Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bd9c9636-a7d9-4ac0-ba83-f9e4e92e04a0.roa
File:                     bd9c9636-a7d9-4ac0-ba83-f9e4e92e04a0.roa (raw, json)
Hash identifier:          vAHVsD7owFFXEN3a/Ql1/K3PgGZ90hiY72Qh5uY8XOI=
Subject key identifier:   EE:47:CC:5B:9A:CD:6F:18:AB:47:F8:03:AC:F4:39:D4:7D:1B:6C:B2
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       1EB144B8C5B4ADD4D2F8024423A619277FE05B03
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bd9c9636-a7d9-4ac0-ba83-f9e4e92e04a0.roa
Signing time:             Wed 06 Mar 2024 00:00:00 +0000
ROA not before:           Wed 06 Mar 2024 00:00:00 +0000
ROA not after:            Wed 10 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        52.93.76.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:b1:44:b8:c5:b4:ad:d4:d2:f8:02:44:23:a6:19:27:7f:e0:5b:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar  6 00:00:00 2024 GMT
            Not After : Apr 10 23:59:59 2024 GMT
        Subject: serialNumber=79f89b5158de0816c329b7b6fddf7e1199d613c2ec942713624bc0a36a84c543, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:b8:c1:d5:45:c2:b8:cd:a8:9e:bf:f9:84:f9:
                    62:c0:a9:2f:a5:6a:35:a3:4e:36:98:f0:d2:f7:17:
                    0c:84:e0:5a:a0:aa:f2:fc:92:00:f7:eb:4e:d2:2b:
                    c9:3e:78:a1:5d:8e:8e:b8:27:ed:7a:08:d7:77:48:
                    af:40:16:05:bf:3c:1d:bb:52:42:7c:13:e6:34:3d:
                    7b:cc:3f:cc:59:7e:ac:17:fa:9c:2b:d2:7a:6b:b5:
                    07:35:6b:67:f8:71:16:99:f8:0b:c7:7a:55:3e:8d:
                    e6:93:ab:fb:35:ab:f7:da:7f:29:e3:70:ce:6c:da:
                    a8:09:a3:a2:5d:b6:a1:ae:e2:71:28:fa:cb:35:8a:
                    48:0f:78:64:ba:d4:83:c0:12:19:8a:ce:25:25:02:
                    83:a3:bc:d2:e2:9d:ae:be:64:8e:da:3d:17:79:dd:
                    a9:d3:be:60:13:0c:e1:63:52:52:4c:63:f3:84:24:
                    c2:3f:aa:1c:12:b7:52:79:59:81:55:7b:db:f1:ae:
                    33:18:83:ef:9e:20:26:c1:12:6e:5d:ff:40:a3:7a:
                    c2:ba:cf:95:14:7d:f3:bc:99:40:8c:9f:88:8b:f9:
                    30:7f:6b:54:f5:6e:aa:f8:19:8b:82:f9:5e:c5:74:
                    39:02:93:4e:68:05:17:c8:19:4c:92:fc:b1:83:14:
                    e0:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:47:CC:5B:9A:CD:6F:18:AB:47:F8:03:AC:F4:39:D4:7D:1B:6C:B2
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bd9c9636-a7d9-4ac0-ba83-f9e4e92e04a0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.93.76.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:1d:70:9e:66:dc:35:75:c1:f3:bf:fc:b3:08:bb:79:f7:1b:
         9c:83:b8:48:e8:ee:e1:63:31:1e:0b:6e:1b:af:b9:78:9f:1d:
         94:99:90:b8:63:8e:de:6e:34:a5:c1:44:d2:79:34:c7:64:9e:
         1a:d1:9a:49:35:a5:eb:d4:cc:cb:65:c6:a0:fc:22:89:e8:d1:
         42:05:6d:c1:76:f7:06:17:62:3f:57:7c:0f:33:5d:1f:c6:f6:
         35:dc:d4:df:ef:b7:c8:26:54:18:b8:99:61:a1:ad:78:c7:fa:
         34:7a:65:7b:73:cc:dc:35:e6:47:eb:f5:2a:f2:75:cd:d3:85:
         0f:19:40:8d:b4:cd:ce:a6:1b:54:2e:c0:87:42:f6:e1:77:2c:
         1e:c5:94:8d:ac:11:fc:6b:7c:05:ef:93:b8:eb:a6:47:f0:e1:
         db:2b:39:c9:3a:c4:2e:be:bb:98:c5:1c:7e:ea:7e:19:4c:40:
         67:c0:cf:e0:6d:62:5c:91:2d:bb:3b:45:a9:92:21:0b:6a:2c:
         dc:58:00:bf:37:d6:2a:1f:19:ac:8e:9b:be:2c:c2:81:4d:98:
         fe:f0:a5:27:90:5d:45:3d:56:8c:6c:90:52:aa:c9:94:38:ac:
         23:f9:b4:b3:05:67:d1:8f:a1:45:b2:65:4b:e6:94:43:61:0d:
         3d:50:b4:b6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUHrFEuMW0rdTS+AJEI6YZJ3/gWwMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwMzA2MDAwMDAwWhcNMjQwNDEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A3OWY4OWI1MTU4ZGUwODE2YzMyOWI3YjZmZGRmN2UxMTk5
ZDYxM2MyZWM5NDI3MTM2MjRiYzBhMzZhODRjNTQzMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDMuMHVRcK4zaiev/mE+WLAqS+lajWjTjaY8NL3FwyE4Fqg
qvL8kgD3607SK8k+eKFdjo64J+16CNd3SK9AFgW/PB27UkJ8E+Y0PXvMP8xZfqwX
+pwr0nprtQc1a2f4cRaZ+AvHelU+jeaTq/s1q/fafynjcM5s2qgJo6JdtqGu4nEo
+ss1ikgPeGS61IPAEhmKziUlAoOjvNLina6+ZI7aPRd53anTvmATDOFjUlJMY/OE
JMI/qhwSt1J5WYFVe9vxrjMYg++eICbBEm5d/0CjesK6z5UUffO8mUCMn4iL+TB/
a1T1bqr4GYuC+V7FdDkCk05oBRfIGUyS/LGDFOBVAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU7kfMW5rNbxirR/gDrPQ51H0bbLIwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2JkOWM5NjM2LWE3ZDktNGFjMC1iYTgzLWY5ZTRlOTJlMDRhMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA0XUwwDQYJKoZIhvcNAQELBQADggEBAA0dcJ5m3DV1wfO//LMIu3n3G5yD
uEjo7uFjMR4LbhuvuXifHZSZkLhjjt5uNKXBRNJ5NMdknhrRmkk1pevUzMtlxqD8
Iono0UIFbcF29wYXYj9XfA8zXR/G9jXc1N/vt8gmVBi4mWGhrXjH+jR6ZXtzzNw1
5kfr9Srydc3ThQ8ZQI20zc6mG1QuwIdC9uF3LB7FlI2sEfxrfAXvk7jrpkfw4dsr
Ock6xC6+u5jFHH7qfhlMQGfAz+BtYlyRLbs7RamSIQtqLNxYAL831iofGayOm74s
woFNmP7wpSeQXUU9VoxskFKqyZQ4rCP5tLMFZ9GPoUWyZUvmlENhDT1QtLY=
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:06:50 2024 by rpki-client on console-ams.rpki-client.org