Route Origin Authorization 

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a9662baf-0de6-4e9f-8232-32db95637039.roa
File:                     a9662baf-0de6-4e9f-8232-32db95637039.roa (raw, json)
Hash identifier:          xPM6X0IpWuznwlas7E3QfYj4IEUluAODNrJizdSJpZQ=
Subject key identifier:   F9:53:8A:3B:76:9F:3B:44:06:B0:7C:24:6F:A9:59:7E:80:19:96:BE
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       4D90CED89205CF66087E97B7E30460E4E1BEE966
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a9662baf-0de6-4e9f-8232-32db95637039.roa
Signing time:             Mon 08 Apr 2024 00:00:00 +0000
ROA not before:           Mon 08 Apr 2024 00:00:00 +0000
ROA not after:            Mon 13 May 2024 23:59:59 +0000
asID:                     14618
IP address blocks:        18.64.0.0/14 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 21 Apr 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:90:ce:d8:92:05:cf:66:08:7e:97:b7:e3:04:60:e4:e1:be:e9:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Apr  8 00:00:00 2024 GMT
            Not After : May 13 23:59:59 2024 GMT
        Subject: serialNumber=e6068664162dc281936828b4a67e0679451704ca6e3d9d72448e531fc9c194a5, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:8e:a0:0f:c0:fd:9d:33:76:4d:c6:6e:16:49:
                    12:f0:af:35:e9:82:d3:81:2c:40:77:d1:f2:6c:56:
                    53:c1:e3:b6:e7:2d:b3:fd:b4:04:fe:df:ce:fa:c7:
                    7e:1d:d4:bb:e7:f9:0e:fb:ea:29:6b:55:e5:ee:df:
                    45:0b:ef:64:13:c4:a7:45:95:96:cf:8a:53:dc:b3:
                    c9:c6:f2:06:9a:a0:f7:84:de:19:86:61:81:8c:2b:
                    9c:19:39:6b:3f:fd:76:81:3c:87:02:f2:e1:74:ce:
                    69:d8:50:63:0b:1c:f9:e1:5b:8e:4f:ac:fc:46:59:
                    af:c0:22:e6:29:49:7a:73:d6:69:18:f5:36:b7:46:
                    73:14:28:40:c9:7d:16:54:05:77:3c:41:21:f8:03:
                    12:03:bc:2a:07:bf:6f:bf:a0:c4:94:45:38:cd:38:
                    28:b9:24:8b:3b:1f:58:b8:64:a0:5f:90:a0:4e:45:
                    33:49:1d:e9:99:d1:ae:37:b7:67:25:2b:e8:f7:8e:
                    1d:7c:54:4d:73:b4:bf:4f:53:98:71:28:47:96:11:
                    9e:87:f6:86:fa:30:64:93:23:02:bf:19:58:ba:c3:
                    92:f0:72:29:88:81:02:cd:3a:b5:92:16:82:75:e0:
                    a3:1d:d9:c0:a2:83:23:d6:29:71:b8:40:d8:cd:19:
                    a5:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:53:8A:3B:76:9F:3B:44:06:B0:7C:24:6F:A9:59:7E:80:19:96:BE
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a9662baf-0de6-4e9f-8232-32db95637039.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.64.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         95:49:7a:0d:5f:2c:1f:5f:9c:88:d9:1c:66:25:40:87:e7:52:
         96:bd:75:c8:29:89:b7:ec:51:55:66:c6:85:e2:e2:77:b6:53:
         f7:a6:df:23:36:b5:6d:2a:02:48:a8:a6:a8:9e:6c:90:83:d5:
         0d:d3:9d:ce:cd:c6:e4:3f:b0:4f:f0:1a:b1:e8:f2:0b:b8:93:
         5b:48:34:32:da:a3:a0:34:98:7b:4f:fc:23:92:28:d7:34:8f:
         3a:08:8a:31:f0:12:6b:43:b4:44:8b:02:5d:a1:ec:55:22:eb:
         2e:ed:c8:e5:14:9f:1b:79:4b:9b:31:4f:b3:42:c4:8f:de:d2:
         95:a1:54:9e:fb:80:d2:d7:32:b0:02:ca:cf:e8:74:7c:f0:0b:
         65:b1:f6:7b:71:b4:af:0a:64:46:42:c9:72:61:91:dd:f6:ac:
         8b:b3:44:89:3a:be:9f:bc:e5:36:0c:06:33:4f:21:6a:8c:d0:
         2b:ed:d9:f5:47:65:ee:20:b1:43:c0:4d:57:9a:1b:b4:d3:7a:
         7c:a9:e0:de:de:c4:36:24:83:f7:00:cc:ea:72:0f:67:e8:fa:
         50:9f:cb:53:a1:f5:79:86:a7:93:3e:93:cd:d5:31:01:c9:1c:
         0b:dc:00:1e:ea:de:04:f0:8b:c9:b0:b5:2a:26:42:7e:4f:86:
         62:0c:b6:dc
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUTZDO2JIFz2YIfpe34wRg5OG+6WYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNDA4MDAwMDAwWhcNMjQwNTEzMjM1OTU5
WjB6MUkwRwYDVQQFE0BlNjA2ODY2NDE2MmRjMjgxOTM2ODI4YjRhNjdlMDY3OTQ1
MTcwNGNhNmUzZDlkNzI0NDhlNTMxZmM5YzE5NGE1MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCsjqAPwP2dM3ZNxm4WSRLwrzXpgtOBLEB30fJsVlPB47bn
LbP9tAT+3876x34d1Lvn+Q776ilrVeXu30UL72QTxKdFlZbPilPcs8nG8gaaoPeE
3hmGYYGMK5wZOWs//XaBPIcC8uF0zmnYUGMLHPnhW45PrPxGWa/AIuYpSXpz1mkY
9Ta3RnMUKEDJfRZUBXc8QSH4AxIDvCoHv2+/oMSURTjNOCi5JIs7H1i4ZKBfkKBO
RTNJHemZ0a43t2clK+j3jh18VE1ztL9PU5hxKEeWEZ6H9ob6MGSTIwK/GVi6w5Lw
cimIgQLNOrWSFoJ14KMd2cCigyPWKXG4QNjNGaW1AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU+VOKO3afO0QGsHwkb6lZfoAZlr4wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2E5NjYyYmFmLTBkZTYtNGU5Zi04MjMyLTMyZGI5NTYzNzAzOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwISQDANBgkqhkiG9w0BAQsFAAOCAQEAlUl6DV8sH1+ciNkcZiVAh+dSlr11
yCmJt+xRVWbGheLid7ZT96bfIza1bSoCSKimqJ5skIPVDdOdzs3G5D+wT/Aasejy
C7iTW0g0MtqjoDSYe0/8I5Io1zSPOgiKMfASa0O0RIsCXaHsVSLrLu3I5RSfG3lL
mzFPs0LEj97SlaFUnvuA0tcysALKz+h0fPALZbH2e3G0rwpkRkLJcmGR3fasi7NE
iTq+n7zlNgwGM08haozQK+3Z9Udl7iCxQ8BNV5obtNN6fKng3t7ENiSD9wDM6nIP
Z+j6UJ/LU6H1eYankz6TzdUxAckcC9wAHureBPCLybC1KiZCfk+GYgy23A==
-----END CERTIFICATE-----
Generated at Sat Apr 20 05:36:26 2024 by rpki-client on console-ams.rpki-client.org