Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9e37db80-49b5-4f89-b7af-1f8a845dc4aa.roa
File:                     9e37db80-49b5-4f89-b7af-1f8a845dc4aa.roa (raw, json)
Hash identifier:          mcfgS2/c683aXvtKmCAOQvFluT3w3b5QLNsieiB2Kxw=
Subject key identifier:   AB:36:C2:3D:14:36:BA:3E:86:2B:C7:88:C6:BC:3F:84:04:F9:04:8D
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       247C9DED8087AF168597FA4E5A466E21366F033E
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9e37db80-49b5-4f89-b7af-1f8a845dc4aa.roa
Signing time:             Wed 06 Mar 2024 00:00:00 +0000
ROA not before:           Wed 06 Mar 2024 00:00:00 +0000
ROA not after:            Wed 10 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        13.248.109.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:7c:9d:ed:80:87:af:16:85:97:fa:4e:5a:46:6e:21:36:6f:03:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar  6 00:00:00 2024 GMT
            Not After : Apr 10 23:59:59 2024 GMT
        Subject: serialNumber=afc6da6ad882e45ca0b431e5f66f512f69205764d47661198359b3f3cef42d4c, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:e6:14:b0:d6:e5:a6:5a:ce:b1:c0:25:bb:7b:
                    01:03:25:89:8b:19:5c:eb:58:20:57:37:df:e2:c5:
                    5c:dd:e3:5d:5d:58:43:77:e1:03:3d:f0:bb:5e:b1:
                    f8:91:42:84:d9:67:ba:0c:08:e0:fb:dd:b5:a0:92:
                    51:b0:2d:28:75:88:1d:7a:cf:77:95:80:6b:d7:e0:
                    73:8e:67:d5:d5:7d:e5:76:44:5d:d1:54:02:14:e0:
                    ee:1a:99:08:6e:b9:bf:09:a1:69:d9:e5:31:25:dd:
                    9e:e1:e8:26:00:f8:9b:60:cb:a4:07:02:d9:8e:b4:
                    31:0b:99:3c:ba:6a:4d:ba:a5:a3:7f:e8:3f:eb:6a:
                    66:20:bc:a2:4d:f4:84:df:fe:ee:4d:80:64:18:42:
                    af:23:d7:0a:f2:40:c2:f0:e5:db:7f:2d:90:29:6b:
                    1f:f1:00:c0:7e:fd:62:e2:36:e4:4e:55:68:a0:87:
                    6e:f4:a0:47:2a:9c:a0:f8:a7:c7:c8:49:b1:5a:15:
                    1e:1e:d3:4a:f5:80:78:f5:d0:34:e7:23:c2:34:27:
                    6f:46:a0:6e:0f:54:3f:be:dc:cd:48:dd:69:7e:97:
                    49:78:2f:85:cf:51:5e:b1:47:39:08:22:d6:b0:02:
                    fa:13:e1:18:08:7f:4e:9c:8c:3d:0d:9f:ff:ea:b2:
                    11:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:36:C2:3D:14:36:BA:3E:86:2B:C7:88:C6:BC:3F:84:04:F9:04:8D
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9e37db80-49b5-4f89-b7af-1f8a845dc4aa.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.248.109.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:63:bc:39:1e:9e:79:8b:99:c7:fb:d5:d3:7e:cf:2b:a9:ee:
         1a:25:76:9e:23:cb:7c:f6:cd:80:5c:54:ae:98:96:08:26:1f:
         fd:85:81:80:9f:44:33:af:75:be:b3:14:b6:71:d3:cc:5b:95:
         bf:b1:76:46:0c:63:ab:05:27:19:1a:9a:63:1d:32:6a:fb:25:
         3c:87:84:79:0d:e0:96:22:ce:95:9e:43:1c:7f:04:07:71:39:
         e9:d6:6b:41:13:f9:eb:da:e1:3d:26:55:5a:82:68:64:37:a3:
         21:a6:74:e7:d1:5e:18:a2:0e:3c:75:c6:a6:c9:b7:53:e6:2c:
         e6:0b:0e:2f:84:27:31:39:1f:47:cf:49:0d:c0:39:56:fa:10:
         af:31:5f:3f:fb:39:5c:02:e2:22:90:5d:9d:d2:28:dd:70:0b:
         78:1e:d6:45:28:76:bf:d8:ce:d9:21:e7:97:0a:34:d1:9a:32:
         9b:15:1a:cb:79:bb:a8:c2:cc:7d:e4:0c:88:a8:85:65:3a:73:
         18:bb:82:e6:d0:72:c9:46:6e:48:ce:8c:ea:ab:f2:77:d0:d8:
         e4:58:b4:8d:9d:74:4b:e5:9f:10:94:96:b7:88:e1:8e:5d:ba:
         4f:87:d5:d0:28:89:23:2c:df:7e:ef:2b:7d:16:ca:a4:1a:56:
         fa:4f:9f:70
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJHyd7YCHrxaFl/pOWkZuITZvAz4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwMzA2MDAwMDAwWhcNMjQwNDEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BhZmM2ZGE2YWQ4ODJlNDVjYTBiNDMxZTVmNjZmNTEyZjY5
MjA1NzY0ZDQ3NjYxMTk4MzU5YjNmM2NlZjQyZDRjMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCL5hSw1uWmWs6xwCW7ewEDJYmLGVzrWCBXN9/ixVzd411d
WEN34QM98LtesfiRQoTZZ7oMCOD73bWgklGwLSh1iB16z3eVgGvX4HOOZ9XVfeV2
RF3RVAIU4O4amQhuub8JoWnZ5TEl3Z7h6CYA+Jtgy6QHAtmOtDELmTy6ak26paN/
6D/ramYgvKJN9ITf/u5NgGQYQq8j1wryQMLw5dt/LZApax/xAMB+/WLiNuROVWig
h270oEcqnKD4p8fISbFaFR4e00r1gHj10DTnI8I0J29GoG4PVD++3M1I3Wl+l0l4
L4XPUV6xRzkIItawAvoT4RgIf06cjD0Nn//qshFfAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUqzbCPRQ2uj6GK8eIxrw/hAT5BI0wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzllMzdkYjgwLTQ5YjUtNGY4OS1iN2FmLTFmOGE4NDVkYzRhYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAN+G0wDQYJKoZIhvcNAQELBQADggEBAFBjvDkennmLmcf71dN+zyup7hol
dp4jy3z2zYBcVK6YlggmH/2FgYCfRDOvdb6zFLZx08xblb+xdkYMY6sFJxkammMd
Mmr7JTyHhHkN4JYizpWeQxx/BAdxOenWa0ET+eva4T0mVVqCaGQ3oyGmdOfRXhii
Djx1xqbJt1PmLOYLDi+EJzE5H0fPSQ3AOVb6EK8xXz/7OVwC4iKQXZ3SKN1wC3ge
1kUodr/Yztkh55cKNNGaMpsVGst5u6jCzH3kDIiohWU6cxi7gubQcslGbkjOjOqr
8nfQ2ORYtI2ddEvlnxCUlreI4Y5duk+H1dAoiSMs337vK30WyqQaVvpPn3A=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:18:36 2024 by rpki-client on console-ams.rpki-client.org