Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/75f54745-192b-433a-abc8-ed20883dd866.roa
File:                     75f54745-192b-433a-abc8-ed20883dd866.roa (raw, json)
Hash identifier:          Ug4evm4+vH+IL208BGl0LW7qoqxpwLz/TctJZg4gxXc=
Subject key identifier:   E2:17:B3:27:BA:56:07:11:35:5C:60:06:BA:B7:11:D3:E9:F8:58:C0
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       3988A07DDBA313999F247B39BDA2ADC505BDC821
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/75f54745-192b-433a-abc8-ed20883dd866.roa
Signing time:             Tue 16 Jul 2024 00:00:00 +0000
ROA not before:           Tue 16 Jul 2024 00:00:00 +0000
ROA not after:            Tue 20 Aug 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da69:7000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 21 Jul 2024 00:10:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:88:a0:7d:db:a3:13:99:9f:24:7b:39:bd:a2:ad:c5:05:bd:c8:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 16 00:00:00 2024 GMT
            Not After : Aug 20 23:59:59 2024 GMT
        Subject: serialNumber=53fbdf34b76063f574ce37777ec9467168216cea35332b497c725b4053ff8279, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:75:5f:42:8c:64:16:54:83:e0:a5:52:5f:47:
                    96:e1:38:4a:c7:14:98:da:86:b7:12:f0:ba:88:e2:
                    81:e7:90:42:bd:5b:ae:d6:e8:71:ac:72:8e:15:03:
                    8c:d3:18:ca:8d:a5:2d:64:1a:28:6f:2c:ca:f9:1f:
                    b0:4d:b3:f6:fb:72:13:5d:63:bf:93:27:86:1a:92:
                    19:a8:2d:79:7f:b8:fc:d9:88:fb:e5:63:fd:8a:27:
                    61:55:45:27:c4:f1:c9:be:1b:ba:8a:31:58:c2:dd:
                    1b:8b:93:32:38:65:b2:ca:ec:39:9c:ca:46:ff:0c:
                    0f:4a:db:ea:3f:02:25:63:3f:e3:5e:43:a8:c1:cc:
                    bb:27:63:8a:84:50:3e:28:09:fc:a5:40:12:78:f6:
                    6f:60:55:54:93:d0:76:18:44:5d:9a:34:23:db:11:
                    cf:13:7c:99:4d:e9:86:8c:b9:08:af:dc:b1:40:cc:
                    fe:60:cc:60:a9:e6:1f:eb:03:f0:89:e9:c4:3a:48:
                    3f:ec:05:c0:38:ca:37:23:b8:bd:52:b7:d7:ff:d3:
                    7e:dc:39:70:31:80:b6:a7:4b:58:66:af:ec:cc:6a:
                    6c:39:cb:1d:95:dd:0b:f3:d5:8b:b4:ce:9e:82:82:
                    21:bf:49:2c:a1:84:fe:c7:99:92:65:b0:b9:3a:a9:
                    5e:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:17:B3:27:BA:56:07:11:35:5C:60:06:BA:B7:11:D3:E9:F8:58:C0
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/75f54745-192b-433a-abc8-ed20883dd866.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da69:7000::/40

    Signature Algorithm: sha256WithRSAEncryption
         4e:8f:eb:74:3e:79:35:14:bd:6d:c0:85:3c:f3:da:a6:ab:a8:
         f8:d3:14:79:0c:f3:87:43:00:9e:14:29:5f:2a:9d:1e:72:2c:
         af:d5:1f:48:ab:d3:f1:5a:c9:ce:6c:24:7a:de:69:95:a1:a2:
         52:53:3f:a1:5a:f6:c8:c3:2d:c3:3b:fc:48:40:ef:17:ee:3f:
         48:1a:37:c0:11:ad:06:9a:12:d1:c4:3a:52:af:4a:cc:93:1d:
         dc:ef:f4:c9:35:b1:34:b5:e0:16:dd:7e:2e:24:2d:4c:54:ba:
         fc:bb:d6:12:49:03:09:4b:92:fc:75:4e:6a:8b:74:76:69:45:
         70:5c:a0:b6:2a:c7:73:7a:0c:56:7a:4a:9c:52:e8:05:e2:77:
         8d:d5:80:85:56:20:d0:3f:c6:8e:90:67:c4:6b:96:88:8c:27:
         7b:a9:0b:6c:15:99:77:8e:d9:c5:fe:80:6a:a0:c6:30:a1:99:
         74:be:c5:01:3a:b1:32:8f:d6:5d:12:94:d5:c7:ff:a4:c8:13:
         90:0f:5e:49:02:fa:f8:ce:46:eb:d0:11:79:ab:3d:ca:ef:53:
         ea:05:c6:ec:8d:ac:6b:2a:5a:89:77:80:5e:21:b4:e0:1a:30:
         b3:e7:ba:af:f5:f0:4e:84:91:61:49:97:1e:d8:91:3b:dd:00:
         70:07:b8:a5
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUOYigfdujE5mfJHs5vaKtxQW9yCEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcxNjAwMDAwMFoX
DTI0MDgyMDIzNTk1OVowejFJMEcGA1UEBRNANTNmYmRmMzRiNzYwNjNmNTc0Y2Uz
Nzc3N2VjOTQ2NzE2ODIxNmNlYTM1MzMyYjQ5N2M3MjViNDA1M2ZmODI3OTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7XVfQoxkFlSD4KVSX0eW4ThKxxSY
2oa3EvC6iOKB55BCvVuu1uhxrHKOFQOM0xjKjaUtZBoobyzK+R+wTbP2+3ITXWO/
kyeGGpIZqC15f7j82Yj75WP9iidhVUUnxPHJvhu6ijFYwt0bi5MyOGWyyuw5nMpG
/wwPStvqPwIlYz/jXkOowcy7J2OKhFA+KAn8pUASePZvYFVUk9B2GERdmjQj2xHP
E3yZTemGjLkIr9yxQMz+YMxgqeYf6wPwienEOkg/7AXAOMo3I7i9UrfX/9N+3Dlw
MYC2p0tYZq/szGpsOcsdld0L89WLtM6egoIhv0ksoYT+x5mSZbC5OqlelQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFOIXsye6VgcRNVxgBrq3EdPp+FjAMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzc1ZjU0NzQ1LTE5MmItNDMzYS1hYmM4LWVkMjA4ODNkZDg2Ni5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaaXAwDQYJKoZIhvcNAQELBQADggEBAE6P63Q+eTUUvW3AhTzz
2qarqPjTFHkM84dDAJ4UKV8qnR5yLK/VH0ir0/Fayc5sJHreaZWholJTP6Fa9sjD
LcM7/EhA7xfuP0gaN8ARrQaaEtHEOlKvSsyTHdzv9Mk1sTS14Bbdfi4kLUxUuvy7
1hJJAwlLkvx1TmqLdHZpRXBcoLYqx3N6DFZ6SpxS6AXid43VgIVWINA/xo6QZ8Rr
loiMJ3upC2wVmXeO2cX+gGqgxjChmXS+xQE6sTKP1l0SlNXH/6TIE5APXkkC+vjO
RuvQEXmrPcrvU+oFxuyNrGsqWol3gF4htOAaMLPnuq/18E6EkWFJlx7YkTvdAHAH
uKU=
-----END CERTIFICATE-----
Generated at Wed Jul 17 01:22:46 2024 by rpki-client on console-fra.rpki-client.org