c:1c:3c:dd:6b:91:fc:7b:
                    fc:40:9c:07:85:df:dd:ee:e2:ba:f8:9e:b7:b8:f9:
                    b2:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:C0:96:52:B1:A6:3D:85:A0:17:D0:74:23:94:35:96:6D:60:E3:99
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7c762441-67a4-4d84-9bb6-d3feec3c9100.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.95.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:49:0c:bf:f6:d0:2d:b9:43:60:fe:6e:63:19:d7:87:24:e6:
         c4:66:eb:b5:8f:7d:85:1d:d9:d1:6d:8e:c7:40:29:ed:e1:1e:
         68:44:b9:5b:1f:6a:4d:8b:77:80:fd:4a:18:f9:d6:0c:53:3e:
         cd:ed:50:24:da:18:33:90:2a:eb:75:3d:74:a1:5d:98:03:0e:
         57:e6:84:69:ce:20:91:2b:0d:5f:1b:aa:53:8a:a6:86:db:16:
         a9:5c:e1:b0:8a:14:56:da:fc:92:3d:2b:a6:58:a8:72:d1:15:
         ab:ac:a9:ba:95:03:63:15:d1:0d:6b:07:c9:f8:d3:71:9a:f0:
         01:b1:8e:59:aa:94:a7:aa:a4:f9:87:53:a4:fa:bc:8b:6b:7c:
         4f:ea:01:bc:3c:89:48:7b:53:54:7e:a6:ff:c6:00:fe:7b:fa:
         3c:b0:1c:9b:65:2b:b8:99:d2:4d:af:ee:eb:bc:cb:9a:00:86:
         7f:dc:87:46:da:dc:68:b8:29:3c:77:33:d9:cd:e7:e6:c5:ce:
         24:be:c8:1e:b0:7c:3e:80:34:c5:81:e7:43:29:49:4b:c9:84:
         3f:cd:3e:29:6d:e1:f3:3b:ba:2a:e1:24:8f:af:db:7a:35:11:
         e4:21:ed:fe:29:55:08:47:0f:3c:59:c5:29:de:72:95:6e:f5:
         59:3e:0f:e1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQTuSod4gNlVIjuHNPEj34x65PH4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwMzA4MDAwMDAwWhcNMjQwNDEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BkOTM3ODhhOTNkNDcxNGMxM2Q0ZjAxOWIwMGMxMWVlZTQx
ZmZlMzQyZTg2MmFhMjkxMDYyY2Y1YTcyZTMwMTY3MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDLQFK3IsKMY7//mZOcg7O93iFUwUr1XjVPaqGItTC7CB+N
cCgWU26HC3Wm5ff6v9WGIyNVx+axsgeUmyCquVcd9tiEsnghS3rOqQR6TLCBm69t
l2x1Sr91jFPfBeaKD3j7XlslkmVVthaaOCnfKBR+Dgm9SY9yyvottBQKQBbA6DGL
VG2PIGbHY48r8EEOxytzlbJs7T2wh2riYWsRtplH/4yy9LZgit6drJ7OIAsO+jXo
HYTa0vG67r0CfLtVnI0Z55zf2Gt3reZPg/swaxyttxi99CmR0ztQh5txapFQQiJi
VgxWhFk8HDzda5H8e/xAnAeF393u4rr4nre4+bKbAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUCcCWUrGmPYWgF9B0I5Q1lm1g45kwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzdjNzYyNDQxLTY3YTQtNGQ4NC05YmI2LWQzZmVlYzNjOTEwMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA0XzwwDQYJKoZIhvcNAQELBQADggEBAD5JDL/20C25Q2D+bmMZ14ck5sRm
67WPfYUd2dFtjsdAKe3hHmhEuVsfak2Ld4D9Shj51gxTPs3tUCTaGDOQKut1PXSh
XZgDDlfmhGnOIJErDV8bqlOKpobbFqlc4bCKFFba/JI9K6ZYqHLRFausqbqVA2MV
0Q1rB8n403Ga8AGxjlmqlKeqpPmHU6T6vItrfE/qAbw8iUh7U1R+pv/GAP57+jyw
HJtlK7iZ0k2v7uu8y5oAhn/ch0ba3Gi4KTx3M9nN5+bFziS+yB6wfD6ANMWB50Mp
SUvJhD/NPilt4fM7uirhJI+v23o1EeQh7f4pVQhHDzxZxSnecpVu9Vk+D+E=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:18:35 2024 by rpki-client on console-ams.rpki-client.org