Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/71870024-8ed4-4150-a104-52f4b8c56809.roa
File:                     71870024-8ed4-4150-a104-52f4b8c56809.roa (raw, json)
Hash identifier:          xLEYaJUa/agaXOlYFwCaJbnQd/QMRzUAdr9PLBVLB0E=
Subject key identifier:   05:03:61:12:C3:FF:80:F9:53:F5:2C:7E:95:38:62:67:4D:30:6C:57
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       7A37F5D13748E9ED1D7E02298ADAB51E557A22E6
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/71870024-8ed4-4150-a104-52f4b8c56809.roa
Signing time:             Wed 12 Jun 2024 00:00:00 +0000
ROA not before:           Wed 12 Jun 2024 00:00:00 +0000
ROA not after:            Wed 17 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dab8:2000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 19 Jun 2024 00:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:37:f5:d1:37:48:e9:ed:1d:7e:02:29:8a:da:b5:1e:55:7a:22:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jun 12 00:00:00 2024 GMT
            Not After : Jul 17 23:59:59 2024 GMT
        Subject: serialNumber=1acb3eb2d96aca6080d5e763f8ffc8ac47b3ebc40f1f6dd9057dcdc9e635fb15, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:c5:b8:df:3f:35:fb:20:a9:38:ee:f6:34:a9:
                    ba:e2:d4:c5:3f:aa:df:11:23:b2:3c:87:ae:7f:b7:
                    4e:c0:14:a1:0b:16:e1:f6:22:19:fa:f6:b6:d9:a6:
                    9f:36:21:87:5e:fe:d3:9d:4e:72:f9:70:e5:18:9f:
                    77:51:39:55:8b:e2:36:a5:a8:4c:99:c5:de:d5:c6:
                    c8:80:3d:a0:ab:77:32:0d:59:7c:85:c3:b9:94:1c:
                    6d:92:0c:e7:a3:c6:ad:db:8d:7f:c8:9b:a2:4e:90:
                    73:5f:0c:21:9e:cb:3b:da:9f:de:10:32:c5:0e:84:
                    e7:e2:1e:5c:43:0c:d8:1f:d1:3e:fc:c0:47:74:9c:
                    b8:8d:fc:45:5a:e8:76:6e:1b:02:6f:52:2e:88:26:
                    85:0b:0c:b6:59:65:56:92:29:34:6f:51:6e:3d:cb:
                    1b:d2:94:8d:6d:95:d3:e7:56:70:a1:38:ec:99:d1:
                    f9:23:81:6e:9d:2b:f0:11:5f:c3:a7:10:23:95:75:
                    33:69:53:3a:5f:5a:21:29:9e:8d:aa:27:60:29:df:
                    3e:0f:b6:a4:40:2f:61:80:c4:0a:e8:b5:a8:7e:47:
                    82:64:f8:95:a4:7f:38:c8:af:33:34:ab:bf:f6:0b:
                    1c:3e:a1:1a:49:91:6d:88:c1:d0:6f:a0:a1:5f:eb:
                    dc:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:03:61:12:C3:FF:80:F9:53:F5:2C:7E:95:38:62:67:4D:30:6C:57
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/71870024-8ed4-4150-a104-52f4b8c56809.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dab8:2000::/40

    Signature Algorithm: sha256WithRSAEncryption
         6d:99:99:7a:64:aa:e1:41:3e:df:ed:a0:fb:b9:86:58:8d:8e:
         a4:86:61:d1:ae:ac:56:7b:70:bd:e1:ba:34:47:e2:20:1f:80:
         39:47:bb:06:c8:c2:59:7a:ac:c5:72:79:e3:65:b0:be:10:d3:
         20:c8:fc:eb:41:55:47:53:b2:59:b7:f6:9f:d0:00:53:21:f3:
         c3:59:d2:c2:ab:f6:91:6f:f2:ac:d1:56:ec:21:39:0c:52:bf:
         0a:84:cf:b2:c2:a2:db:3f:d1:8a:d4:94:3b:78:45:c8:15:29:
         e0:55:b9:cc:fc:60:d1:ca:23:d1:91:4e:33:9b:32:a4:77:e8:
         92:b1:02:b5:eb:c7:d8:00:cd:e2:df:cf:08:57:d5:8b:7e:d9:
         ba:b2:16:76:50:90:d9:ae:5e:c8:c9:49:4d:22:f3:cf:c0:2c:
         19:34:5d:3c:d6:8d:88:f3:7b:a7:4f:18:e8:fb:d7:42:b6:37:
         45:5f:49:98:77:6b:15:6f:e2:43:20:9f:6e:4a:94:c3:15:d7:
         13:28:06:73:78:b5:ba:d7:86:b9:34:ad:17:f7:66:37:d2:d6:
         a7:aa:36:12:7b:35:2f:d7:36:9f:e8:a5:f5:d3:c3:3a:71:a5:
         c4:ff:b0:ce:44:6e:5e:74:a6:f7:58:64:cd:af:04:ff:5c:6c:
         f6:e0:f9:3d
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUejf10TdI6e0dfgIpitq1HlV6IuYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDYxMjAwMDAwMFoX
DTI0MDcxNzIzNTk1OVowejFJMEcGA1UEBRNAMWFjYjNlYjJkOTZhY2E2MDgwZDVl
NzYzZjhmZmM4YWM0N2IzZWJjNDBmMWY2ZGQ5MDU3ZGNkYzllNjM1ZmIxNTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsW43z81+yCpOO72NKm64tTFP6rf
ESOyPIeuf7dOwBShCxbh9iIZ+va22aafNiGHXv7TnU5y+XDlGJ93UTlVi+I2pahM
mcXe1cbIgD2gq3cyDVl8hcO5lBxtkgzno8at241/yJuiTpBzXwwhnss72p/eEDLF
DoTn4h5cQwzYH9E+/MBHdJy4jfxFWuh2bhsCb1IuiCaFCwy2WWVWkik0b1FuPcsb
0pSNbZXT51ZwoTjsmdH5I4FunSvwEV/DpxAjlXUzaVM6X1ohKZ6NqidgKd8+D7ak
QC9hgMQK6LWofkeCZPiVpH84yK8zNKu/9gscPqEaSZFtiMHQb6ChX+vciwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFAUDYRLD/4D5U/UsfpU4YmdNMGxXMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzcxODcwMDI0LThlZDQtNDE1MC1hMTA0LTUyZjRiOGM1NjgwOS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbauCAwDQYJKoZIhvcNAQELBQADggEBAG2ZmXpkquFBPt/toPu5
hliNjqSGYdGurFZ7cL3hujRH4iAfgDlHuwbIwll6rMVyeeNlsL4Q0yDI/OtBVUdT
slm39p/QAFMh88NZ0sKr9pFv8qzRVuwhOQxSvwqEz7LCots/0YrUlDt4RcgVKeBV
ucz8YNHKI9GRTjObMqR36JKxArXrx9gAzeLfzwhX1Yt+2bqyFnZQkNmuXsjJSU0i
88/ALBk0XTzWjYjze6dPGOj710K2N0VfSZh3axVv4kMgn25KlMMV1xMoBnN4tbrX
hrk0rRf3ZjfS1qeqNhJ7NS/XNp/opfXTwzpxpcT/sM5Ebl50pvdYZM2vBP9cbPbg
+T0=
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:42:05 2024 by rpki-client on console-ams.rpki-client.org