Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/637c6034-29f4-4fac-acf6-8424da319596.roa
File:                     637c6034-29f4-4fac-acf6-8424da319596.roa (raw, json)
Hash identifier:          CzUszsmU8JPnhaTBtZIcV1HfR/ig6SZnfnwgxULSoV8=
Subject key identifier:   53:25:AF:A1:25:5E:09:A3:E3:FF:57:AE:65:B9:80:BC:92:E0:14:AA
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       44E40B52A523CFF026206A91E7308DCA4EE1C4C2
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/637c6034-29f4-4fac-acf6-8424da319596.roa
Signing time:             Fri 31 May 2024 00:00:00 +0000
ROA not before:           Fri 31 May 2024 00:00:00 +0000
ROA not after:            Fri 05 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da60:800::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 18 Jun 2024 00:10:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:e4:0b:52:a5:23:cf:f0:26:20:6a:91:e7:30:8d:ca:4e:e1:c4:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: May 31 00:00:00 2024 GMT
            Not After : Jul  5 23:59:59 2024 GMT
        Subject: serialNumber=e15087c780d6971cc1104dc5a96f5c3b0db9e4912da9c051d3e40d3e93fe9433, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:03:27:5f:e4:f8:4f:87:72:ac:87:35:54:40:
                    ab:4e:b3:1c:da:f9:2b:61:9c:93:da:90:0d:eb:62:
                    aa:f0:f5:1e:36:6d:e1:3a:fa:3f:79:64:4b:9f:2a:
                    96:92:5e:f5:7a:27:11:e4:a9:11:45:74:cf:a4:92:
                    de:18:e1:6c:7f:27:a4:28:f4:bc:bd:d3:e2:76:f5:
                    0d:ce:07:a8:71:8b:d6:be:82:7d:59:2e:b0:ba:1e:
                    33:52:59:1e:d0:df:a7:2d:31:58:96:c2:d9:e7:63:
                    1c:79:14:52:3a:d0:db:7d:72:a5:4f:e6:b5:08:60:
                    58:69:32:fb:ef:bf:3a:ef:72:44:18:d3:6a:cb:64:
                    a2:11:e9:04:7d:05:c6:f1:49:12:08:c7:4c:51:13:
                    eb:ae:c4:fe:b7:3f:9a:84:d3:b5:94:ff:22:83:0e:
                    37:1d:c7:d5:52:5e:02:f6:42:36:70:f4:ec:5b:50:
                    06:c6:e4:1b:78:3e:fd:f6:b4:f1:22:c9:a6:5a:cf:
                    27:b1:4b:b0:84:30:f0:3e:85:ac:dd:01:27:a6:1d:
                    b1:9f:73:10:7d:fb:10:6d:7a:e1:90:6b:37:fe:53:
                    ca:26:ed:27:75:6b:29:f0:ae:fa:47:30:e3:21:08:
                    9c:d7:a8:d2:2d:69:b7:d6:d1:dc:29:80:6b:34:9d:
                    b3:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:25:AF:A1:25:5E:09:A3:E3:FF:57:AE:65:B9:80:BC:92:E0:14:AA
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/637c6034-29f4-4fac-acf6-8424da319596.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da60:800::/40

    Signature Algorithm: sha256WithRSAEncryption
         08:6b:fe:e2:c4:aa:72:4e:06:a0:d4:b7:1e:0a:d4:73:c2:83:
         c3:85:fd:28:cb:5f:ae:ed:f7:1e:08:9d:5a:cd:1f:b9:8a:ab:
         53:ad:17:14:a2:e4:54:62:9c:bf:9d:d2:1f:67:91:a0:7a:32:
         a7:54:44:56:b1:5b:ea:15:c7:75:0e:a5:dc:08:0b:0e:29:b1:
         12:69:3c:40:2c:e1:9c:8c:0e:0d:e0:e4:fd:44:b7:5d:61:5e:
         af:b2:05:01:c9:aa:e5:2f:f4:61:bf:4b:09:20:44:16:d2:49:
         72:75:09:e4:5e:20:ac:51:18:3e:2c:13:24:ff:63:58:38:e6:
         e3:c4:cf:9b:de:17:d7:12:43:dc:a5:77:80:2e:78:56:40:21:
         21:44:bd:27:0f:4e:6e:24:67:12:6c:3d:35:12:e6:73:d4:4d:
         fb:5f:03:c8:67:b5:d6:07:44:5f:2a:c3:b6:c6:41:8a:02:46:
         df:cd:25:a5:6a:f6:4a:40:fb:05:78:a2:39:0a:9a:da:a0:d0:
         34:4c:b0:64:95:f1:ce:f5:46:34:1c:cd:d6:c1:af:94:55:06:
         a3:89:02:a8:2d:f6:d7:f0:a2:70:d7:23:85:72:aa:76:82:9e:
         d2:e3:77:98:30:6b:2a:27:60:9e:31:b1:2d:01:1b:76:36:22:
         2b:4d:e4:6f
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUROQLUqUjz/AmIGqR5zCNyk7hxMIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUzMTAwMDAwMFoX
DTI0MDcwNTIzNTk1OVowejFJMEcGA1UEBRNAZTE1MDg3Yzc4MGQ2OTcxY2MxMTA0
ZGM1YTk2ZjVjM2IwZGI5ZTQ5MTJkYTljMDUxZDNlNDBkM2U5M2ZlOTQzMzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngMnX+T4T4dyrIc1VECrTrMc2vkr
YZyT2pAN62Kq8PUeNm3hOvo/eWRLnyqWkl71eicR5KkRRXTPpJLeGOFsfyekKPS8
vdPidvUNzgeocYvWvoJ9WS6wuh4zUlke0N+nLTFYlsLZ52MceRRSOtDbfXKlT+a1
CGBYaTL7778673JEGNNqy2SiEekEfQXG8UkSCMdMURPrrsT+tz+ahNO1lP8igw43
HcfVUl4C9kI2cPTsW1AGxuQbeD799rTxIsmmWs8nsUuwhDDwPoWs3QEnph2xn3MQ
ffsQbXrhkGs3/lPKJu0ndWsp8K76RzDjIQic16jSLWm31tHcKYBrNJ2z2QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFFMlr6ElXgmj4/9XrmW5gLyS4BSqMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzYzN2M2MDM0LTI5ZjQtNGZhYy1hY2Y2LTg0MjRkYTMxOTU5Ni5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaYAgwDQYJKoZIhvcNAQELBQADggEBAAhr/uLEqnJOBqDUtx4K
1HPCg8OF/SjLX67t9x4InVrNH7mKq1OtFxSi5FRinL+d0h9nkaB6MqdURFaxW+oV
x3UOpdwICw4psRJpPEAs4ZyMDg3g5P1Et11hXq+yBQHJquUv9GG/SwkgRBbSSXJ1
CeReIKxRGD4sEyT/Y1g45uPEz5veF9cSQ9yld4AueFZAISFEvScPTm4kZxJsPTUS
5nPUTftfA8hntdYHRF8qw7bGQYoCRt/NJaVq9kpA+wV4ojkKmtqg0DRMsGSV8c71
RjQczdbBr5RVBqOJAqgt9tfwonDXI4VyqnaCntLjd5gwayonYJ4xsS0BG3Y2IitN
5G8=
-----END CERTIFICATE-----
Generated at Fri Jun 14 19:06:54 2024 by rpki-client on console-ams.rpki-client.org