Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/02a51e54-6bb5-43e7-94d0-a8e95771f2a3.roa
File:                     02a51e54-6bb5-43e7-94d0-a8e95771f2a3.roa (raw, json)
Hash identifier:          y4Ue7DbRi/dFUu8saqkJByB3VU66zGA2rolwArvgEAw=
Subject key identifier:   C4:9C:C2:EB:23:56:3F:2F:9F:48:D7:13:DB:1F:F0:AB:8F:EB:6D:99
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       58A0E50DBCFE46B8E7718578E51D668A70C7D5E0
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/02a51e54-6bb5-43e7-94d0-a8e95771f2a3.roa
Signing time:             Tue 16 Jul 2024 00:00:00 +0000
ROA not before:           Tue 16 Jul 2024 00:00:00 +0000
ROA not after:            Tue 20 Aug 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf1:2000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 22 Jul 2024 00:10:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:a0:e5:0d:bc:fe:46:b8:e7:71:85:78:e5:1d:66:8a:70:c7:d5:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 16 00:00:00 2024 GMT
            Not After : Aug 20 23:59:59 2024 GMT
        Subject: serialNumber=6ec6ebc25a8ad824a8123c220c9b6297e4dbed4ae66fb50559112d13a6a1d719, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:6f:53:e6:c1:a7:c2:2c:9c:ec:9e:8e:b1:2f:
                    57:04:3d:60:0b:e0:f9:ca:23:15:d0:c8:62:c3:61:
                    6a:f4:f0:30:bf:ae:90:77:59:0b:d2:c8:f1:42:87:
                    20:c7:1e:02:e0:86:f8:cf:67:2a:ed:b9:f6:bb:37:
                    69:62:13:75:7b:f3:49:89:45:5f:fd:1b:af:8f:90:
                    5f:79:79:8c:34:38:c8:93:70:a2:81:1a:de:64:12:
                    2d:b3:ce:d0:9d:3a:e3:40:70:70:26:fa:be:07:84:
                    3d:31:43:0d:0d:bc:08:ce:2d:9b:57:f2:6a:b3:4b:
                    f9:2a:50:a9:8e:cb:75:4d:f1:01:91:1c:06:e9:25:
                    2c:97:26:ae:be:75:dd:5a:78:1b:5a:97:30:6a:91:
                    04:63:a3:99:9a:fa:37:41:1e:77:c9:a3:9c:e6:36:
                    c7:eb:91:f0:a2:50:f1:33:6f:42:f7:75:af:dc:ad:
                    a0:54:80:ca:d2:12:ea:35:0f:70:87:3f:1f:f2:7e:
                    52:1d:30:7b:0a:c5:4d:cf:5c:e3:a6:b9:83:d3:b7:
                    9c:f1:76:e9:c1:32:57:3f:43:3a:b2:a8:4b:b0:6f:
                    1b:45:c0:07:96:62:72:c5:78:bd:26:05:50:c2:21:
                    f8:59:3f:40:e0:36:40:15:fc:ff:fd:98:88:3a:24:
                    3d:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:9C:C2:EB:23:56:3F:2F:9F:48:D7:13:DB:1F:F0:AB:8F:EB:6D:99
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/02a51e54-6bb5-43e7-94d0-a8e95771f2a3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf1:2000::/40

    Signature Algorithm: sha256WithRSAEncryption
         2b:5c:ef:37:05:5f:ff:3f:2d:0c:6a:1f:72:d6:00:25:72:4c:
         d7:3e:7f:31:84:53:e7:c4:48:ae:5f:b2:6b:4b:84:1b:65:66:
         36:b0:b8:04:11:d7:ed:9f:df:9b:36:c4:1c:ba:20:db:53:ea:
         e9:da:62:b4:cf:75:cb:f8:eb:a2:05:72:d9:f2:37:f9:0d:cb:
         b2:2d:56:79:48:05:29:51:c4:58:2d:0e:27:4a:3f:d2:b5:25:
         1f:27:a0:25:a3:96:9c:c0:34:dd:af:f0:7c:f5:93:15:aa:c6:
         2e:02:46:7f:c1:9b:e9:c1:52:ae:95:da:8d:e7:af:bb:a8:05:
         19:6e:26:73:53:bd:44:20:0a:ea:14:80:5a:a7:c0:b8:70:24:
         8f:57:5c:c7:27:91:44:06:0a:f1:6a:51:27:76:be:0d:7f:80:
         45:ca:c5:a4:41:4b:62:48:43:2f:09:52:23:93:8d:08:be:b4:
         ff:38:9c:aa:b7:c9:2c:41:0a:a6:99:c4:1c:cb:fc:36:cf:ed:
         44:b2:78:28:db:f7:16:87:1f:81:f7:e0:75:46:a3:9d:a6:cb:
         87:c1:fd:18:c8:26:d3:6b:82:15:f5:60:5c:96:bb:2d:f6:04:
         ac:39:dd:39:11:43:e5:da:ca:12:4e:d5:93:8f:15:35:bc:d4:
         c2:56:c4:b6
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUWKDlDbz+RrjncYV45R1minDH1eAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcxNjAwMDAwMFoX
DTI0MDgyMDIzNTk1OVowejFJMEcGA1UEBRNANmVjNmViYzI1YThhZDgyNGE4MTIz
YzIyMGM5YjYyOTdlNGRiZWQ0YWU2NmZiNTA1NTkxMTJkMTNhNmExZDcxOTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0G9T5sGnwiyc7J6OsS9XBD1gC+D5
yiMV0Mhiw2Fq9PAwv66Qd1kL0sjxQocgxx4C4Ib4z2cq7bn2uzdpYhN1e/NJiUVf
/Ruvj5BfeXmMNDjIk3CigRreZBIts87QnTrjQHBwJvq+B4Q9MUMNDbwIzi2bV/Jq
s0v5KlCpjst1TfEBkRwG6SUslyauvnXdWngbWpcwapEEY6OZmvo3QR53yaOc5jbH
65HwolDxM29C93Wv3K2gVIDK0hLqNQ9whz8f8n5SHTB7CsVNz1zjprmD07ec8Xbp
wTJXP0M6sqhLsG8bRcAHlmJyxXi9JgVQwiH4WT9A4DZAFfz//ZiIOiQ9WwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFMScwusjVj8vn0jXE9sf8KuP622ZMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzAyYTUxZTU0LTZiYjUtNDNlNy05NGQwLWE4ZTk1NzcxZjJhMy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba8SAwDQYJKoZIhvcNAQELBQADggEBACtc7zcFX/8/LQxqH3LW
ACVyTNc+fzGEU+fESK5fsmtLhBtlZjawuAQR1+2f35s2xBy6INtT6unaYrTPdcv4
66IFctnyN/kNy7ItVnlIBSlRxFgtDidKP9K1JR8noCWjlpzANN2v8Hz1kxWqxi4C
Rn/Bm+nBUq6V2o3nr7uoBRluJnNTvUQgCuoUgFqnwLhwJI9XXMcnkUQGCvFqUSd2
vg1/gEXKxaRBS2JIQy8JUiOTjQi+tP84nKq3ySxBCqaZxBzL/DbP7USyeCjb9xaH
H4H34HVGo52my4fB/RjIJtNrghX1YFyWuy32BKw53TkRQ+XayhJO1ZOPFTW81MJW
xLY=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:56:53 2024 by rpki-client on console-ams.rpki-client.org