Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2d82d68c-b660-4018-9fb1-a96c9fdd7793.roa
File:                     2d82d68c-b660-4018-9fb1-a96c9fdd7793.roa (raw, json)
Hash identifier:          gcOGyEYgp2zWVJb/QwVUWjlY8ZCyWHBQVTGp3p2gdls=
Subject key identifier:   5B:DB:13:3D:AB:26:2D:B7:D2:B7:E4:4D:5C:CE:E8:7D:BA:AE:57:57
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       6B1E204B31F85181E1FAE8E04D2CF314A1DA7939
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2d82d68c-b660-4018-9fb1-a96c9fdd7793.roa
Signing time:             Wed 23 Jul 2025 00:00:11 +0000
ROA not before:           Wed 23 Jul 2025 00:00:11 +0000
ROA not after:            Wed 27 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf9::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 03 Aug 2025 18:53:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:1e:20:4b:31:f8:51:81:e1:fa:e8:e0:4d:2c:f3:14:a1:da:79:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 23 00:00:11 2025 GMT
            Not After : Aug 27 23:59:59 2025 GMT
        Subject: serialNumber=9125b884c5a85cac60479b7c27249999fe1df2881226dcf07a7e8b1a30620ba1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:9b:30:ec:64:a8:f5:3f:fd:bf:58:a5:19:8b:
                    90:42:98:4b:7d:e1:2a:76:3b:fe:7b:2f:b6:f0:3f:
                    09:7c:24:14:b7:dd:16:c5:dc:fb:67:26:c5:14:63:
                    09:e3:bc:a6:4b:3a:72:3c:13:85:2e:50:6e:d3:62:
                    dc:a7:0f:e2:71:93:cf:55:e9:a4:cc:ad:df:d9:d1:
                    7d:b0:5c:67:1a:13:a3:d5:cc:71:3b:ce:b2:ed:6c:
                    bf:55:30:bc:35:21:e2:fb:ad:09:13:24:1e:df:d2:
                    4a:c3:b4:6b:f4:15:3c:b6:88:a7:0b:bb:27:a4:39:
                    46:f7:a7:b4:80:4b:11:9d:61:2c:e5:c5:52:23:0b:
                    f4:fd:d4:c3:4e:e6:67:d9:3e:87:eb:65:9a:19:c6:
                    30:45:c4:8f:05:fb:97:18:bc:1c:69:fb:c6:41:d6:
                    b2:d0:0b:99:5d:7f:c4:74:c4:49:02:40:af:47:d5:
                    2d:f0:78:3c:f5:07:a2:64:eb:89:bd:40:d9:12:dd:
                    03:58:fd:ee:b3:f0:a2:46:3d:0e:8b:69:a1:ae:dc:
                    34:2f:80:67:3d:a7:d3:24:78:20:28:94:3f:c4:ac:
                    b3:8b:9f:83:9e:99:74:22:d0:9c:d7:07:00:b1:4a:
                    da:45:9c:20:be:a8:39:9e:42:4e:2d:60:ec:36:f9:
                    29:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:DB:13:3D:AB:26:2D:B7:D2:B7:E4:4D:5C:CE:E8:7D:BA:AE:57:57
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2d82d68c-b660-4018-9fb1-a96c9fdd7793.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf9::/32

    Signature Algorithm: sha256WithRSAEncryption
         49:66:9f:92:fb:35:81:b4:78:81:5b:2f:99:f8:ef:63:37:3f:
         21:96:20:4d:4a:36:63:72:dd:8e:c2:a1:76:2d:e7:13:34:9e:
         6d:ca:76:cf:79:10:91:3a:cb:77:56:9b:7d:05:e0:76:86:fd:
         4a:3c:e9:5e:6b:50:d5:ae:88:8e:ae:34:be:ae:91:60:f4:dd:
         f0:7f:c4:5d:0e:0d:a1:54:27:98:c9:d0:f2:24:a8:48:ec:ed:
         db:ad:97:0c:a1:59:81:eb:4c:89:19:5d:a5:10:65:77:7a:4f:
         f5:6e:ff:c7:c4:55:87:3e:f0:52:f0:4c:17:90:e3:e5:88:1f:
         1c:40:79:93:22:08:bb:c9:3e:83:d2:4a:65:66:2f:50:b7:9b:
         b5:e9:74:25:6f:83:f6:8e:dc:92:72:4d:74:9f:68:71:2d:32:
         2e:95:63:71:14:fd:9d:bf:c4:29:c5:f8:27:b2:c1:0d:1e:e2:
         3c:99:e2:84:20:91:af:3e:93:49:72:c3:57:57:76:73:4f:16:
         69:6c:69:0f:75:3f:06:9c:92:a6:b2:c6:5a:02:77:d5:7e:d0:
         26:7e:07:0c:51:30:2b:52:7f:b4:01:62:42:48:f5:fd:5c:a8:
         45:24:7c:8a:10:a8:e9:0d:8d:36:95:9d:dc:dd:7c:b0:94:b4:
         9e:a8:e9:32
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIUax4gSzH4UYHh+ujgTSzzFKHaeTkwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyMzAwMDAxMVoX
DTI1MDgyNzIzNTk1OVowejFJMEcGA1UEBRNAOTEyNWI4ODRjNWE4NWNhYzYwNDc5
YjdjMjcyNDk5OTlmZTFkZjI4ODEyMjZkY2YwN2E3ZThiMWEzMDYyMGJhMTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Zsw7GSo9T/9v1ilGYuQQphLfeEq
djv+ey+28D8JfCQUt90Wxdz7ZybFFGMJ47ymSzpyPBOFLlBu02Lcpw/icZPPVemk
zK3f2dF9sFxnGhOj1cxxO86y7Wy/VTC8NSHi+60JEyQe39JKw7Rr9BU8toinC7sn
pDlG96e0gEsRnWEs5cVSIwv0/dTDTuZn2T6H62WaGcYwRcSPBfuXGLwcafvGQday
0AuZXX/EdMRJAkCvR9Ut8Hg89QeiZOuJvUDZEt0DWP3us/CiRj0Oi2mhrtw0L4Bn
PafTJHggKJQ/xKyzi5+Dnpl0ItCc1wcAsUraRZwgvqg5nkJOLWDsNvkpDwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFFvbEz2rJi230rfkTVzO6H26rldXMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzJkODJkNjhjLWI2NjAtNDAxOC05ZmIxLWE5NmM5ZmRkNzc5My5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAAjAHAwUAJAba+TANBgkqhkiG9w0BAQsFAAOCAQEASWafkvs1gbR4gVsvmfjv
Yzc/IZYgTUo2Y3LdjsKhdi3nEzSebcp2z3kQkTrLd1abfQXgdob9SjzpXmtQ1a6I
jq40vq6RYPTd8H/EXQ4NoVQnmMnQ8iSoSOzt262XDKFZgetMiRldpRBld3pP9W7/
x8RVhz7wUvBMF5Dj5YgfHEB5kyIIu8k+g9JKZWYvULebtel0JW+D9o7cknJNdJ9o
cS0yLpVjcRT9nb/EKcX4J7LBDR7iPJnihCCRrz6TSXLDV1d2c08WaWxpD3U/BpyS
prLGWgJ31X7QJn4HDFEwK1J/tAFiQkj1/VyoRSR8ihCo6Q2NNpWd3N18sJS0nqjp
Mg==
-----END CERTIFICATE-----
Generated at Thu Jul 31 00:57:20 2025 by rpki-client