Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/19de68e3-844e-4e33-81b6-5c5926e46f23.roa
File:                     19de68e3-844e-4e33-81b6-5c5926e46f23.roa (raw, json)
Hash identifier:          TnGlFDLT6IMBa3YleyEqfJKKyK8Lt+gPchdFMZ3txTg=
Subject key identifier:   13:FB:C0:00:31:E9:9D:65:7A:84:36:02:8D:4C:B9:CE:91:5B:85:9D
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       5DDA4CD84DD3AA1B237EB730A7047EB843132939
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/19de68e3-844e-4e33-81b6-5c5926e46f23.roa
Signing time:             Mon 27 May 2024 00:00:00 +0000
ROA not before:           Mon 27 May 2024 00:00:00 +0000
ROA not after:            Mon 01 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf4:b000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 19 Jun 2024 00:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:da:4c:d8:4d:d3:aa:1b:23:7e:b7:30:a7:04:7e:b8:43:13:29:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: May 27 00:00:00 2024 GMT
            Not After : Jul  1 23:59:59 2024 GMT
        Subject: serialNumber=c05a651004a0d707861c7aea06ceb26e5660aa876ed9e5212909475b276047f9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:08:70:ef:48:4e:b2:a1:bd:3b:4e:4d:20:dd:
                    40:90:07:61:65:da:7e:35:e5:3d:79:83:5d:97:5e:
                    52:bc:3b:1e:6d:a6:eb:70:38:ca:cd:01:72:70:28:
                    4f:d2:6d:6f:a1:90:f5:4c:de:e0:b5:c1:14:4f:96:
                    ba:a3:e4:80:6d:19:d9:2d:55:f2:05:26:d5:4c:5b:
                    23:52:28:ce:28:36:82:e3:3b:9c:fe:de:a1:4c:2d:
                    87:87:db:62:98:7e:b6:a4:f4:cd:78:52:08:b0:dd:
                    f5:f2:0d:ef:f4:2e:13:e3:f5:12:ec:4f:b3:6b:8e:
                    6d:f1:fc:9d:cb:39:74:d9:29:4d:65:70:30:83:1f:
                    8b:4c:28:7e:d5:e7:d4:4d:01:7d:04:db:25:df:db:
                    5a:47:8a:c2:94:e8:4f:13:6c:b1:70:95:50:dc:26:
                    2d:73:50:9b:c1:a3:23:32:27:e7:b6:95:78:a0:93:
                    6b:95:f4:89:27:cb:c9:8d:4a:d9:8b:60:90:b3:cd:
                    dc:dc:4e:4b:c5:e6:ad:68:1d:71:0a:c2:7f:f8:d2:
                    19:17:d6:4f:a3:b3:88:1d:02:08:b6:83:9c:b8:25:
                    fb:13:cb:9a:42:65:89:30:d7:da:31:bd:7a:6a:66:
                    37:6a:d0:0c:8c:75:84:4a:7f:7e:0d:dd:8f:bc:79:
                    70:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:FB:C0:00:31:E9:9D:65:7A:84:36:02:8D:4C:B9:CE:91:5B:85:9D
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/19de68e3-844e-4e33-81b6-5c5926e46f23.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf4:b000::/40

    Signature Algorithm: sha256WithRSAEncryption
         31:ed:70:0b:92:bf:ef:7e:38:4b:ed:3d:01:51:39:04:05:98:
         58:8f:b4:5f:f6:0e:c4:b2:e1:56:4b:b4:1d:f1:ca:da:96:dd:
         50:7d:2c:84:e4:5c:63:02:11:c7:15:41:5e:e1:4d:fa:6d:aa:
         63:14:92:b4:8f:1e:d4:f4:60:53:63:02:cd:99:05:9f:1e:e3:
         ee:52:5a:1b:c8:11:35:89:f0:b8:e9:a5:d4:f7:f3:af:67:f1:
         91:37:f4:ca:c8:b8:7c:48:8a:2d:77:e2:fa:2b:15:fe:d6:61:
         d3:9b:22:89:89:d8:72:02:65:81:5d:17:7f:54:d5:af:1a:61:
         c8:96:76:2f:8f:cf:19:53:69:32:5b:b1:57:16:3e:cb:25:8a:
         46:e1:d0:be:25:30:82:95:bf:9b:91:e5:ed:35:53:45:fc:2d:
         db:6d:65:ba:8c:0a:0f:1a:78:51:38:43:0e:32:5f:a3:7c:60:
         8c:2d:e2:3e:44:ae:ec:14:e5:95:73:44:40:e5:a8:53:12:5c:
         33:cf:d2:a0:96:f1:2d:c0:cd:49:4d:9a:15:d4:18:5f:8d:08:
         1a:4e:26:78:9f:d7:48:66:71:a2:e9:00:45:72:17:5d:8d:19:
         66:73:50:58:f0:dc:c8:54:2d:19:38:76:74:1f:11:87:89:da:
         68:3b:98:4b
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUXdpM2E3TqhsjfrcwpwR+uEMTKTkwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUyNzAwMDAwMFoX
DTI0MDcwMTIzNTk1OVowejFJMEcGA1UEBRNAYzA1YTY1MTAwNGEwZDcwNzg2MWM3
YWVhMDZjZWIyNmU1NjYwYWE4NzZlZDllNTIxMjkwOTQ3NWIyNzYwNDdmOTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwhw70hOsqG9O05NIN1AkAdhZdp+
NeU9eYNdl15SvDsebabrcDjKzQFycChP0m1voZD1TN7gtcEUT5a6o+SAbRnZLVXy
BSbVTFsjUijOKDaC4zuc/t6hTC2Hh9timH62pPTNeFIIsN318g3v9C4T4/US7E+z
a45t8fydyzl02SlNZXAwgx+LTCh+1efUTQF9BNsl39taR4rClOhPE2yxcJVQ3CYt
c1CbwaMjMifntpV4oJNrlfSJJ8vJjUrZi2CQs83c3E5LxeataB1xCsJ/+NIZF9ZP
o7OIHQIItoOcuCX7E8uaQmWJMNfaMb16amY3atAMjHWESn9+Dd2PvHlw+QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFBP7wAAx6Z1leoQ2Ao1Muc6RW4WdMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzE5ZGU2OGUzLTg0NGUtNGUzMy04MWI2LTVjNTkyNmU0NmYyMy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba9LAwDQYJKoZIhvcNAQELBQADggEBADHtcAuSv+9+OEvtPQFR
OQQFmFiPtF/2DsSy4VZLtB3xytqW3VB9LITkXGMCEccVQV7hTfptqmMUkrSPHtT0
YFNjAs2ZBZ8e4+5SWhvIETWJ8LjppdT3869n8ZE39MrIuHxIii134vorFf7WYdOb
IomJ2HICZYFdF39U1a8aYciWdi+PzxlTaTJbsVcWPsslikbh0L4lMIKVv5uR5e01
U0X8LdttZbqMCg8aeFE4Qw4yX6N8YIwt4j5EruwU5ZVzREDlqFMSXDPP0qCW8S3A
zUlNmhXUGF+NCBpOJnif10hmcaLpAEVyF12NGWZzUFjw3MhULRk4dnQfEYeJ2mg7
mEs=
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:42:05 2024 by rpki-client on console-ams.rpki-client.org