Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/26a1a6c0-7c51-4f60-8d66-83d553ad2844.roa
File:                     26a1a6c0-7c51-4f60-8d66-83d553ad2844.roa (raw, json)
Hash identifier:          3gqxCyY0Hcz6cEu6mcZIPKkS51/n/O9nARbRIiejWck=
Subject key identifier:   9B:AF:56:CF:8F:C9:0A:06:7F:C0:BB:A3:31:BA:B6:2C:68:4B:2B:18
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       27D94F799E3D23A073E5B4456D342BC46482A124
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/26a1a6c0-7c51-4f60-8d66-83d553ad2844.roa
Signing time:             Wed 29 May 2024 00:00:00 +0000
ROA not before:           Wed 29 May 2024 00:00:00 +0000
ROA not after:            Wed 03 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da69:800::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 20 Jun 2024 00:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:d9:4f:79:9e:3d:23:a0:73:e5:b4:45:6d:34:2b:c4:64:82:a1:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: May 29 00:00:00 2024 GMT
            Not After : Jul  3 23:59:59 2024 GMT
        Subject: serialNumber=c0ba53f753df06b6679b4f2943f3fa7e9ac3ab0bc7df5d71b735503f93e18273, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:6c:f5:5f:b5:46:8e:fb:a9:61:14:64:ed:82:
                    89:8a:c5:8b:58:1a:00:7a:50:a9:d9:a8:23:8a:d8:
                    a6:c7:ab:1a:91:bd:86:a3:a0:a9:8d:4f:a5:9d:5a:
                    87:32:16:2c:ca:b8:4e:46:04:45:1e:16:57:f6:c0:
                    32:ce:a6:45:40:5a:09:b9:6f:2f:22:f1:2b:8b:7f:
                    e3:5a:37:55:e8:76:1c:3b:ad:9b:3c:99:da:32:ab:
                    46:58:81:ee:b6:a8:cb:5a:ff:2d:6f:aa:e6:dc:18:
                    3f:fc:4e:88:90:87:9f:aa:94:e4:b7:8e:10:48:cc:
                    e1:bf:1b:e4:46:69:cb:4e:cf:b8:7c:54:19:da:5a:
                    1f:f1:0c:ee:6c:2d:d3:ff:32:d6:e1:ae:fe:3b:95:
                    c4:b5:72:ba:db:f5:20:9c:12:b3:e6:d2:ce:11:26:
                    75:85:61:c9:45:ea:48:dd:fb:c7:dd:ff:7d:d9:38:
                    ec:c9:87:f6:3e:c4:6b:9c:29:53:1d:d1:2a:04:cb:
                    7d:42:7c:82:6c:52:60:c2:54:e4:21:12:5f:7b:3b:
                    e6:e9:f0:ed:b8:7a:06:92:e4:84:9c:96:2f:8e:95:
                    34:fc:5a:bd:5e:98:03:b7:af:6f:92:1c:eb:52:81:
                    34:83:b0:12:22:3f:69:79:07:cf:d9:51:73:3c:4e:
                    d8:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:AF:56:CF:8F:C9:0A:06:7F:C0:BB:A3:31:BA:B6:2C:68:4B:2B:18
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/26a1a6c0-7c51-4f60-8d66-83d553ad2844.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da69:800::/40

    Signature Algorithm: sha256WithRSAEncryption
         7c:7e:b8:9e:aa:8e:c6:78:cb:a9:75:eb:a1:fd:c1:86:53:00:
         6e:7b:b5:a3:1b:3b:96:eb:38:a0:4a:7e:61:ae:26:8a:5f:80:
         b7:55:30:a1:06:a8:6f:c5:47:bd:a3:8a:9e:f0:00:9e:2b:db:
         a1:64:35:93:e5:02:89:81:33:61:65:b2:69:cf:68:7c:89:6a:
         c5:e5:99:45:44:89:0d:9d:31:bb:0c:f7:0d:fa:a2:41:db:1d:
         e6:ae:01:c7:9e:45:9b:4a:4b:40:8e:25:f9:c3:e9:fc:99:f3:
         2a:d4:d6:b8:c6:90:f2:da:a9:7f:d7:b5:05:d5:c7:68:fa:6e:
         91:09:ba:aa:55:5c:26:ae:4b:8a:83:4c:09:94:02:31:f4:6c:
         30:fa:39:2c:94:1e:c7:0a:ff:bb:be:2e:2f:f5:34:d3:a5:e9:
         38:99:02:b8:03:8f:97:39:01:50:31:e9:8e:d4:5d:15:e1:a6:
         ef:c5:ff:95:a3:c8:58:85:f0:7e:c3:bd:71:ba:dd:be:eb:e9:
         e6:25:51:77:87:a4:87:67:ca:7c:1f:cf:10:ed:d5:a9:6e:52:
         b7:50:9e:29:a6:b0:41:d6:cc:2d:b2:da:c6:54:a9:c9:b8:81:
         b9:ec:a0:b4:68:0d:da:4a:1d:7f:ab:92:8d:4e:8e:33:56:94:
         a1:8b:15:85
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUJ9lPeZ49I6Bz5bRFbTQrxGSCoSQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUyOTAwMDAwMFoX
DTI0MDcwMzIzNTk1OVowejFJMEcGA1UEBRNAYzBiYTUzZjc1M2RmMDZiNjY3OWI0
ZjI5NDNmM2ZhN2U5YWMzYWIwYmM3ZGY1ZDcxYjczNTUwM2Y5M2UxODI3MzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmz1X7VGjvupYRRk7YKJisWLWBoA
elCp2agjitimx6sakb2Go6CpjU+lnVqHMhYsyrhORgRFHhZX9sAyzqZFQFoJuW8v
IvEri3/jWjdV6HYcO62bPJnaMqtGWIHutqjLWv8tb6rm3Bg//E6IkIefqpTkt44Q
SMzhvxvkRmnLTs+4fFQZ2lof8QzubC3T/zLW4a7+O5XEtXK62/UgnBKz5tLOESZ1
hWHJRepI3fvH3f992TjsyYf2PsRrnClTHdEqBMt9QnyCbFJgwlTkIRJfezvm6fDt
uHoGkuSEnJYvjpU0/Fq9XpgDt69vkhzrUoE0g7ASIj9peQfP2VFzPE7YxQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFJuvVs+PyQoGf8C7ozG6tixoSysYMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzI2YTFhNmMwLTdjNTEtNGY2MC04ZDY2LTgzZDU1M2FkMjg0NC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaaQgwDQYJKoZIhvcNAQELBQADggEBAHx+uJ6qjsZ4y6l166H9
wYZTAG57taMbO5brOKBKfmGuJopfgLdVMKEGqG/FR72jip7wAJ4r26FkNZPlAomB
M2FlsmnPaHyJasXlmUVEiQ2dMbsM9w36okHbHeauAceeRZtKS0COJfnD6fyZ8yrU
1rjGkPLaqX/XtQXVx2j6bpEJuqpVXCauS4qDTAmUAjH0bDD6OSyUHscK/7u+Li/1
NNOl6TiZArgDj5c5AVAx6Y7UXRXhpu/F/5WjyFiF8H7DvXG63b7r6eYlUXeHpIdn
ynwfzxDt1aluUrdQnimmsEHWzC2y2sZUqcm4gbnsoLRoDdpKHX+rko1OjjNWlKGL
FYU=
-----END CERTIFICATE-----
Generated at Sun Jun 16 00:53:13 2024 by rpki-client on console-fra.rpki-client.org