Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/78343754-5d6e-4ded-9b4c-d9d70b6ccac8.roa
File:                     78343754-5d6e-4ded-9b4c-d9d70b6ccac8.roa (raw, json)
Hash identifier:          ylyXbn83z/q/Nf1hoTuKYDhnxlw8yfcZjDn+9dzra7k=
Subject key identifier:   38:1D:D6:05:3D:E4:CA:F5:6E:7C:8C:EC:0A:BD:7D:EB:79:9E:7F:8A
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       61616B71C8DEB951524031C31DC7ED910ACDB4E7
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/78343754-5d6e-4ded-9b4c-d9d70b6ccac8.roa
Signing time:             Fri 14 Jun 2024 00:00:00 +0000
ROA not before:           Fri 14 Jun 2024 00:00:00 +0000
ROA not after:            Fri 19 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf5:9000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 19 Jun 2024 00:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:61:6b:71:c8:de:b9:51:52:40:31:c3:1d:c7:ed:91:0a:cd:b4:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jun 14 00:00:00 2024 GMT
            Not After : Jul 19 23:59:59 2024 GMT
        Subject: serialNumber=3ca41baf12998f9cd58b4b720eb82410f4bdbad5f85287eed5edd96b44aa602a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:89:a8:49:9d:af:bf:52:f7:e5:66:cf:97:74:
                    8f:5e:02:2a:36:d7:40:b9:a6:d4:2c:d2:26:c7:85:
                    00:77:87:cd:9e:da:9d:b1:ee:cc:e4:cc:42:82:1f:
                    c1:6d:c2:30:4c:09:a1:64:74:61:db:f3:66:d4:1f:
                    bf:fa:58:f0:61:a0:46:a1:98:49:04:83:f9:c4:25:
                    45:8a:83:17:35:b4:33:9e:c6:b1:95:78:5a:c9:f6:
                    e4:9b:86:a1:92:f9:a0:dc:a3:f3:5b:58:68:d6:83:
                    df:b0:7f:2e:36:89:fa:6a:ed:2e:87:5c:2c:49:84:
                    3d:cb:ca:d2:3d:a1:d2:77:6d:32:08:49:2a:2b:90:
                    b9:19:0c:40:2a:d0:ab:ae:86:c3:2e:3b:12:c9:f1:
                    3c:ee:a3:a0:fe:45:c3:d8:83:ad:00:bb:52:0b:7c:
                    f5:83:2c:45:aa:7c:ac:9d:30:6e:d3:91:c3:f5:3e:
                    ea:2d:f2:0c:98:33:54:0a:bd:8e:ea:c7:58:47:ac:
                    a4:51:5b:66:5c:f8:2b:99:03:3c:e3:6e:0d:fd:d4:
                    40:7d:94:52:ec:d0:3e:34:ad:6f:2e:1c:75:1a:a0:
                    43:a0:be:9f:8d:e8:11:9d:42:45:ca:f1:c3:dd:f3:
                    4e:ad:b2:7a:c4:f0:d3:b7:eb:67:d1:79:91:b3:ce:
                    78:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:1D:D6:05:3D:E4:CA:F5:6E:7C:8C:EC:0A:BD:7D:EB:79:9E:7F:8A
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/78343754-5d6e-4ded-9b4c-d9d70b6ccac8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf5:9000::/40

    Signature Algorithm: sha256WithRSAEncryption
         0b:8b:5b:11:cf:87:42:e7:5a:24:1d:8c:23:d2:3f:f1:8e:8c:
         86:a4:ec:9a:68:1b:6a:47:77:41:ba:23:d3:a2:0e:51:a8:57:
         13:0f:97:88:2b:f6:81:c7:e9:bd:c9:a6:86:46:7e:7b:a3:a7:
         a7:d5:19:92:a0:48:b7:37:ce:8e:e5:61:8b:65:75:2b:dd:90:
         bb:d9:cf:a7:79:cf:98:07:ac:1d:da:e5:d9:1a:a1:ce:cc:fa:
         f4:f5:9e:d8:da:9a:8a:4a:c0:ad:8b:78:c5:bb:1b:de:d6:0b:
         53:20:b3:c8:02:41:a7:10:0d:cf:d2:4e:7e:e7:64:80:cc:81:
         46:3f:67:2b:64:51:2e:d1:0d:b7:d7:a3:a5:9b:fc:3e:a3:89:
         14:a9:95:b3:9b:8d:76:b1:30:fc:66:0b:3b:ac:01:46:00:10:
         df:fd:6f:99:65:33:8f:8d:fb:77:cd:01:04:37:0d:00:a4:a1:
         b6:fa:3a:c8:c5:91:ae:9f:2c:7d:e0:73:b0:6d:14:4d:96:ac:
         2e:40:85:d1:c6:66:bd:08:ec:b0:d3:c0:5b:74:da:fc:c3:f7:
         15:82:39:93:53:0c:ca:15:62:95:22:68:16:46:da:55:5c:6c:
         77:d1:c8:2c:4f:31:ad:1b:45:75:0e:f9:f2:f3:0a:ad:8a:80:
         33:04:a6:c4
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUYWFrccjeuVFSQDHDHcftkQrNtOcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDYxNDAwMDAwMFoX
DTI0MDcxOTIzNTk1OVowejFJMEcGA1UEBRNAM2NhNDFiYWYxMjk5OGY5Y2Q1OGI0
YjcyMGViODI0MTBmNGJkYmFkNWY4NTI4N2VlZDVlZGQ5NmI0NGFhNjAyYTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYmoSZ2vv1L35WbPl3SPXgIqNtdA
uabULNImx4UAd4fNntqdse7M5MxCgh/BbcIwTAmhZHRh2/Nm1B+/+ljwYaBGoZhJ
BIP5xCVFioMXNbQznsaxlXhayfbkm4ahkvmg3KPzW1ho1oPfsH8uNon6au0uh1ws
SYQ9y8rSPaHSd20yCEkqK5C5GQxAKtCrrobDLjsSyfE87qOg/kXD2IOtALtSC3z1
gyxFqnysnTBu05HD9T7qLfIMmDNUCr2O6sdYR6ykUVtmXPgrmQM8424N/dRAfZRS
7NA+NK1vLhx1GqBDoL6fjegRnUJFyvHD3fNOrbJ6xPDTt+tn0XmRs854pwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFDgd1gU95Mr1bnyM7Aq9fet5nn+KMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzc4MzQzNzU0LTVkNmUtNGRlZC05YjRjLWQ5ZDcwYjZjY2FjOC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba9ZAwDQYJKoZIhvcNAQELBQADggEBAAuLWxHPh0LnWiQdjCPS
P/GOjIak7JpoG2pHd0G6I9OiDlGoVxMPl4gr9oHH6b3JpoZGfnujp6fVGZKgSLc3
zo7lYYtldSvdkLvZz6d5z5gHrB3a5dkaoc7M+vT1ntjamopKwK2LeMW7G97WC1Mg
s8gCQacQDc/STn7nZIDMgUY/ZytkUS7RDbfXo6Wb/D6jiRSplbObjXaxMPxmCzus
AUYAEN/9b5llM4+N+3fNAQQ3DQCkobb6OsjFka6fLH3gc7BtFE2WrC5AhdHGZr0I
7LDTwFt02vzD9xWCOZNTDMoVYpUiaBZG2lVcbHfRyCxPMa0bRXUO+fLzCq2KgDME
psQ=
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:01:50 2024 by rpki-client on console-fra.rpki-client.org