Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/10182774-601f-43d5-a7fb-f3fac8f12712.roa
File:                     10182774-601f-43d5-a7fb-f3fac8f12712.roa (raw, json)
Hash identifier:          Ujxoohuj7xhmtGl79VUhYF9tPco/C8gn1I4jzHiTuW8=
Subject key identifier:   B5:4F:88:9C:09:41:11:8A:5B:33:59:B7:1F:09:6F:F3:82:32:59:C0
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       6C27AE56E6EA7467A8BB186BEFF1C464DB21DCBD
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/10182774-601f-43d5-a7fb-f3fac8f12712.roa
Signing time:             Mon 27 May 2024 00:00:00 +0000
ROA not before:           Mon 27 May 2024 00:00:00 +0000
ROA not after:            Mon 01 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da30:b000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 19 Jun 2024 00:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:27:ae:56:e6:ea:74:67:a8:bb:18:6b:ef:f1:c4:64:db:21:dc:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: May 27 00:00:00 2024 GMT
            Not After : Jul  1 23:59:59 2024 GMT
        Subject: serialNumber=a41057670200bd7c1d262afaf6e414a7f11d3c8823c4fc08789d1b0d9bd85931, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:c3:2b:92:01:b6:b6:50:94:66:12:55:49:57:
                    ee:2b:51:79:89:cd:91:fe:b7:68:ae:9e:17:0a:69:
                    7f:ce:15:59:fb:e8:5f:6e:40:ab:0f:f4:31:7e:91:
                    bb:35:03:23:e1:19:e2:02:e3:71:ef:82:41:5d:0c:
                    ea:5c:cd:15:c1:82:dc:da:19:82:3e:61:6b:21:f3:
                    d8:d8:ee:1b:ff:8f:d3:28:61:ae:4e:a2:f3:fd:68:
                    06:c9:bd:44:f8:48:df:dd:b5:f3:66:64:c8:da:5d:
                    97:1a:c7:0a:3a:f7:cd:c5:40:b3:19:74:0a:b7:ec:
                    8b:20:be:49:89:bf:8f:c3:4f:80:6a:f1:bc:2b:6e:
                    1b:bb:0d:d7:24:2f:49:57:c2:f4:94:e3:d7:4a:82:
                    43:0b:2d:00:f4:cf:d8:21:33:a0:d2:12:f4:e6:f2:
                    49:7c:8b:72:fa:3c:1a:32:bc:d1:b1:70:0e:78:5e:
                    8e:56:76:3e:61:dc:1c:22:83:7c:5b:43:9b:10:7a:
                    08:9e:63:db:63:32:46:6e:1d:18:7a:5c:b7:91:72:
                    5f:ae:e0:3a:49:2f:c1:5b:a1:8b:63:7b:66:3c:dd:
                    a0:58:04:27:f5:ef:45:f5:ff:3c:fb:58:78:f7:d3:
                    74:45:41:98:23:2f:bc:da:08:2b:e7:71:af:f2:3e:
                    ed:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:4F:88:9C:09:41:11:8A:5B:33:59:B7:1F:09:6F:F3:82:32:59:C0
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/10182774-601f-43d5-a7fb-f3fac8f12712.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da30:b000::/40

    Signature Algorithm: sha256WithRSAEncryption
         a8:4f:10:76:93:b1:ae:18:fd:bc:1d:60:bd:49:3c:21:34:89:
         ce:81:4c:98:b7:70:a0:c4:c2:78:71:cd:40:a2:a5:60:c3:04:
         32:68:38:3b:89:a6:e9:5f:67:42:da:f5:9c:da:c6:88:ee:5c:
         1b:b9:23:a6:83:54:98:08:cc:e6:ca:01:87:c8:96:4a:b0:4a:
         08:eb:85:ef:50:b9:97:37:32:23:52:bc:07:e3:b3:09:10:4e:
         78:fd:68:12:80:11:ff:62:4a:93:d8:6a:c1:92:22:14:64:92:
         5d:70:5c:26:83:15:04:ef:b9:d6:b0:37:4f:33:10:13:c3:e2:
         d7:5d:64:d1:55:0b:3f:dc:89:c2:bc:f1:3d:9d:91:1d:ee:72:
         f6:62:98:5a:27:99:e9:aa:2d:f9:a7:96:78:60:e7:2c:23:e4:
         df:e9:08:8f:ba:6e:22:de:37:89:9d:ed:8f:0d:ce:cb:bf:2d:
         25:b5:60:7e:78:51:ca:a3:df:bc:08:08:12:6b:9c:8d:28:d5:
         3f:85:93:8b:3a:12:97:f7:f4:93:ca:e5:32:e0:b6:cd:a6:9a:
         ac:ce:de:e8:39:21:af:f0:f7:67:49:8a:3f:f4:3d:29:0c:35:
         0a:cb:3f:97:33:f0:cb:09:21:c7:d5:f1:3c:ab:96:c8:2d:bb:
         11:a4:b4:f2
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUbCeuVubqdGeouxhr7/HEZNsh3L0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUyNzAwMDAwMFoX
DTI0MDcwMTIzNTk1OVowejFJMEcGA1UEBRNAYTQxMDU3NjcwMjAwYmQ3YzFkMjYy
YWZhZjZlNDE0YTdmMTFkM2M4ODIzYzRmYzA4Nzg5ZDFiMGQ5YmQ4NTkzMTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMMrkgG2tlCUZhJVSVfuK1F5ic2R
/rdorp4XCml/zhVZ++hfbkCrD/QxfpG7NQMj4RniAuNx74JBXQzqXM0VwYLc2hmC
PmFrIfPY2O4b/4/TKGGuTqLz/WgGyb1E+Ejf3bXzZmTI2l2XGscKOvfNxUCzGXQK
t+yLIL5Jib+Pw0+AavG8K24buw3XJC9JV8L0lOPXSoJDCy0A9M/YITOg0hL05vJJ
fIty+jwaMrzRsXAOeF6OVnY+YdwcIoN8W0ObEHoInmPbYzJGbh0Yely3kXJfruA6
SS/BW6GLY3tmPN2gWAQn9e9F9f88+1h499N0RUGYIy+82ggr53Gv8j7t/wIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFLVPiJwJQRGKWzNZtx8Jb/OCMlnAMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzEwMTgyNzc0LTYwMWYtNDNkNS1hN2ZiLWYzZmFjOGYxMjcxMi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaMLAwDQYJKoZIhvcNAQELBQADggEBAKhPEHaTsa4Y/bwdYL1J
PCE0ic6BTJi3cKDEwnhxzUCipWDDBDJoODuJpulfZ0La9ZzaxojuXBu5I6aDVJgI
zObKAYfIlkqwSgjrhe9QuZc3MiNSvAfjswkQTnj9aBKAEf9iSpPYasGSIhRkkl1w
XCaDFQTvudawN08zEBPD4tddZNFVCz/cicK88T2dkR3ucvZimFonmemqLfmnlnhg
5ywj5N/pCI+6biLeN4md7Y8Nzsu/LSW1YH54Ucqj37wICBJrnI0o1T+Fk4s6Epf3
9JPK5TLgts2mmqzO3ug5Ia/w92dJij/0PSkMNQrLP5cz8MsJIcfV8TyrlsgtuxGk
tPI=
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:01:50 2024 by rpki-client on console-fra.rpki-client.org