Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0e4dba79-465b-4e61-8acf-c4f517fe30a5.roa
File:                     0e4dba79-465b-4e61-8acf-c4f517fe30a5.roa (raw, json)
Hash identifier:          5K70W4nflGdGIvRE73vTH1mtYSTKwS8WhOCfjrA69is=
Subject key identifier:   7C:AB:E4:9C:FC:FE:71:8D:6F:D8:07:33:96:D5:98:E3:95:57:83:F8
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       262DF01855974F974C543877AA50B569D8A47736
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0e4dba79-465b-4e61-8acf-c4f517fe30a5.roa
Signing time:             Tue 25 Jun 2024 00:00:00 +0000
ROA not before:           Tue 25 Jun 2024 00:00:00 +0000
ROA not after:            Tue 30 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daff:4000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 21 Jul 2024 00:10:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:2d:f0:18:55:97:4f:97:4c:54:38:77:aa:50:b5:69:d8:a4:77:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jun 25 00:00:00 2024 GMT
            Not After : Jul 30 23:59:59 2024 GMT
        Subject: serialNumber=e8710109e6ae9093eba7a2bc4dbfb563afe5d8822e1ac75be698eae2d98dfb79, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:62:06:64:6f:4f:5a:e4:7a:b1:90:14:da:ae:
                    3f:ba:ed:08:2f:93:cd:62:cd:e7:34:d8:57:94:a7:
                    c2:d9:3b:7c:c3:9b:be:ac:76:6d:25:6a:c2:37:c7:
                    41:13:d3:5b:e1:89:38:04:79:85:b0:e9:34:9d:f8:
                    6f:25:17:37:7a:15:54:29:01:69:f5:63:fd:30:21:
                    f2:15:81:18:3d:1c:af:68:66:ba:27:ca:51:ff:eb:
                    39:c0:74:df:8e:aa:e9:6a:28:c5:e6:59:cf:82:54:
                    1a:e5:e6:ff:79:e1:54:1f:3c:c6:04:fb:93:43:1e:
                    8c:e8:fb:a2:13:80:b3:d3:fb:a1:0a:38:a3:e7:44:
                    b0:57:94:18:36:7e:c6:04:b0:8a:d6:32:c3:4d:e8:
                    ed:79:df:9e:2e:e9:47:1c:57:9b:20:ed:67:0f:dc:
                    7d:79:30:f8:d1:30:89:37:99:60:86:59:90:54:43:
                    19:c1:ea:3e:04:6d:bd:6a:95:58:a2:87:6b:6f:5d:
                    f0:b0:9d:84:f5:fa:3b:5c:b5:2b:9f:e2:81:31:9e:
                    bb:aa:86:67:8f:73:4b:ab:77:fa:68:f7:6a:75:aa:
                    64:a3:33:d3:3b:2c:c6:63:7b:0d:75:e6:8a:14:d6:
                    64:62:f3:21:cb:4a:86:33:37:4f:d0:47:bb:3a:bc:
                    fd:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:AB:E4:9C:FC:FE:71:8D:6F:D8:07:33:96:D5:98:E3:95:57:83:F8
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0e4dba79-465b-4e61-8acf-c4f517fe30a5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daff:4000::/40

    Signature Algorithm: sha256WithRSAEncryption
         3d:e0:8d:b9:24:e8:6c:46:2a:a3:ca:69:71:cf:37:9b:4f:b3:
         28:11:ce:26:67:7b:40:e0:c5:bb:00:91:e9:65:0d:86:57:90:
         3f:17:71:f5:d2:6c:3b:75:ff:07:7d:cd:20:49:c5:b8:0d:0d:
         20:02:ed:fc:b6:f3:81:49:7f:df:58:60:24:30:49:7f:72:d7:
         54:ae:a0:d1:3d:a0:aa:d9:3d:ed:d2:5d:0b:55:42:3f:0d:ef:
         27:e1:35:93:12:01:c3:54:3c:c6:33:a6:0e:84:6c:dc:b4:fe:
         72:1e:34:58:9f:a4:d3:0b:74:3e:1e:3f:2e:85:c9:0a:dd:49:
         20:e7:26:fc:d7:1c:05:35:c6:98:e8:7f:77:ac:cc:78:f0:94:
         44:13:a4:6e:1f:46:e5:bf:3e:de:ec:48:be:f9:d8:5a:d7:c1:
         37:dc:ae:4d:5b:5b:9a:37:40:58:77:8f:44:8f:20:a5:c9:54:
         7d:a4:69:d5:e3:04:7a:eb:b1:f7:90:70:0b:4b:d0:f0:14:62:
         de:21:eb:1e:bb:97:44:e7:08:03:4d:04:37:20:81:05:b6:a2:
         c2:16:a7:59:85:1e:a1:05:23:5f:3c:06:88:35:41:84:ce:53:
         fd:4d:41:72:cf:47:2e:a0:d8:57:53:02:4a:67:1e:0c:b2:da:
         58:4a:64:5d
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUJi3wGFWXT5dMVDh3qlC1adikdzYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDYyNTAwMDAwMFoX
DTI0MDczMDIzNTk1OVowejFJMEcGA1UEBRNAZTg3MTAxMDllNmFlOTA5M2ViYTdh
MmJjNGRiZmI1NjNhZmU1ZDg4MjJlMWFjNzViZTY5OGVhZTJkOThkZmI3OTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WIGZG9PWuR6sZAU2q4/uu0IL5PN
Ys3nNNhXlKfC2Tt8w5u+rHZtJWrCN8dBE9Nb4Yk4BHmFsOk0nfhvJRc3ehVUKQFp
9WP9MCHyFYEYPRyvaGa6J8pR/+s5wHTfjqrpaijF5lnPglQa5eb/eeFUHzzGBPuT
Qx6M6PuiE4Cz0/uhCjij50SwV5QYNn7GBLCK1jLDTejted+eLulHHFebIO1nD9x9
eTD40TCJN5lghlmQVEMZweo+BG29apVYoodrb13wsJ2E9fo7XLUrn+KBMZ67qoZn
j3NLq3f6aPdqdapkozPTOyzGY3sNdeaKFNZkYvMhy0qGMzdP0Ee7Orz9aQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFHyr5Jz8/nGNb9gHM5bVmOOVV4P4MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzBlNGRiYTc5LTQ2NWItNGU2MS04YWNmLWM0ZjUxN2ZlMzBhNS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba/0AwDQYJKoZIhvcNAQELBQADggEBAD3gjbkk6GxGKqPKaXHP
N5tPsygRziZne0DgxbsAkellDYZXkD8XcfXSbDt1/wd9zSBJxbgNDSAC7fy284FJ
f99YYCQwSX9y11SuoNE9oKrZPe3SXQtVQj8N7yfhNZMSAcNUPMYzpg6EbNy0/nIe
NFifpNMLdD4ePy6FyQrdSSDnJvzXHAU1xpjof3eszHjwlEQTpG4fRuW/Pt7sSL75
2FrXwTfcrk1bW5o3QFh3j0SPIKXJVH2kadXjBHrrsfeQcAtL0PAUYt4h6x67l0Tn
CANNBDcggQW2osIWp1mFHqEFI188Bog1QYTOU/1NQXLPRy6g2FdTAkpnHgyy2lhK
ZF0=
-----END CERTIFICATE-----
Generated at Wed Jul 17 01:05:26 2024 by rpki-client on console-ams.rpki-client.org