Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fbae6de5-c049-46ee-8581-04bdb7bab7a2.roa
File:                     fbae6de5-c049-46ee-8581-04bdb7bab7a2.roa (raw, json)
Hash identifier:          9h7ze6/9H0DMRbqn2fhhnOV1o/rGiS2W2Gj7LFhhHQ4=
Subject key identifier:   DC:78:1C:87:33:DB:2D:0B:DC:0A:4F:17:C9:DA:29:A7:7B:EC:0D:75
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       3266F18AF6D3F37CDDA9C526EC357B60D0109B45
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fbae6de5-c049-46ee-8581-04bdb7bab7a2.roa
Signing time:             Mon 11 Mar 2024 00:00:00 +0000
ROA not before:           Mon 11 Mar 2024 00:00:00 +0000
ROA not after:            Mon 15 Apr 2024 23:59:59 +0000
asID:                     8987
IP address blocks:        18.174.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:66:f1:8a:f6:d3:f3:7c:dd:a9:c5:26:ec:35:7b:60:d0:10:9b:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar 11 00:00:00 2024 GMT
            Not After : Apr 15 23:59:59 2024 GMT
        Subject: serialNumber=8cf73bbe11581db2c7b9870a8eb2d84c2d7f1038ab61671f5e6c561ce2709ba6, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:9d:f6:dd:95:21:be:3c:1d:95:e9:6b:cd:1f:
                    29:31:3f:22:1c:a9:73:32:de:7c:64:1c:d7:c6:d4:
                    85:a8:61:2b:70:6f:72:a4:2c:50:51:e3:7b:85:03:
                    41:6b:12:df:9e:f4:70:37:56:0b:65:00:2a:da:94:
                    af:54:a7:b4:b9:7c:b5:a5:e6:82:27:df:b2:44:19:
                    42:e0:8f:4b:3f:92:7f:56:9c:f4:94:7a:cd:40:f6:
                    0d:e2:15:f6:c6:d4:32:a1:5b:5b:24:7b:69:6b:00:
                    d1:01:79:29:c8:82:43:cf:dd:08:ff:9e:4b:c1:5c:
                    e9:a8:1e:a4:12:06:5c:3a:fb:00:4a:00:a0:8a:dc:
                    39:42:d4:3d:37:50:6f:cb:ef:82:d9:29:78:a8:9c:
                    90:0a:fb:ef:c9:e0:c0:c3:2e:de:cc:d6:b3:4a:33:
                    c1:15:38:40:86:8c:5c:10:c2:8e:b4:f7:d0:c9:66:
                    49:24:28:e5:40:0f:91:6a:ac:05:2f:f7:bb:fe:51:
                    c7:14:18:c6:9e:34:21:cf:5f:b3:bf:f8:bb:f5:c1:
                    93:6e:b5:6d:7b:47:80:4a:ba:06:4c:23:d5:25:8c:
                    00:06:0c:e9:37:8a:24:d2:4b:87:6a:6b:7d:c3:56:
                    4a:0c:e8:8a:e1:f4:02:7c:65:c5:f5:17:db:aa:d5:
                    07:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:78:1C:87:33:DB:2D:0B:DC:0A:4F:17:C9:DA:29:A7:7B:EC:0D:75
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fbae6de5-c049-46ee-8581-04bdb7bab7a2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.174.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         78:5a:81:65:07:3a:b9:ca:9d:f9:03:1f:66:ba:90:1b:6c:61:
         0a:b0:7d:e0:bf:24:4f:9a:8b:d6:c2:a0:8b:1c:33:fe:61:c3:
         6f:fc:b3:51:64:88:80:52:0b:87:38:f5:c9:de:54:36:9c:95:
         9f:ad:f7:4f:27:71:07:29:16:33:0b:28:e6:8e:de:49:56:26:
         52:d4:fb:62:26:2b:21:a5:ae:51:eb:e8:67:a6:8c:f5:a6:69:
         d2:38:7c:5d:d2:aa:99:5f:2c:0a:95:ed:3d:57:f2:59:02:20:
         af:23:d8:d3:ee:0c:0f:c1:c6:30:a5:5e:6b:d2:55:bf:52:85:
         46:18:c8:15:b3:ac:eb:88:4d:f4:88:b0:83:f6:f1:55:5e:f0:
         87:ae:95:6f:74:2c:7c:4e:39:60:fb:f7:63:c2:87:a4:9a:53:
         9d:63:72:8a:b7:50:ef:32:65:2d:c6:0e:d8:e6:82:f4:b8:88:
         57:c7:78:c2:46:6a:8d:6b:06:5d:b8:db:7f:b6:7e:d8:87:20:
         2e:46:42:4c:4b:36:ee:0e:70:d9:95:8d:b6:eb:ec:93:f8:9c:
         e3:97:ae:7e:0c:a8:e6:ea:5a:e7:27:8b:7c:20:d2:f9:0e:2a:
         af:50:e7:1c:c6:35:80:fc:02:fb:b4:e9:1f:91:87:65:6e:47:
         94:eb:22:35
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUMmbxivbT83zdqcUm7DV7YNAQm0UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwMzExMDAwMDAwWhcNMjQwNDE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A4Y2Y3M2JiZTExNTgxZGIyYzdiOTg3MGE4ZWIyZDg0YzJk
N2YxMDM4YWI2MTY3MWY1ZTZjNTYxY2UyNzA5YmE2MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCznfbdlSG+PB2V6WvNHykxPyIcqXMy3nxkHNfG1IWoYStw
b3KkLFBR43uFA0FrEt+e9HA3VgtlACralK9Up7S5fLWl5oIn37JEGULgj0s/kn9W
nPSUes1A9g3iFfbG1DKhW1ske2lrANEBeSnIgkPP3Qj/nkvBXOmoHqQSBlw6+wBK
AKCK3DlC1D03UG/L74LZKXionJAK++/J4MDDLt7M1rNKM8EVOECGjFwQwo6099DJ
ZkkkKOVAD5FqrAUv97v+UccUGMaeNCHPX7O/+Lv1wZNutW17R4BKugZMI9UljAAG
DOk3iiTSS4dqa33DVkoM6Irh9AJ8ZcX1F9uq1QdZAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU3HgchzPbLQvcCk8Xydopp3vsDXUwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2ZiYWU2ZGU1LWMwNDktNDZlZS04NTgxLTA0YmRiN2JhYjdhMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwASrjANBgkqhkiG9w0BAQsFAAOCAQEAeFqBZQc6ucqd+QMfZrqQG2xhCrB9
4L8kT5qL1sKgixwz/mHDb/yzUWSIgFILhzj1yd5UNpyVn633TydxBykWMwso5o7e
SVYmUtT7YiYrIaWuUevoZ6aM9aZp0jh8XdKqmV8sCpXtPVfyWQIgryPY0+4MD8HG
MKVea9JVv1KFRhjIFbOs64hN9Iiwg/bxVV7wh66Vb3QsfE45YPv3Y8KHpJpTnWNy
irdQ7zJlLcYO2OaC9LiIV8d4wkZqjWsGXbjbf7Z+2IcgLkZCTEs27g5w2ZWNtuvs
k/ic45eufgyo5upa5yeLfCDS+Q4qr1DnHMY1gPwC+7TpH5GHZW5HlOsiNQ==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:18:39 2024 by rpki-client on console-ams.rpki-client.org