Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6d78adbd-8263-46ba-9c6b-4c3ed456f412.roa
File:                     6d78adbd-8263-46ba-9c6b-4c3ed456f412.roa (raw, json)
Hash identifier:          H/2aaMNagzB1Wo5w/ba5E92ihBjVbTRtTk+z20x/IzA=
Subject key identifier:   E6:DF:86:99:79:B2:B7:07:D7:B9:93:32:00:85:D3:07:75:CD:AB:EB
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       6CC16BB51D026ED97C184DE432649E59EF092057
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6d78adbd-8263-46ba-9c6b-4c3ed456f412.roa
Signing time:             Mon 27 May 2024 00:00:00 +0000
ROA not before:           Mon 27 May 2024 00:00:00 +0000
ROA not after:            Mon 01 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dafe:4800::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 21 Jun 2024 00:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:c1:6b:b5:1d:02:6e:d9:7c:18:4d:e4:32:64:9e:59:ef:09:20:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: May 27 00:00:00 2024 GMT
            Not After : Jul  1 23:59:59 2024 GMT
        Subject: serialNumber=e34b1fa5a5c176cbb9c0ee70184ae233d0b96b86f50d7f4d71c34a7ddb5a2dd3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:00:c4:4c:d7:40:ad:98:7c:3e:18:36:44:fa:
                    a1:a0:d5:ff:b3:ee:39:d8:84:85:6a:2e:60:82:a1:
                    3b:d7:7c:36:05:b7:31:a4:b3:a3:a6:ce:1f:8c:20:
                    bb:70:7e:09:47:fd:1e:13:af:9b:05:35:17:e5:14:
                    a0:6f:01:1d:a9:72:87:f7:d4:e9:02:03:d5:f5:96:
                    ef:e9:99:f4:3a:7d:1b:3c:5d:e0:51:4f:41:6c:3f:
                    6c:64:1c:c0:a5:2f:14:c0:29:a9:70:0b:e9:99:42:
                    d3:44:bc:03:09:a3:c7:2c:cd:f5:7f:f2:04:39:a5:
                    3b:d4:e1:51:04:88:5d:c7:6d:d7:f2:a1:79:df:a5:
                    64:ce:2d:26:e3:d1:63:74:f7:e1:2c:e3:42:fe:70:
                    e0:2e:58:97:ff:c1:2c:cb:a6:1b:94:d2:b9:88:48:
                    99:ee:b4:26:7d:9e:a0:c0:d9:4e:46:cf:43:dc:eb:
                    f6:2a:c0:6a:2a:61:0b:76:dc:3c:3b:18:5d:f5:50:
                    28:5f:77:32:15:a5:83:36:dc:8c:ab:e8:c5:3b:e2:
                    1a:26:d2:4b:ca:b5:ef:db:0d:89:37:8e:57:a4:cc:
                    74:a6:45:cd:1e:f2:7d:b0:2c:dd:8d:00:30:13:bc:
                    4a:75:63:cd:d5:ff:20:b1:69:d6:58:e5:fa:23:6a:
                    a4:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:DF:86:99:79:B2:B7:07:D7:B9:93:32:00:85:D3:07:75:CD:AB:EB
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6d78adbd-8263-46ba-9c6b-4c3ed456f412.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dafe:4800::/40

    Signature Algorithm: sha256WithRSAEncryption
         08:e1:d7:20:4e:ae:20:47:a6:5e:79:8d:98:61:6c:11:53:69:
         20:b4:43:b3:88:04:c4:69:9a:55:17:ba:4b:2b:bc:b6:44:c0:
         e2:a7:86:ff:ef:62:bc:d0:c8:1b:d3:e6:2a:19:52:c1:7c:12:
         d2:39:5e:89:40:44:c3:5a:de:4e:09:91:87:42:d9:68:5f:a7:
         39:d7:1e:a0:c0:75:9c:5c:87:30:41:81:92:65:e3:c9:1f:a2:
         e0:fd:81:c6:69:39:b8:1a:2d:85:39:36:d3:d8:e9:af:c9:42:
         e8:8f:05:0b:6b:1d:72:e2:4f:56:b0:61:ea:51:91:23:9b:2b:
         c1:13:ef:16:40:66:95:1c:70:06:53:16:f5:e4:33:84:92:bc:
         90:e6:0b:4d:80:24:22:33:fb:60:39:57:d7:03:64:57:0f:64:
         37:6e:20:f9:59:09:d7:db:26:63:b3:47:f4:8a:98:d6:a3:47:
         6e:db:cf:9a:0f:44:1c:79:2d:77:60:40:0e:ec:ff:b4:26:2a:
         2f:36:85:73:09:0b:7c:72:41:1b:fc:2e:0f:6e:5a:22:5a:2a:
         f7:11:b8:82:ca:e1:d6:7e:ee:bc:26:24:23:33:ff:a9:81:2a:
         3c:39:98:d7:65:b8:0a:66:cb:16:01:e0:b4:8e:20:69:a8:98:
         e5:cc:f6:96
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUbMFrtR0Cbtl8GE3kMmSeWe8JIFcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUyNzAwMDAwMFoX
DTI0MDcwMTIzNTk1OVowejFJMEcGA1UEBRNAZTM0YjFmYTVhNWMxNzZjYmI5YzBl
ZTcwMTg0YWUyMzNkMGI5NmI4NmY1MGQ3ZjRkNzFjMzRhN2RkYjVhMmRkMzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlADETNdArZh8Phg2RPqhoNX/s+45
2ISFai5ggqE713w2BbcxpLOjps4fjCC7cH4JR/0eE6+bBTUX5RSgbwEdqXKH99Tp
AgPV9Zbv6Zn0On0bPF3gUU9BbD9sZBzApS8UwCmpcAvpmULTRLwDCaPHLM31f/IE
OaU71OFRBIhdx23X8qF536Vkzi0m49FjdPfhLONC/nDgLliX/8Esy6YblNK5iEiZ
7rQmfZ6gwNlORs9D3Ov2KsBqKmELdtw8Oxhd9VAoX3cyFaWDNtyMq+jFO+IaJtJL
yrXv2w2JN45XpMx0pkXNHvJ9sCzdjQAwE7xKdWPN1f8gsWnWWOX6I2qk1QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFObfhpl5srcH17mTMgCF0wd1zavrMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzZkNzhhZGJkLTgyNjMtNDZiYS05YzZiLTRjM2VkNDU2ZjQxMi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba/kgwDQYJKoZIhvcNAQELBQADggEBAAjh1yBOriBHpl55jZhh
bBFTaSC0Q7OIBMRpmlUXuksrvLZEwOKnhv/vYrzQyBvT5ioZUsF8EtI5XolARMNa
3k4JkYdC2WhfpznXHqDAdZxchzBBgZJl48kfouD9gcZpObgaLYU5NtPY6a/JQuiP
BQtrHXLiT1awYepRkSObK8ET7xZAZpUccAZTFvXkM4SSvJDmC02AJCIz+2A5V9cD
ZFcPZDduIPlZCdfbJmOzR/SKmNajR27bz5oPRBx5LXdgQA7s/7QmKi82hXMJC3xy
QRv8Lg9uWiJaKvcRuILK4dZ+7rwmJCMz/6mBKjw5mNdluApmyxYB4LSOIGmomOXM
9pY=
-----END CERTIFICATE-----
Generated at Mon Jun 17 15:56:25 2024 by rpki-client on console-fra.rpki-client.org