Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7af6d5b6-fa6f-4ab7-8316-c73abac19389.roa
File:                     7af6d5b6-fa6f-4ab7-8316-c73abac19389.roa (raw, json)
Hash identifier:          iiZ7fdhUcqerSlpL+9pl4KgVRZkzwQja1+jOmAOipuM=
Subject key identifier:   0A:D2:26:7A:6D:BB:94:49:11:47:7B:65:8F:61:F3:28:32:2E:CF:08
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       1CAE4668E7467F4EBA040C2B75FFF082638972A5
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7af6d5b6-fa6f-4ab7-8316-c73abac19389.roa
Signing time:             Mon 27 May 2024 00:00:00 +0000
ROA not before:           Mon 27 May 2024 00:00:00 +0000
ROA not after:            Mon 01 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da38:c800::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 24 Jun 2024 00:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1c:ae:46:68:e7:46:7f:4e:ba:04:0c:2b:75:ff:f0:82:63:89:72:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: May 27 00:00:00 2024 GMT
            Not After : Jul  1 23:59:59 2024 GMT
        Subject: serialNumber=77afa4ceccf6518b0a8f0db66857f6707c619917e2bcdacd96e068397da7c5bb, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:2d:a4:56:34:66:3c:34:65:db:6d:14:79:0c:
                    ed:e9:db:72:a7:4b:1d:82:35:94:a8:60:74:70:e1:
                    70:2c:01:f3:24:09:74:8e:c4:68:0c:00:96:27:95:
                    05:73:b7:a6:76:ff:7d:88:7e:68:6f:98:62:77:f8:
                    f1:e1:bc:ad:d4:ac:b4:3c:9b:4c:c4:f1:ef:72:8a:
                    34:52:ba:c3:96:5b:1a:5f:76:bf:f9:a3:43:1f:d6:
                    45:5f:f8:24:45:28:64:1b:ff:c8:38:b9:62:a4:d1:
                    cb:a2:7e:35:8f:b0:4b:65:5f:4d:2b:19:83:b1:18:
                    5d:9d:29:c0:12:e7:b0:d1:1a:d9:3b:1d:f1:fe:3d:
                    ea:d2:ef:d5:98:94:49:f3:87:e3:e0:d0:1f:86:fb:
                    af:49:4d:37:0b:e9:ab:8f:6e:98:c2:63:7f:0e:d7:
                    ed:04:c8:7a:2c:79:35:9a:de:7c:20:76:4d:f6:62:
                    1d:d1:70:e6:bc:61:98:e1:17:c0:da:03:e5:15:ce:
                    06:f4:9d:16:84:10:05:32:10:90:08:e3:56:a9:82:
                    6e:77:19:cc:49:1e:95:1c:1c:a3:b0:67:8f:e3:dd:
                    26:80:69:65:c5:16:c5:3c:b3:e6:97:2e:11:be:84:
                    a2:f7:b1:86:e5:f5:ba:d3:ad:cb:8b:02:ea:e7:45:
                    6e:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:D2:26:7A:6D:BB:94:49:11:47:7B:65:8F:61:F3:28:32:2E:CF:08
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7af6d5b6-fa6f-4ab7-8316-c73abac19389.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da38:c800::/40

    Signature Algorithm: sha256WithRSAEncryption
         52:b2:80:e2:c5:6c:94:1b:7b:be:e7:e5:69:0f:44:cb:a4:8c:
         87:cc:16:71:f9:dc:fa:04:17:e6:29:63:a5:3a:79:80:37:c3:
         72:6e:72:aa:07:a5:4d:52:99:31:23:6f:28:81:05:01:54:6d:
         8c:80:6b:53:8c:b4:c6:2e:d4:4c:b5:32:7d:91:58:c2:ed:85:
         04:76:04:fa:b3:5e:2d:c5:74:b0:90:4b:68:74:c9:b8:34:f3:
         b5:9c:ca:c8:c3:ef:59:f0:46:eb:12:cc:5d:b8:f2:78:c8:1e:
         3d:e6:92:2d:ae:b6:19:51:80:dc:be:18:65:73:a9:80:87:7c:
         f7:77:30:32:b3:ed:d8:22:81:f9:ae:95:f8:5e:4e:18:67:b6:
         fc:02:43:c2:41:7d:97:ab:c7:36:ce:1b:68:53:4b:9c:3f:92:
         f8:c0:b4:80:d5:37:ad:72:48:6f:a3:ef:0f:b9:d3:53:37:aa:
         7b:93:af:90:44:30:64:39:fc:f7:d3:3a:9b:d3:53:5c:d3:63:
         b1:29:9c:20:e7:28:d5:82:39:73:27:ab:39:76:7e:f6:68:d4:
         d3:26:22:2d:57:47:aa:50:4c:b4:7d:50:c2:ab:c8:9f:b0:f6:
         f4:13:e9:48:2e:22:76:1d:55:43:56:16:61:7d:4e:54:04:87:
         d8:db:55:59
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUHK5GaOdGf066BAwrdf/wgmOJcqUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUyNzAwMDAwMFoX
DTI0MDcwMTIzNTk1OVowejFJMEcGA1UEBRNANzdhZmE0Y2VjY2Y2NTE4YjBhOGYw
ZGI2Njg1N2Y2NzA3YzYxOTkxN2UyYmNkYWNkOTZlMDY4Mzk3ZGE3YzViYjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvS2kVjRmPDRl220UeQzt6dtyp0sd
gjWUqGB0cOFwLAHzJAl0jsRoDACWJ5UFc7emdv99iH5ob5hid/jx4byt1Ky0PJtM
xPHvcoo0UrrDllsaX3a/+aNDH9ZFX/gkRShkG//IOLlipNHLon41j7BLZV9NKxmD
sRhdnSnAEuew0RrZOx3x/j3q0u/VmJRJ84fj4NAfhvuvSU03C+mrj26YwmN/Dtft
BMh6LHk1mt58IHZN9mId0XDmvGGY4RfA2gPlFc4G9J0WhBAFMhCQCONWqYJudxnM
SR6VHByjsGeP490mgGllxRbFPLPmly4RvoSi97GG5fW6063LiwLq50VuRwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFArSJnptu5RJEUd7ZY9h8ygyLs8IMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzdhZjZkNWI2LWZhNmYtNGFiNy04MzE2LWM3M2FiYWMxOTM4OS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaOMgwDQYJKoZIhvcNAQELBQADggEBAFKygOLFbJQbe77n5WkP
RMukjIfMFnH53PoEF+YpY6U6eYA3w3JucqoHpU1SmTEjbyiBBQFUbYyAa1OMtMYu
1Ey1Mn2RWMLthQR2BPqzXi3FdLCQS2h0ybg087WcysjD71nwRusSzF248njIHj3m
ki2uthlRgNy+GGVzqYCHfPd3MDKz7dgigfmulfheThhntvwCQ8JBfZerxzbOG2hT
S5w/kvjAtIDVN61ySG+j7w+501M3qnuTr5BEMGQ5/PfTOpvTU1zTY7EpnCDnKNWC
OXMnqzl2fvZo1NMmIi1XR6pQTLR9UMKryJ+w9vQT6UguInYdVUNWFmF9TlQEh9jb
VVk=
-----END CERTIFICATE-----
Generated at Thu Jun 20 01:11:16 2024 by rpki-client on console-fra.rpki-client.org