Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/15b5f216-60e3-4b03-97f3-40e4b5d1e247.roa
File:                     15b5f216-60e3-4b03-97f3-40e4b5d1e247.roa (raw, json)
Hash identifier:          wfYSdhFX9+CzoX800w9K6CF7XhuIFXB3UJQomgtKlqs=
Subject key identifier:   94:71:D4:7C:1C:24:DA:E1:11:52:74:6A:D4:CD:11:BA:BC:AD:9A:E6
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       7EA81CE152E877B7EA1362AA844B12AD6C550EDC
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/15b5f216-60e3-4b03-97f3-40e4b5d1e247.roa
Signing time:             Wed 29 May 2024 00:00:00 +0000
ROA not before:           Wed 29 May 2024 00:00:00 +0000
ROA not after:            Wed 03 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf6:8000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 28 Jun 2024 00:11:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:a8:1c:e1:52:e8:77:b7:ea:13:62:aa:84:4b:12:ad:6c:55:0e:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: May 29 00:00:00 2024 GMT
            Not After : Jul  3 23:59:59 2024 GMT
        Subject: serialNumber=f331b0db1740e76dc2af43da052900033650d9941cd1fc9d97aec3e324a04c94, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:91:b9:b5:6f:f2:9b:39:c1:96:59:7c:78:f5:
                    92:39:f1:10:c3:8a:2c:1b:ce:4d:47:e9:f6:6d:5b:
                    50:90:ed:fd:79:14:39:3f:d6:c2:23:fe:26:d0:96:
                    96:49:2e:aa:b9:51:a6:74:23:c6:a7:02:8b:4f:a1:
                    31:f3:1b:12:f5:10:39:fe:29:a5:68:c9:54:0c:d5:
                    19:0a:d9:43:ef:7e:29:d1:7b:bd:e4:26:eb:ea:b9:
                    cf:eb:97:e8:08:7d:85:36:bd:16:62:b0:6f:c3:a1:
                    dc:28:fd:92:8f:d7:fa:dc:d5:fe:f2:27:83:33:aa:
                    26:7a:41:8d:be:24:b6:02:9f:db:06:90:7e:3a:5a:
                    98:0f:ba:3f:05:0c:7d:45:4c:46:55:1e:63:36:38:
                    6f:53:3f:3a:56:1e:91:2e:54:0d:a9:c1:72:5e:40:
                    78:1d:d2:46:05:39:ec:34:31:32:ac:48:f3:69:50:
                    84:82:7a:e9:65:ce:50:c6:c8:da:95:c7:79:c3:b6:
                    18:9a:f4:94:51:b3:f2:3e:c5:2d:db:1a:16:05:23:
                    dc:ee:21:29:f3:88:1f:a8:43:74:0b:6e:34:7b:dc:
                    6c:85:24:57:fb:70:3a:70:54:00:c2:39:43:1a:9c:
                    f6:20:1c:bf:da:c6:60:4e:9e:8c:b6:9e:ea:1a:2e:
                    ed:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:71:D4:7C:1C:24:DA:E1:11:52:74:6A:D4:CD:11:BA:BC:AD:9A:E6
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/15b5f216-60e3-4b03-97f3-40e4b5d1e247.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf6:8000::/40

    Signature Algorithm: sha256WithRSAEncryption
         51:a6:90:b2:9d:c5:59:bb:3d:72:6b:de:29:a9:83:0c:c6:21:
         5a:a4:77:bf:e9:db:6a:14:73:af:fd:40:5c:24:4f:c4:b8:e0:
         47:03:6b:b5:17:d7:94:8a:12:bc:95:98:b9:21:02:9e:6a:e8:
         c3:c3:17:57:c5:5b:c0:52:a5:22:44:95:b3:d1:4c:08:7e:b1:
         18:ec:bf:8d:d4:c3:af:bb:77:97:46:f8:9c:cb:d7:78:64:9a:
         7c:dd:15:03:f9:09:fd:6d:68:fb:bd:16:b6:e2:de:4d:23:f3:
         af:42:0c:34:1c:6a:a4:50:91:a5:7e:26:17:95:97:ef:db:10:
         0a:6e:f0:26:de:0e:15:af:2d:86:c1:7c:69:32:25:ad:02:bb:
         a6:e4:79:1b:0f:3e:5a:5c:69:4f:69:0b:66:63:7d:39:5c:0c:
         6a:eb:de:c8:9e:a6:07:5b:6b:e3:e7:a0:4a:6e:05:77:06:72:
         31:7a:97:d7:9f:55:dc:1d:a2:00:e7:14:68:60:06:de:77:b7:
         a2:4f:dd:23:34:0b:84:d0:1f:af:54:b0:82:e8:22:e3:f1:0c:
         5d:41:2e:ea:82:c7:4e:4e:d8:ca:1f:c7:39:10:e8:46:82:6d:
         48:b6:f9:d7:a8:61:9e:57:53:a6:45:5a:4e:80:dd:3b:20:23:
         90:aa:b2:79
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUfqgc4VLod7fqE2KqhEsSrWxVDtwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUyOTAwMDAwMFoX
DTI0MDcwMzIzNTk1OVowejFJMEcGA1UEBRNAZjMzMWIwZGIxNzQwZTc2ZGMyYWY0
M2RhMDUyOTAwMDMzNjUwZDk5NDFjZDFmYzlkOTdhZWMzZTMyNGEwNGM5NDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJG5tW/ymznBlll8ePWSOfEQw4os
G85NR+n2bVtQkO39eRQ5P9bCI/4m0JaWSS6quVGmdCPGpwKLT6Ex8xsS9RA5/iml
aMlUDNUZCtlD734p0Xu95Cbr6rnP65foCH2FNr0WYrBvw6HcKP2Sj9f63NX+8ieD
M6omekGNviS2Ap/bBpB+OlqYD7o/BQx9RUxGVR5jNjhvUz86Vh6RLlQNqcFyXkB4
HdJGBTnsNDEyrEjzaVCEgnrpZc5Qxsjalcd5w7YYmvSUUbPyPsUt2xoWBSPc7iEp
84gfqEN0C240e9xshSRX+3A6cFQAwjlDGpz2IBy/2sZgTp6Mtp7qGi7tSwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFJRx1HwcJNrhEVJ0atTNEbq8rZrmMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzE1YjVmMjE2LTYwZTMtNGIwMy05N2YzLTQwZTRiNWQxZTI0Ny5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba9oAwDQYJKoZIhvcNAQELBQADggEBAFGmkLKdxVm7PXJr3imp
gwzGIVqkd7/p22oUc6/9QFwkT8S44EcDa7UX15SKEryVmLkhAp5q6MPDF1fFW8BS
pSJElbPRTAh+sRjsv43Uw6+7d5dG+JzL13hkmnzdFQP5Cf1taPu9Frbi3k0j869C
DDQcaqRQkaV+JheVl+/bEApu8CbeDhWvLYbBfGkyJa0Cu6bkeRsPPlpcaU9pC2Zj
fTlcDGrr3siepgdba+PnoEpuBXcGcjF6l9efVdwdogDnFGhgBt53t6JP3SM0C4TQ
H69UsILoIuPxDF1BLuqCx05O2MofxzkQ6EaCbUi2+deoYZ5XU6ZFWk6A3TsgI5Cq
snk=
-----END CERTIFICATE-----
Generated at Mon Jun 24 00:42:55 2024 by rpki-client on console-fra.rpki-client.org