Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6c5d2129-c65c-4419-a480-b48028703d92.roa
File:                     6c5d2129-c65c-4419-a480-b48028703d92.roa (raw, json)
Hash identifier:          WUY3SGsC67tJ+M6qZHlUfm7WhN3N9czaYyggsyvflxA=
Subject key identifier:   A9:43:0E:25:2A:DC:61:B2:D1:65:B1:FB:E0:12:4C:ED:66:86:ED:9F
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       3A34EA11B8770760F6DF6860A81DA9FD58FD9525
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6c5d2129-c65c-4419-a480-b48028703d92.roa
Signing time:             Fri 21 Jun 2024 00:00:00 +0000
ROA not before:           Fri 21 Jun 2024 00:00:00 +0000
ROA not after:            Fri 26 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da38:9000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 28 Jun 2024 00:11:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:34:ea:11:b8:77:07:60:f6:df:68:60:a8:1d:a9:fd:58:fd:95:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jun 21 00:00:00 2024 GMT
            Not After : Jul 26 23:59:59 2024 GMT
        Subject: serialNumber=e4a43d17326f1146d34bd5489afa77c71d8dbcdca9c999d8d1584ff286fb2a5d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:60:30:77:07:42:a6:34:8f:85:2d:00:c1:38:
                    6b:9e:d0:3b:1e:3d:7f:f2:bf:6d:1a:00:3c:60:b1:
                    ef:a7:70:4b:c1:1d:31:2e:4f:d6:14:d5:69:cc:0f:
                    50:92:62:d1:64:8e:43:19:86:fb:c3:a4:96:65:03:
                    26:ca:40:45:7c:72:10:44:83:40:6e:c8:ff:7f:ea:
                    ee:fa:84:8f:c0:77:c5:fc:aa:af:30:70:53:1b:2b:
                    17:d7:4b:6a:aa:35:b0:86:fa:b4:81:f1:18:06:e1:
                    6b:23:95:6d:8a:6b:10:b2:fe:e8:fc:d9:22:d3:7a:
                    bf:bc:56:d5:8d:68:50:fa:c6:bc:e3:d7:ce:19:01:
                    4f:e2:85:52:b8:bf:28:80:59:f1:55:3a:cd:eb:43:
                    2a:25:91:1a:10:5c:7e:dd:20:45:e6:87:2e:0a:bc:
                    f8:12:a4:c5:ac:a8:69:f6:69:5a:41:89:bd:f6:b3:
                    29:37:84:83:3e:1a:5b:55:d1:b4:a0:b9:d4:a7:11:
                    c9:d7:e6:73:24:31:41:30:35:b0:a0:eb:b3:34:92:
                    0c:61:9f:e1:c7:2a:0c:72:d6:ed:22:6c:c0:13:d1:
                    01:2a:6a:1f:b9:bd:86:22:b7:76:8c:d3:ab:67:8b:
                    cb:c6:9a:7d:d3:77:91:ef:3c:1e:31:9e:b0:55:30:
                    b0:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:43:0E:25:2A:DC:61:B2:D1:65:B1:FB:E0:12:4C:ED:66:86:ED:9F
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6c5d2129-c65c-4419-a480-b48028703d92.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da38:9000::/40

    Signature Algorithm: sha256WithRSAEncryption
         6e:b1:cb:8a:65:f9:7b:f4:76:87:b3:8e:4f:89:d2:d4:54:85:
         c4:4b:28:ab:bc:26:f0:4f:3c:f2:78:d1:9c:a9:21:17:1e:c0:
         66:7d:bc:24:46:8b:29:90:cf:34:20:5a:0e:c1:68:f0:82:d3:
         e5:21:f4:f4:f5:13:ab:6e:d4:a9:80:d7:f8:8f:83:93:40:49:
         20:dc:88:cd:9d:cb:53:85:a3:11:d7:72:07:a9:5d:4b:5b:e6:
         38:81:cd:35:14:43:22:d4:ae:7e:85:e1:ee:ce:a5:e6:77:5e:
         b6:96:48:dd:21:7a:46:46:f9:9a:39:95:77:38:e4:7d:4d:34:
         78:8b:17:3d:15:67:45:d4:74:9e:02:fe:18:12:f0:61:c5:ae:
         61:fe:bb:6d:81:e0:52:04:6b:37:21:97:4c:7e:7c:8e:37:bc:
         36:da:71:bf:9a:1d:6d:9b:16:6b:c7:12:5d:da:f3:24:a3:60:
         c5:87:be:f7:5c:0b:ce:e2:c0:29:e0:0f:ba:8e:56:5b:7d:59:
         3f:52:e7:2e:26:84:94:f2:fb:05:a1:b9:c4:f4:e4:1a:84:51:
         5e:30:b8:e8:3f:c6:f3:db:c4:4a:30:f5:3c:15:30:4d:cc:e9:
         91:31:04:3c:02:a5:ed:b3:c5:bf:cc:7a:a7:33:1b:83:67:97:
         5a:e3:90:c2
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUOjTqEbh3B2D232hgqB2p/Vj9lSUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDYyMTAwMDAwMFoX
DTI0MDcyNjIzNTk1OVowejFJMEcGA1UEBRNAZTRhNDNkMTczMjZmMTE0NmQzNGJk
NTQ4OWFmYTc3YzcxZDhkYmNkY2E5Yzk5OWQ4ZDE1ODRmZjI4NmZiMmE1ZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3GAwdwdCpjSPhS0AwThrntA7Hj1/
8r9tGgA8YLHvp3BLwR0xLk/WFNVpzA9QkmLRZI5DGYb7w6SWZQMmykBFfHIQRINA
bsj/f+ru+oSPwHfF/KqvMHBTGysX10tqqjWwhvq0gfEYBuFrI5VtimsQsv7o/Nki
03q/vFbVjWhQ+sa849fOGQFP4oVSuL8ogFnxVTrN60MqJZEaEFx+3SBF5ocuCrz4
EqTFrKhp9mlaQYm99rMpN4SDPhpbVdG0oLnUpxHJ1+ZzJDFBMDWwoOuzNJIMYZ/h
xyoMctbtImzAE9EBKmofub2GIrd2jNOrZ4vLxpp903eR7zweMZ6wVTCwDwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFKlDDiUq3GGy0WWx++ASTO1mhu2fMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzZjNWQyMTI5LWM2NWMtNDQxOS1hNDgwLWI0ODAyODcwM2Q5Mi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaOJAwDQYJKoZIhvcNAQELBQADggEBAG6xy4pl+Xv0doezjk+J
0tRUhcRLKKu8JvBPPPJ40ZypIRcewGZ9vCRGiymQzzQgWg7BaPCC0+Uh9PT1E6tu
1KmA1/iPg5NASSDciM2dy1OFoxHXcgepXUtb5jiBzTUUQyLUrn6F4e7OpeZ3XraW
SN0hekZG+Zo5lXc45H1NNHiLFz0VZ0XUdJ4C/hgS8GHFrmH+u22B4FIEazchl0x+
fI43vDbacb+aHW2bFmvHEl3a8ySjYMWHvvdcC87iwCngD7qOVlt9WT9S5y4mhJTy
+wWhucT05BqEUV4wuOg/xvPbxEow9TwVME3M6ZExBDwCpe2zxb/MeqczG4Nnl1rj
kMI=
-----END CERTIFICATE-----
Generated at Mon Jun 24 00:42:55 2024 by rpki-client on console-fra.rpki-client.org