Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/769845d8-20c6-4639-a605-e6db7bfa4f8f.roa
File:                     769845d8-20c6-4639-a605-e6db7bfa4f8f.roa (raw, json)
Hash identifier:          sum1QmTCv0MbG/SeJpEnS8//V/EqoArZVcoNdHza8Qw=
Subject key identifier:   12:E3:AF:C3:E3:51:6B:54:F3:09:20:1D:C2:29:79:93:03:81:8F:FB
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       5BAA0EF9DE4565DD51C2738360FD86D9F572E160
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/769845d8-20c6-4639-a605-e6db7bfa4f8f.roa
Signing time:             Tue 16 Jul 2024 00:00:00 +0000
ROA not before:           Tue 16 Jul 2024 00:00:00 +0000
ROA not after:            Tue 20 Aug 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf0:4000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 22 Jul 2024 00:10:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:aa:0e:f9:de:45:65:dd:51:c2:73:83:60:fd:86:d9:f5:72:e1:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 16 00:00:00 2024 GMT
            Not After : Aug 20 23:59:59 2024 GMT
        Subject: serialNumber=de1b05f28f022f846c6a34e8f5b927b1a962959b07b863b16ed26867e0a59485, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:19:2d:83:e9:e9:be:bb:30:ba:cd:d6:25:1f:
                    52:26:39:aa:72:bf:32:df:84:1b:18:a6:0c:a6:69:
                    f3:2b:0e:95:0b:8d:fd:d5:cf:fc:ab:16:8a:ac:58:
                    0b:de:07:86:50:c8:31:3b:42:1b:a7:2c:d6:a5:4f:
                    04:7e:0d:12:1c:72:97:b2:6d:74:21:50:df:d6:f9:
                    6d:58:bc:62:bf:51:a4:2e:ea:7b:27:40:1f:c4:ad:
                    1f:d2:98:65:7b:91:2f:f6:d1:55:2d:f1:9a:fd:85:
                    aa:ed:77:db:6b:c7:1f:40:5b:e3:e3:12:8e:97:12:
                    3a:69:b7:ec:34:45:b2:dd:ef:81:fd:cb:2f:e2:2e:
                    a6:00:28:85:b5:b1:f9:2d:5a:17:84:d1:5d:f5:a6:
                    43:70:e2:1c:f4:63:92:39:f3:32:60:91:45:ec:0f:
                    8f:0c:73:30:4d:87:9b:df:b7:c2:e0:a7:81:d9:0d:
                    a6:71:ff:47:dd:c5:14:e7:93:90:d7:4c:55:3c:53:
                    b8:78:04:aa:a1:47:40:d2:3e:f6:80:26:13:85:ce:
                    e4:e4:23:5d:04:29:c2:87:3e:52:13:75:ae:53:57:
                    d0:ae:62:3b:e8:f8:31:8a:9b:0b:d7:f4:24:4c:dc:
                    99:e9:6c:4a:6a:63:85:e4:ac:5b:5e:c7:e2:cb:d4:
                    2b:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:E3:AF:C3:E3:51:6B:54:F3:09:20:1D:C2:29:79:93:03:81:8F:FB
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/769845d8-20c6-4639-a605-e6db7bfa4f8f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf0:4000::/40

    Signature Algorithm: sha256WithRSAEncryption
         2f:8b:3e:3f:92:9b:30:ee:8a:04:8f:56:9b:be:78:27:ea:b7:
         9d:42:03:e7:8d:26:50:6b:c1:bd:69:18:aa:aa:b1:63:21:31:
         8c:1e:14:67:d3:9c:89:1a:80:79:b5:d1:3a:a6:e7:08:aa:2f:
         56:98:1b:9d:e6:14:e8:c3:88:fa:f1:c1:0e:eb:fe:34:ef:75:
         b4:3d:f0:6c:34:eb:e7:82:d8:a9:01:56:ce:9a:65:7d:26:f2:
         5e:6f:8d:99:ef:55:3e:3c:87:a8:f1:f0:4a:2a:91:59:9e:8f:
         f7:68:f1:09:51:f1:7a:b0:09:27:37:33:39:71:87:f4:ba:e9:
         6d:37:0b:fc:09:b8:4e:84:b5:1b:47:84:79:c2:b7:6a:18:a1:
         82:72:ab:2e:cd:97:fe:cd:23:82:a5:22:d5:a5:38:ca:9e:45:
         d9:24:e1:1d:78:2d:d6:b4:a4:20:1a:9b:89:b9:3b:59:fa:09:
         a3:78:fb:6d:28:c7:0b:bb:86:07:51:c8:90:06:0f:8f:7a:cd:
         04:71:0e:28:39:c5:ed:b1:a1:8c:0e:89:24:ef:c1:7e:2c:ce:
         32:28:9e:12:c6:b5:ee:71:13:f4:63:05:00:56:f2:86:af:23:
         bb:ac:dd:16:fa:e0:10:90:33:1f:f7:41:e7:c1:6a:9c:60:dd:
         c7:60:13:71
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUW6oO+d5FZd1RwnODYP2G2fVy4WAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcxNjAwMDAwMFoX
DTI0MDgyMDIzNTk1OVowejFJMEcGA1UEBRNAZGUxYjA1ZjI4ZjAyMmY4NDZjNmEz
NGU4ZjViOTI3YjFhOTYyOTU5YjA3Yjg2M2IxNmVkMjY4NjdlMGE1OTQ4NTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhktg+npvrswus3WJR9SJjmqcr8y
34QbGKYMpmnzKw6VC4391c/8qxaKrFgL3geGUMgxO0IbpyzWpU8Efg0SHHKXsm10
IVDf1vltWLxiv1GkLup7J0AfxK0f0phle5Ev9tFVLfGa/YWq7Xfba8cfQFvj4xKO
lxI6abfsNEWy3e+B/csv4i6mACiFtbH5LVoXhNFd9aZDcOIc9GOSOfMyYJFF7A+P
DHMwTYeb37fC4KeB2Q2mcf9H3cUU55OQ10xVPFO4eASqoUdA0j72gCYThc7k5CNd
BCnChz5SE3WuU1fQrmI76PgxipsL1/QkTNyZ6WxKamOF5KxbXsfiy9QrLwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFBLjr8PjUWtU8wkgHcIpeZMDgY/7MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzc2OTg0NWQ4LTIwYzYtNDYzOS1hNjA1LWU2ZGI3YmZhNGY4Zi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba8EAwDQYJKoZIhvcNAQELBQADggEBAC+LPj+SmzDuigSPVpu+
eCfqt51CA+eNJlBrwb1pGKqqsWMhMYweFGfTnIkagHm10Tqm5wiqL1aYG53mFOjD
iPrxwQ7r/jTvdbQ98Gw06+eC2KkBVs6aZX0m8l5vjZnvVT48h6jx8EoqkVmej/do
8QlR8XqwCSc3Mzlxh/S66W03C/wJuE6EtRtHhHnCt2oYoYJyqy7Nl/7NI4KlItWl
OMqeRdkk4R14Lda0pCAam4m5O1n6CaN4+20oxwu7hgdRyJAGD496zQRxDig5xe2x
oYwOiSTvwX4szjIonhLGte5xE/RjBQBW8oavI7us3Rb64BCQMx/3QefBapxg3cdg
E3E=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:56:53 2024 by rpki-client on console-ams.rpki-client.org