Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/378e4fe4-326c-4ab3-850f-d313975e272e.roa
File:                     378e4fe4-326c-4ab3-850f-d313975e272e.roa (raw, json)
Hash identifier:          hJCKzZLxSfCo1LKiRDbzY0GAcAtuuLobfFMUMNC9Nn4=
Subject key identifier:   2F:F7:37:5F:9F:F8:F8:34:DC:B5:30:72:07:10:1F:BD:30:B3:17:C2
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       5D9E44E7C0202B72D67E3F01D1795B4A231E8B98
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/378e4fe4-326c-4ab3-850f-d313975e272e.roa
Signing time:             Tue 28 May 2024 00:00:00 +0000
ROA not before:           Tue 28 May 2024 00:00:00 +0000
ROA not after:            Tue 02 Jul 2024 23:59:59 +0000
asID:                     14618
IP address blocks:        203.83.220.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 18 Jun 2024 00:10:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:9e:44:e7:c0:20:2b:72:d6:7e:3f:01:d1:79:5b:4a:23:1e:8b:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: May 28 00:00:00 2024 GMT
            Not After : Jul  2 23:59:59 2024 GMT
        Subject: serialNumber=b4f143c3871cd46d9f98d076e7a17dd58cdc81a6f100b1ad629bb2be41b5d2ad, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:5a:ba:e4:68:10:53:3e:5a:47:3e:f9:cf:20:
                    61:c8:c1:c5:8b:e1:b8:f5:98:e5:98:19:26:fb:d1:
                    92:49:38:ed:fa:4b:bc:be:eb:a2:36:4f:90:90:4c:
                    f4:1b:ed:7d:58:3c:6c:20:3b:fc:ec:fd:fb:31:c2:
                    ae:38:c6:bf:ac:e7:36:27:05:4b:85:67:28:28:03:
                    f2:b5:a0:df:7e:78:f9:01:e5:8a:67:97:ce:69:18:
                    86:58:7d:e9:69:47:7a:20:d5:e4:e6:f2:b7:05:de:
                    75:f6:0f:98:c9:cc:8c:7f:f8:75:c8:80:b9:48:ee:
                    1a:4a:73:62:ae:e0:66:b4:65:0c:fa:54:6f:03:00:
                    b0:1b:22:d5:81:11:bf:f5:51:67:a6:e3:5e:59:87:
                    63:ce:07:c0:f4:5d:3e:aa:67:a7:31:59:9a:5b:49:
                    f3:3c:bd:a8:54:71:d5:c1:c3:5c:cb:fa:8e:81:ce:
                    12:15:80:fe:53:e5:4d:2c:3b:79:a5:89:68:55:8e:
                    2c:3a:3a:ed:70:da:78:42:f3:7b:da:8f:af:9d:71:
                    60:e1:c2:c2:73:09:22:4d:21:c9:b5:72:b6:4b:12:
                    d2:70:8e:db:a7:2a:14:98:b5:97:2a:52:7c:c8:e8:
                    40:67:de:8a:3b:ea:d3:cb:3a:f8:5d:b2:33:27:e3:
                    e0:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:F7:37:5F:9F:F8:F8:34:DC:B5:30:72:07:10:1F:BD:30:B3:17:C2
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/378e4fe4-326c-4ab3-850f-d313975e272e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.83.220.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7c:7e:74:f3:a2:cb:a7:f9:68:7a:25:07:f6:80:56:55:cc:08:
         5c:b3:51:22:ee:09:f1:69:db:67:12:13:d5:7a:51:31:21:ec:
         22:83:bc:d5:ca:48:1f:51:51:ed:74:4d:33:e1:74:49:76:13:
         48:9e:a2:21:91:56:d5:a7:99:21:3c:7d:de:47:8d:e0:b1:63:
         28:74:d8:13:95:d7:6d:b7:0a:90:f2:9c:50:1f:e4:24:9c:8c:
         1a:88:d9:90:13:7f:d9:63:30:18:07:ca:f5:00:d1:ed:90:02:
         61:76:50:1f:03:f0:89:21:1b:62:60:69:9b:f7:62:e7:1a:96:
         90:2e:8a:aa:b6:b9:fc:57:4e:70:08:f7:f5:6c:e1:d5:74:5f:
         01:99:4f:92:62:c8:61:3f:d6:1e:a6:c5:04:1b:4a:e7:36:94:
         7c:89:80:9e:54:06:92:ce:73:9c:fd:54:a3:c7:06:0e:a6:18:
         fd:5f:0d:35:18:86:76:7d:c6:04:92:42:08:74:41:9d:c0:aa:
         32:82:ee:42:9b:6a:6f:dc:9f:ba:f0:c0:9a:a0:1c:d1:db:19:
         cd:6e:96:3c:f9:f0:82:25:d3:b0:33:90:db:fd:cd:96:61:cb:
         57:a9:4b:07:7d:72:7d:39:5c:bd:56:dc:67:51:24:cc:11:c6:
         6e:8b:2f:09
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUXZ5E58AgK3LWfj8B0XlbSiMei5gwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUyODAwMDAwMFoX
DTI0MDcwMjIzNTk1OVowejFJMEcGA1UEBRNAYjRmMTQzYzM4NzFjZDQ2ZDlmOThk
MDc2ZTdhMTdkZDU4Y2RjODFhNmYxMDBiMWFkNjI5YmIyYmU0MWI1ZDJhZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVq65GgQUz5aRz75zyBhyMHFi+G4
9ZjlmBkm+9GSSTjt+ku8vuuiNk+QkEz0G+19WDxsIDv87P37McKuOMa/rOc2JwVL
hWcoKAPytaDffnj5AeWKZ5fOaRiGWH3paUd6INXk5vK3Bd519g+YycyMf/h1yIC5
SO4aSnNiruBmtGUM+lRvAwCwGyLVgRG/9VFnpuNeWYdjzgfA9F0+qmenMVmaW0nz
PL2oVHHVwcNcy/qOgc4SFYD+U+VNLDt5pYloVY4sOjrtcNp4QvN72o+vnXFg4cLC
cwkiTSHJtXK2SxLScI7bpyoUmLWXKlJ8yOhAZ96KO+rTyzr4XbIzJ+PghQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFC/3N1+f+Pg03LUwcgcQH70wsxfCMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzM3OGU0ZmU0LTMyNmMtNGFiMy04NTBmLWQzMTM5NzVlMjcyZS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCy1PcMA0GCSqGSIb3DQEBCwUAA4IBAQB8fnTzosun+Wh6JQf2gFZV
zAhcs1Ei7gnxadtnEhPVelExIewig7zVykgfUVHtdE0z4XRJdhNInqIhkVbVp5kh
PH3eR43gsWModNgTlddttwqQ8pxQH+QknIwaiNmQE3/ZYzAYB8r1ANHtkAJhdlAf
A/CJIRtiYGmb92LnGpaQLoqqtrn8V05wCPf1bOHVdF8BmU+SYshhP9YepsUEG0rn
NpR8iYCeVAaSznOc/VSjxwYOphj9Xw01GIZ2fcYEkkIIdEGdwKoygu5Cm2pv3J+6
8MCaoBzR2xnNbpY8+fCCJdOwM5Db/c2WYctXqUsHfXJ9OVy9VtxnUSTMEcZuiy8J
-----END CERTIFICATE-----
Generated at Fri Jun 14 16:48:07 2024 by rpki-client on console-fra.rpki-client.org