Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0dc98304-78d8-4dbf-8f2f-a600d8e71301.roa
File:                     0dc98304-78d8-4dbf-8f2f-a600d8e71301.roa (raw, json)
Hash identifier:          B+iJc/jnq7ujbG2kFubWen5TUsJfIZkXlUct4Pop+wA=
Subject key identifier:   5E:84:54:33:57:48:B8:E7:1E:E7:DD:6D:63:88:28:6E:32:16:0B:C9
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       79FDE328D658F7F9FC4019E820A277A92C699E6E
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0dc98304-78d8-4dbf-8f2f-a600d8e71301.roa
Signing time:             Wed 29 May 2024 00:00:00 +0000
ROA not before:           Wed 29 May 2024 00:00:00 +0000
ROA not after:            Wed 03 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf6:6000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 20 Jun 2024 00:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:fd:e3:28:d6:58:f7:f9:fc:40:19:e8:20:a2:77:a9:2c:69:9e:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: May 29 00:00:00 2024 GMT
            Not After : Jul  3 23:59:59 2024 GMT
        Subject: serialNumber=c1537948fe96eb19fab14c7554c0be80dad458d463db90ee15cf872a8d8a93f2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:93:a2:d1:44:34:6c:16:06:80:7c:d9:b3:03:
                    68:de:95:25:3e:87:65:e5:71:e1:30:eb:9d:65:8e:
                    1b:d6:a3:42:60:ff:e1:65:33:29:fe:5c:28:25:fd:
                    27:2f:50:24:89:fb:8c:a7:86:c8:9f:f0:f3:ae:59:
                    bc:a2:55:d4:77:05:20:d4:c2:d5:11:a5:55:b6:c4:
                    4d:94:2c:d0:bc:c0:42:ca:9a:6c:fe:b1:1f:93:b9:
                    f5:59:e2:30:d5:0c:aa:f6:05:48:59:79:1d:a7:86:
                    a0:c2:9c:42:26:19:8d:84:82:4a:22:16:5d:10:a1:
                    22:d9:74:b7:cc:95:89:6c:fe:30:42:fe:73:49:ee:
                    32:0b:ca:88:07:d3:99:f4:eb:79:2d:07:34:b3:7f:
                    c7:17:4f:34:4e:52:da:7a:93:f0:e0:75:b5:8c:55:
                    95:e1:26:14:d9:7c:6a:8c:4e:57:c8:c2:5e:12:7c:
                    a8:9a:bc:26:4f:69:32:07:64:04:3d:aa:f7:96:6f:
                    22:ee:ff:3d:b5:c0:d9:34:9a:f1:21:d2:f9:02:53:
                    96:c2:c9:fa:35:e8:0d:e7:b9:d8:8a:ac:fb:0e:28:
                    55:b8:cd:39:e6:52:92:e3:df:48:3e:a6:20:f2:f6:
                    10:79:79:cf:cc:b7:85:f8:93:bb:7f:c2:e4:56:ab:
                    e6:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:84:54:33:57:48:B8:E7:1E:E7:DD:6D:63:88:28:6E:32:16:0B:C9
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0dc98304-78d8-4dbf-8f2f-a600d8e71301.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf6:6000::/40

    Signature Algorithm: sha256WithRSAEncryption
         70:24:85:d2:6b:67:4c:9c:f5:fe:4e:89:df:99:b8:38:d1:d3:
         bc:fa:09:7c:95:d2:0d:f7:bc:e8:e8:cd:ab:dc:58:a8:71:9f:
         fb:0d:f8:78:ce:41:5b:22:a7:69:e7:ee:37:6b:aa:6b:3b:53:
         dc:45:e7:5f:03:21:7e:80:2f:9d:a4:23:3c:8f:a2:b1:fb:23:
         0e:fd:d9:a7:b3:81:e7:95:26:fe:2e:8f:17:75:57:86:e6:4f:
         55:9d:47:f7:cb:21:af:c3:cd:94:ef:3c:0c:fa:22:a0:9c:0f:
         d1:3e:30:36:45:fd:a4:95:70:84:8a:34:b9:09:48:05:cb:1d:
         a8:03:26:3e:f7:8c:d8:be:ee:40:d7:00:60:b4:08:42:34:9c:
         90:ce:28:ce:ff:04:97:26:fc:42:2b:9e:a9:fd:3a:75:25:b5:
         f5:20:94:4c:4d:43:33:85:59:4d:cb:2e:61:61:d4:f1:fd:60:
         71:a2:f1:86:59:47:09:01:85:9b:f7:8d:d7:e1:a9:a2:ad:26:
         30:46:bd:47:4f:b5:29:39:2c:56:b9:b7:e2:93:97:49:29:83:
         c8:f0:15:a0:01:35:71:29:dc:50:5e:75:b4:9f:6a:d7:ee:3e:
         33:19:c5:90:65:b9:42:94:fd:35:2d:08:e4:0c:e3:61:c5:65:
         11:67:80:5e
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUef3jKNZY9/n8QBnoIKJ3qSxpnm4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUyOTAwMDAwMFoX
DTI0MDcwMzIzNTk1OVowejFJMEcGA1UEBRNAYzE1Mzc5NDhmZTk2ZWIxOWZhYjE0
Yzc1NTRjMGJlODBkYWQ0NThkNDYzZGI5MGVlMTVjZjg3MmE4ZDhhOTNmMjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZOi0UQ0bBYGgHzZswNo3pUlPodl
5XHhMOudZY4b1qNCYP/hZTMp/lwoJf0nL1AkifuMp4bIn/Dzrlm8olXUdwUg1MLV
EaVVtsRNlCzQvMBCypps/rEfk7n1WeIw1Qyq9gVIWXkdp4agwpxCJhmNhIJKIhZd
EKEi2XS3zJWJbP4wQv5zSe4yC8qIB9OZ9Ot5LQc0s3/HF080TlLaepPw4HW1jFWV
4SYU2XxqjE5XyMJeEnyomrwmT2kyB2QEPar3lm8i7v89tcDZNJrxIdL5AlOWwsn6
NegN57nYiqz7DihVuM055lKS499IPqYg8vYQeXnPzLeF+JO7f8LkVqvmfQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFF6EVDNXSLjnHufdbWOIKG4yFgvJMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzBkYzk4MzA0LTc4ZDgtNGRiZi04ZjJmLWE2MDBkOGU3MTMwMS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba9mAwDQYJKoZIhvcNAQELBQADggEBAHAkhdJrZ0yc9f5Oid+Z
uDjR07z6CXyV0g33vOjozavcWKhxn/sN+HjOQVsip2nn7jdrqms7U9xF518DIX6A
L52kIzyPorH7Iw792aezgeeVJv4ujxd1V4bmT1WdR/fLIa/DzZTvPAz6IqCcD9E+
MDZF/aSVcISKNLkJSAXLHagDJj73jNi+7kDXAGC0CEI0nJDOKM7/BJcm/EIrnqn9
OnUltfUglExNQzOFWU3LLmFh1PH9YHGi8YZZRwkBhZv3jdfhqaKtJjBGvUdPtSk5
LFa5t+KTl0kpg8jwFaABNXEp3FBedbSfatfuPjMZxZBluUKU/TUtCOQM42HFZRFn
gF4=
-----END CERTIFICATE-----
Generated at Sun Jun 16 00:53:13 2024 by rpki-client on console-fra.rpki-client.org