Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7df6bca0-8cd5-4f91-9650-444a54f32a1e.roa
File:                     7df6bca0-8cd5-4f91-9650-444a54f32a1e.roa (raw, json)
Hash identifier:          8WK0LCm/+5eh1T1KNnFFv8Hr7sVmhoK2zfhZ19gYGFU=
Subject key identifier:   0D:F7:57:5E:B6:46:37:BD:6C:B1:DF:42:48:78:32:9D:18:BC:AB:1D
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       1E0C079B94BD0890FE79879E887840F3CAE21FFD
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7df6bca0-8cd5-4f91-9650-444a54f32a1e.roa
Signing time:             Mon 27 May 2024 00:00:00 +0000
ROA not before:           Mon 27 May 2024 00:00:00 +0000
ROA not after:            Mon 01 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da30:6000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 19 Jun 2024 00:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:0c:07:9b:94:bd:08:90:fe:79:87:9e:88:78:40:f3:ca:e2:1f:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: May 27 00:00:00 2024 GMT
            Not After : Jul  1 23:59:59 2024 GMT
        Subject: serialNumber=e816e8bf743e80dccaccdab601d524ccc0a95b3b8ce6765d73d120650a481db5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:9c:78:f1:0f:b8:e1:db:d4:f0:da:51:14:ae:
                    70:c7:a2:df:f2:f1:49:b8:2c:66:56:54:46:7f:d1:
                    3a:cd:12:12:a7:92:50:5b:8f:9b:79:34:84:0e:cf:
                    6c:dd:e4:b9:1c:6f:5c:51:b3:99:ed:79:82:68:f9:
                    99:75:5b:22:b0:b1:e8:fe:6b:9f:25:49:2c:ec:6b:
                    6a:db:86:53:97:03:bb:32:84:f9:c3:4c:da:71:a5:
                    49:3a:7c:0a:5a:3c:0f:a7:51:2d:35:a4:af:ba:20:
                    73:ac:e6:21:af:f8:f2:9b:71:08:4a:b3:3e:d6:20:
                    9a:98:99:d6:43:70:36:f4:ed:46:8f:4d:d5:9e:09:
                    ad:fb:8b:71:4c:72:59:8f:b5:4f:4e:f4:fb:09:bb:
                    12:2d:e8:b3:49:9e:91:92:5c:79:5c:0f:7f:99:45:
                    fb:ec:24:0e:91:d2:d3:ba:25:75:b4:21:b8:73:ce:
                    73:a5:aa:b7:a9:6c:ce:b1:7b:46:c9:46:70:36:ed:
                    27:cf:83:c3:2e:7a:5c:d3:e5:f7:af:10:b0:1b:53:
                    36:ed:c4:74:3a:b9:2d:cc:67:20:10:15:5f:79:72:
                    b7:60:46:fc:03:2a:6e:b1:7a:02:60:a6:d9:30:39:
                    08:e1:aa:bf:d2:ad:9a:35:c2:90:e8:5d:c2:2e:25:
                    ed:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:F7:57:5E:B6:46:37:BD:6C:B1:DF:42:48:78:32:9D:18:BC:AB:1D
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7df6bca0-8cd5-4f91-9650-444a54f32a1e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da30:6000::/40

    Signature Algorithm: sha256WithRSAEncryption
         3b:86:6d:e6:ce:25:26:7e:8a:75:60:c2:0a:78:8e:68:69:82:
         ae:47:0e:eb:ab:47:81:4d:a9:81:72:2a:f8:20:b0:69:15:a3:
         42:fe:1b:d7:a7:f3:18:51:b8:35:c8:32:be:50:34:bc:2d:68:
         4f:82:94:a2:74:6f:25:81:ad:4f:39:97:1d:55:70:74:1e:cc:
         45:84:64:35:9f:c4:90:6e:b5:0d:d7:23:70:67:1d:7f:c3:27:
         66:51:65:22:15:de:81:65:da:30:0b:00:d8:97:5b:ee:73:bf:
         e8:b4:ca:da:a5:2c:32:fa:2d:d6:dc:ea:e9:43:12:c4:9c:4d:
         0f:fd:10:ed:08:df:f5:d7:e0:7d:a2:78:22:9a:4c:75:fa:40:
         25:9e:fd:39:7d:92:84:1e:7c:bf:c4:f5:95:91:8c:36:1e:ec:
         7a:62:cb:ba:61:00:be:f6:77:28:83:cb:ad:61:52:87:ef:90:
         f3:43:b5:4b:41:3b:11:75:75:69:81:85:3f:7b:9d:d3:0a:60:
         aa:43:b2:ea:83:0b:f6:14:1d:73:c2:c9:36:28:cb:26:b8:3d:
         bf:b0:1b:53:29:5e:3b:18:09:96:fd:f1:7f:ff:08:2a:cd:05:
         8b:00:0e:6f:c0:63:cf:61:42:b9:96:55:be:df:a1:dd:50:b5:
         8d:a8:a4:c9
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUHgwHm5S9CJD+eYeeiHhA88riH/0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUyNzAwMDAwMFoX
DTI0MDcwMTIzNTk1OVowejFJMEcGA1UEBRNAZTgxNmU4YmY3NDNlODBkY2NhY2Nk
YWI2MDFkNTI0Y2NjMGE5NWIzYjhjZTY3NjVkNzNkMTIwNjUwYTQ4MWRiNTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJx48Q+44dvU8NpRFK5wx6Lf8vFJ
uCxmVlRGf9E6zRISp5JQW4+beTSEDs9s3eS5HG9cUbOZ7XmCaPmZdVsisLHo/muf
JUks7Gtq24ZTlwO7MoT5w0zacaVJOnwKWjwPp1EtNaSvuiBzrOYhr/jym3EISrM+
1iCamJnWQ3A29O1Gj03Vngmt+4txTHJZj7VPTvT7CbsSLeizSZ6Rklx5XA9/mUX7
7CQOkdLTuiV1tCG4c85zpaq3qWzOsXtGyUZwNu0nz4PDLnpc0+X3rxCwG1M27cR0
OrktzGcgEBVfeXK3YEb8AypusXoCYKbZMDkI4aq/0q2aNcKQ6F3CLiXtawIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFA33V162Rje9bLHfQkh4Mp0YvKsdMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzdkZjZiY2EwLThjZDUtNGY5MS05NjUwLTQ0NGE1NGYzMmExZS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaMGAwDQYJKoZIhvcNAQELBQADggEBADuGbebOJSZ+inVgwgp4
jmhpgq5HDuurR4FNqYFyKvggsGkVo0L+G9en8xhRuDXIMr5QNLwtaE+ClKJ0byWB
rU85lx1VcHQezEWEZDWfxJButQ3XI3BnHX/DJ2ZRZSIV3oFl2jALANiXW+5zv+i0
ytqlLDL6Ldbc6ulDEsScTQ/9EO0I3/XX4H2ieCKaTHX6QCWe/Tl9koQefL/E9ZWR
jDYe7Hpiy7phAL72dyiDy61hUofvkPNDtUtBOxF1dWmBhT97ndMKYKpDsuqDC/YU
HXPCyTYoyya4Pb+wG1MpXjsYCZb98X//CCrNBYsADm/AY89hQrmWVb7fod1QtY2o
pMk=
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:01:50 2024 by rpki-client on console-fra.rpki-client.org