Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1d075ad8-69d2-4f67-b1e8-f269b1bdda72.roa
File:                     1d075ad8-69d2-4f67-b1e8-f269b1bdda72.roa (raw, json)
Hash identifier:          6lCgcIoJYmE1JiQI58PgaV1ztJQy2F4ZmGbitIVewAo=
Subject key identifier:   EC:F9:94:C6:59:18:D9:B5:09:89:6E:5E:BC:82:3E:B4:31:94:00:B1
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       28A21017AD03CBF9AB26F59CDA98E105305C3179
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1d075ad8-69d2-4f67-b1e8-f269b1bdda72.roa
Signing time:             Fri 14 Jun 2024 00:00:00 +0000
ROA not before:           Fri 14 Jun 2024 00:00:00 +0000
ROA not after:            Fri 19 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf5:7000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 18 Jun 2024 00:10:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:a2:10:17:ad:03:cb:f9:ab:26:f5:9c:da:98:e1:05:30:5c:31:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jun 14 00:00:00 2024 GMT
            Not After : Jul 19 23:59:59 2024 GMT
        Subject: serialNumber=97049878370146fbb29857d2db13d1183cffe2637ab702cf1ec918bc99441a4e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:1b:da:a1:98:a3:95:8e:37:fa:0a:2d:9d:0c:
                    cb:b2:41:f3:8a:29:af:13:af:e0:28:cb:50:df:22:
                    4a:12:75:d5:1a:46:31:26:9d:18:8f:3f:9c:dc:23:
                    87:2d:06:57:d9:08:f6:de:a8:fe:01:b1:f1:7a:2d:
                    de:49:cc:4e:69:ff:52:8b:53:49:1e:3d:17:cf:bb:
                    d9:cd:f4:07:78:26:b6:04:7b:dd:6d:97:73:4f:dd:
                    af:c8:56:50:14:7b:48:f0:d0:fa:4b:af:82:88:b6:
                    71:1a:0e:5f:c1:55:bc:2c:a6:90:b3:5e:42:a8:36:
                    b5:0a:a6:7c:b2:10:84:77:2b:e3:25:50:35:34:84:
                    05:58:21:fa:68:93:17:4f:6e:45:f5:ee:11:2c:ad:
                    a3:58:08:8a:10:b2:02:4a:82:9b:f3:87:86:9a:6e:
                    64:7f:5d:81:1e:91:d3:2a:14:6c:4c:70:4b:b8:e6:
                    d3:e2:63:2f:b9:6f:39:a4:e0:2f:d3:96:57:83:05:
                    da:ec:3f:00:f0:b1:21:86:7b:78:4d:72:5c:9b:84:
                    1a:79:59:fb:80:31:34:73:3a:6e:1a:bd:72:6c:4c:
                    5b:d6:83:d5:4a:75:10:f0:b7:c5:2d:b2:56:e7:47:
                    2b:76:38:a7:d7:a4:f6:62:9e:a2:f3:e5:9d:39:68:
                    ea:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:F9:94:C6:59:18:D9:B5:09:89:6E:5E:BC:82:3E:B4:31:94:00:B1
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1d075ad8-69d2-4f67-b1e8-f269b1bdda72.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf5:7000::/40

    Signature Algorithm: sha256WithRSAEncryption
         98:5a:34:3d:77:39:5a:3f:4e:16:58:9f:49:1f:a7:8b:c1:59:
         30:9c:ec:c4:4c:f2:fe:81:2d:a7:86:77:be:fb:32:6b:ad:9e:
         d3:18:e2:4f:8d:bf:46:07:c6:31:75:98:2f:04:79:3d:ed:da:
         72:5a:de:b0:b1:1a:e9:45:14:19:0c:42:7c:0e:50:cb:fe:cd:
         20:c7:58:c5:f1:f0:93:b9:4a:b6:0a:42:4a:04:8b:4f:73:73:
         39:ef:bf:6e:7e:9a:94:bf:34:07:29:09:c7:c6:82:9e:f8:87:
         cc:3a:a7:c8:c7:4a:c1:d3:05:35:01:c6:e8:f8:8e:b9:06:ac:
         58:d1:f0:34:c9:9e:e2:fc:9c:6b:bb:1d:69:75:34:f1:fa:e0:
         00:3b:d9:c8:c6:9d:39:6b:55:27:ee:6c:d0:e3:90:84:c7:e4:
         cd:b3:d7:20:7e:5b:8b:2d:62:03:49:96:71:bf:ca:43:09:b7:
         9c:c4:d6:a7:f9:7d:82:36:4d:e2:85:89:6c:47:cc:3a:44:21:
         a9:3d:b8:00:22:f7:bf:1e:ed:3a:a8:1c:6c:4a:5c:7f:8c:a9:
         f9:7b:80:a7:62:12:87:01:85:8d:e8:cb:b2:96:83:e4:25:1e:
         69:6e:0d:44:33:de:40:2f:78:c6:a4:28:6e:4b:f1:89:4e:23:
         ea:27:ee:7b
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUKKIQF60Dy/mrJvWc2pjhBTBcMXkwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDYxNDAwMDAwMFoX
DTI0MDcxOTIzNTk1OVowejFJMEcGA1UEBRNAOTcwNDk4NzgzNzAxNDZmYmIyOTg1
N2QyZGIxM2QxMTgzY2ZmZTI2MzdhYjcwMmNmMWVjOTE4YmM5OTQ0MWE0ZTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBvaoZijlY43+gotnQzLskHziimv
E6/gKMtQ3yJKEnXVGkYxJp0Yjz+c3COHLQZX2Qj23qj+AbHxei3eScxOaf9Si1NJ
Hj0Xz7vZzfQHeCa2BHvdbZdzT92vyFZQFHtI8ND6S6+CiLZxGg5fwVW8LKaQs15C
qDa1CqZ8shCEdyvjJVA1NIQFWCH6aJMXT25F9e4RLK2jWAiKELICSoKb84eGmm5k
f12BHpHTKhRsTHBLuObT4mMvuW85pOAv05ZXgwXa7D8A8LEhhnt4TXJcm4QaeVn7
gDE0czpuGr1ybExb1oPVSnUQ8LfFLbJW50crdjin16T2Yp6i8+WdOWjqkwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFOz5lMZZGNm1CYluXryCPrQxlACxMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzFkMDc1YWQ4LTY5ZDItNGY2Ny1iMWU4LWYyNjliMWJkZGE3Mi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba9XAwDQYJKoZIhvcNAQELBQADggEBAJhaND13OVo/ThZYn0kf
p4vBWTCc7MRM8v6BLaeGd777MmutntMY4k+Nv0YHxjF1mC8EeT3t2nJa3rCxGulF
FBkMQnwOUMv+zSDHWMXx8JO5SrYKQkoEi09zcznvv25+mpS/NAcpCcfGgp74h8w6
p8jHSsHTBTUBxuj4jrkGrFjR8DTJnuL8nGu7HWl1NPH64AA72cjGnTlrVSfubNDj
kITH5M2z1yB+W4stYgNJlnG/ykMJt5zE1qf5fYI2TeKFiWxHzDpEIak9uAAi978e
7TqoHGxKXH+Mqfl7gKdiEocBhY3oy7KWg+QlHmluDUQz3kAveMakKG5L8YlOI+on
7ns=
-----END CERTIFICATE-----
Generated at Fri Jun 14 01:28:01 2024 by rpki-client on console-ams.rpki-client.org