Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/99e1c169-d92e-43fa-a1ba-37559c29d98e.roa
File:                     99e1c169-d92e-43fa-a1ba-37559c29d98e.roa (raw, json)
Hash identifier:          Q0HrMvyVHXdT21WMquo+92zEugJTNAQyErhBryqoaEI=
Subject key identifier:   48:44:2B:F6:76:41:68:13:CD:70:16:64:E4:90:AB:D2:D7:B0:05:3A
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       30443D7936B62FF6670ED67C5E840506D705697D
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/99e1c169-d92e-43fa-a1ba-37559c29d98e.roa
Signing time:             Mon 27 May 2024 00:00:00 +0000
ROA not before:           Mon 27 May 2024 00:00:00 +0000
ROA not after:            Mon 01 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        54.220.0.0/15 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 18 Jun 2024 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:44:3d:79:36:b6:2f:f6:67:0e:d6:7c:5e:84:05:06:d7:05:69:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 27 00:00:00 2024 GMT
            Not After : Jul  1 23:59:59 2024 GMT
        Subject: serialNumber=dd0368513a18ca1597167f9ee4a8c15f2e9b6c152ac315cd74a29fb8cbdbe684, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:b0:2e:f0:54:cd:54:8e:e8:d2:e4:7e:ec:67:
                    40:c2:e7:45:a8:5c:5c:d5:3d:a8:9a:30:00:89:cd:
                    b9:5a:36:5d:ca:6b:58:50:67:54:af:2e:9f:6a:a6:
                    c5:ab:9f:03:94:2e:8c:af:f7:fd:f1:c9:0e:00:e7:
                    9d:f7:ad:73:a8:0d:fe:2a:81:86:90:99:77:cf:10:
                    13:c9:9e:e2:b1:1d:2b:d1:3c:eb:a8:59:db:b1:8a:
                    b2:6c:04:c7:21:57:01:85:55:79:d5:51:0f:e8:75:
                    a7:f0:4f:b5:e6:51:47:c0:8b:1f:51:e2:24:a2:69:
                    d8:7e:ea:b3:06:91:29:64:f7:ed:34:87:87:5b:22:
                    e9:3e:6a:6f:7c:82:55:86:9d:44:3b:b5:fa:ab:a2:
                    f4:fd:03:86:1f:7f:56:94:1a:c8:c3:a6:05:18:47:
                    aa:3c:f2:8d:68:58:6a:d4:34:95:35:fd:07:d0:04:
                    2b:f7:3d:83:53:f8:68:5f:60:82:0a:4c:db:ff:51:
                    0e:e8:79:97:72:38:60:5f:69:cb:08:58:b6:6f:c2:
                    84:51:5d:8a:73:03:b8:37:ac:1f:cb:fa:40:d8:7e:
                    7d:f8:e4:17:ba:58:4b:64:5e:31:9c:6f:7f:81:80:
                    f8:fd:d4:af:aa:f5:43:e2:6e:b3:f8:1c:ea:3d:e2:
                    12:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:44:2B:F6:76:41:68:13:CD:70:16:64:E4:90:AB:D2:D7:B0:05:3A
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/99e1c169-d92e-43fa-a1ba-37559c29d98e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.220.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         81:3d:40:32:2b:ff:fe:5b:79:77:df:6c:0d:a0:3b:04:c3:4d:
         62:86:0c:97:48:3a:5e:9d:53:15:d5:db:7e:a7:03:b9:7d:29:
         0a:b3:35:f6:db:0a:ac:9f:c0:f5:cb:99:c5:85:54:98:24:e5:
         80:8b:29:04:9b:5f:40:9c:37:17:eb:cd:46:33:a3:4b:87:77:
         36:f8:a1:38:bd:51:77:b5:dd:22:d0:3e:fc:d5:bd:49:d6:37:
         20:cc:81:68:34:79:21:0b:98:ad:0c:75:d4:1b:16:5c:d3:86:
         94:3b:54:3d:bf:00:32:f8:ed:df:71:44:b0:12:c5:82:75:c3:
         ff:09:1a:56:3a:8e:27:8d:3b:ea:f0:e6:be:8b:e5:5f:24:3a:
         2a:42:d3:e4:28:57:55:65:42:70:5d:a8:83:3c:70:ce:05:66:
         d7:de:c1:64:39:24:b2:11:a3:6d:3a:ad:f4:41:f5:4e:af:92:
         5f:9b:7a:04:1a:4c:82:c3:44:cc:3e:11:26:de:89:97:9f:76:
         bd:60:7c:56:da:4b:6f:56:ed:2d:b4:0c:be:98:22:60:b3:43:
         cd:50:e2:34:e4:81:0e:21:14:8b:2e:b0:60:87:e2:80:98:b3:
         f7:f3:ae:95:dc:79:ce:1f:ad:e4:91:20:c1:6d:a1:a2:c8:b6:
         ea:b9:e4:a0
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUMEQ9eTa2L/ZnDtZ8XoQFBtcFaX0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNTI3MDAwMDAwWhcNMjQwNzAxMjM1OTU5
WjB6MUkwRwYDVQQFE0BkZDAzNjg1MTNhMThjYTE1OTcxNjdmOWVlNGE4YzE1ZjJl
OWI2YzE1MmFjMzE1Y2Q3NGEyOWZiOGNiZGJlNjg0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDBsC7wVM1UjujS5H7sZ0DC50WoXFzVPaiaMACJzblaNl3K
a1hQZ1SvLp9qpsWrnwOULoyv9/3xyQ4A5533rXOoDf4qgYaQmXfPEBPJnuKxHSvR
POuoWduxirJsBMchVwGFVXnVUQ/odafwT7XmUUfAix9R4iSiadh+6rMGkSlk9+00
h4dbIuk+am98glWGnUQ7tfqrovT9A4Yff1aUGsjDpgUYR6o88o1oWGrUNJU1/QfQ
BCv3PYNT+GhfYIIKTNv/UQ7oeZdyOGBfacsIWLZvwoRRXYpzA7g3rB/L+kDYfn34
5Be6WEtkXjGcb3+BgPj91K+q9UPibrP4HOo94hInAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUSEQr9nZBaBPNcBZk5JCr0tewBTowHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzk5ZTFjMTY5LWQ5MmUtNDNmYS1hMWJhLTM3NTU5YzI5ZDk4ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwE23DANBgkqhkiG9w0BAQsFAAOCAQEAgT1AMiv//lt5d99sDaA7BMNNYoYM
l0g6Xp1TFdXbfqcDuX0pCrM19tsKrJ/A9cuZxYVUmCTlgIspBJtfQJw3F+vNRjOj
S4d3NvihOL1Rd7XdItA+/NW9SdY3IMyBaDR5IQuYrQx11BsWXNOGlDtUPb8AMvjt
33FEsBLFgnXD/wkaVjqOJ4076vDmvovlXyQ6KkLT5ChXVWVCcF2ogzxwzgVm197B
ZDkkshGjbTqt9EH1Tq+SX5t6BBpMgsNEzD4RJt6Jl592vWB8VtpLb1btLbQMvpgi
YLNDzVDiNOSBDiEUiy6wYIfigJiz9/Ouldx5zh+t5JEgwW2hosi26rnkoA==
-----END CERTIFICATE-----
Generated at Mon Jun 17 18:21:16 2024 by rpki-client on console-ams.rpki-client.org