Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/813fd8db-c853-44b7-bd55-127e1e4f5d24.roa
File:                     813fd8db-c853-44b7-bd55-127e1e4f5d24.roa (raw, json)
Hash identifier:          y8GJHT3jy9myB8yyM5rEXyS9tqZ0WPGu8eO77W9DmZE=
Subject key identifier:   FB:17:4A:F0:B8:6D:1C:E4:6F:56:2D:3A:3F:7F:1C:3F:96:F1:8E:D5
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       47E3AE20AB458C7BD1D74B1309ACA8D70FFA5ECF
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/813fd8db-c853-44b7-bd55-127e1e4f5d24.roa
Signing time:             Tue 16 Jul 2024 00:00:00 +0000
ROA not before:           Tue 16 Jul 2024 00:00:00 +0000
ROA not after:            Tue 20 Aug 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf0:9000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 19 Jul 2024 23:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:e3:ae:20:ab:45:8c:7b:d1:d7:4b:13:09:ac:a8:d7:0f:fa:5e:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 16 00:00:00 2024 GMT
            Not After : Aug 20 23:59:59 2024 GMT
        Subject: serialNumber=58a03945afa1e76c4f1657a61156ac338550cba2db7441a1b34fa2a87c4eaa6d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:f5:0f:73:9a:6e:9d:5e:c3:ba:5d:7d:e3:1f:
                    ce:97:07:fe:a7:80:91:d8:2e:ad:f5:6a:9a:71:87:
                    40:d0:03:01:37:ec:5c:c2:48:0e:15:c1:1b:8e:90:
                    78:10:91:78:03:12:54:3f:32:56:12:d9:d7:33:eb:
                    00:1f:d6:c4:95:ae:49:7c:83:f4:1e:de:9e:63:84:
                    c4:59:57:a4:ab:4f:cb:d6:f6:46:60:1b:3f:9b:47:
                    8a:f3:55:7c:32:55:7b:1a:3a:fc:ea:30:8d:c7:6b:
                    f2:14:96:88:61:70:99:2e:d0:1c:3f:6c:94:ab:11:
                    12:51:70:db:3e:f0:4c:13:bd:a2:3e:72:e9:8b:7e:
                    19:a9:dc:83:dd:84:ed:f2:bd:ea:d2:bb:fa:e4:69:
                    f1:2e:de:65:4d:11:b4:75:9d:f4:d9:03:2f:9c:a2:
                    31:42:6f:51:3b:4d:8d:30:a1:31:fc:a3:34:35:c7:
                    f7:70:06:da:c4:15:90:03:c9:b1:15:0a:42:1c:cb:
                    04:98:88:d4:0f:4a:81:6f:4f:2d:27:50:74:ae:d6:
                    34:41:c2:ce:cd:ae:86:53:ef:50:a6:99:f4:be:68:
                    3a:87:89:1a:80:fd:58:5f:fc:c7:14:58:13:b8:98:
                    46:f3:e2:d1:2b:ca:3b:50:8f:02:f0:05:b8:f6:fc:
                    aa:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:17:4A:F0:B8:6D:1C:E4:6F:56:2D:3A:3F:7F:1C:3F:96:F1:8E:D5
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/813fd8db-c853-44b7-bd55-127e1e4f5d24.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf0:9000::/40

    Signature Algorithm: sha256WithRSAEncryption
         30:5e:04:ad:a1:da:43:0f:6b:ba:07:a3:0c:f8:c7:d8:12:4c:
         59:d3:7e:1a:4e:9d:33:13:8f:91:75:9e:8d:05:4a:2e:a8:cc:
         5d:1a:5c:af:94:48:a3:29:0b:b9:7f:fe:95:77:88:4d:d2:33:
         9b:24:ec:45:04:3c:9e:52:d8:60:82:ec:79:b1:5c:4a:e7:d6:
         f4:77:9f:85:87:6f:6b:5f:fd:97:04:a4:28:82:96:8b:98:c3:
         e2:23:10:62:c9:76:16:a9:d5:a2:1c:8c:9a:86:ea:68:2d:9c:
         70:83:63:fc:16:d2:a6:18:f3:be:06:3d:42:ac:93:f2:f0:9a:
         39:7f:6c:cf:32:69:05:af:cb:3c:4a:bd:ea:87:8d:91:57:b8:
         18:27:81:af:d7:5f:fb:2d:fa:51:c6:f6:91:b2:ae:af:f0:53:
         cf:96:a4:cb:26:48:98:56:3d:c3:4c:29:ea:04:0c:0d:2a:f9:
         43:fa:d5:e9:48:10:33:af:d5:43:73:36:5c:ee:40:5b:64:33:
         fc:a1:bf:d8:ec:40:09:7d:cc:cf:c3:0b:ea:74:b1:f1:41:65:
         4e:a5:f3:5f:0a:91:62:01:f3:07:9a:44:9b:36:92:4b:3c:fa:
         13:4d:21:e6:fb:65:71:8d:6a:51:7e:ad:39:5b:c1:7d:7b:f2:
         9f:ad:6b:f6
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUR+OuIKtFjHvR10sTCayo1w/6Xs8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcxNjAwMDAwMFoX
DTI0MDgyMDIzNTk1OVowejFJMEcGA1UEBRNANThhMDM5NDVhZmExZTc2YzRmMTY1
N2E2MTE1NmFjMzM4NTUwY2JhMmRiNzQ0MWExYjM0ZmEyYTg3YzRlYWE2ZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPUPc5punV7Dul194x/Olwf+p4CR
2C6t9WqacYdA0AMBN+xcwkgOFcEbjpB4EJF4AxJUPzJWEtnXM+sAH9bEla5JfIP0
Ht6eY4TEWVekq0/L1vZGYBs/m0eK81V8MlV7Gjr86jCNx2vyFJaIYXCZLtAcP2yU
qxESUXDbPvBME72iPnLpi34ZqdyD3YTt8r3q0rv65GnxLt5lTRG0dZ302QMvnKIx
Qm9RO02NMKEx/KM0Ncf3cAbaxBWQA8mxFQpCHMsEmIjUD0qBb08tJ1B0rtY0QcLO
za6GU+9Qppn0vmg6h4kagP1YX/zHFFgTuJhG8+LRK8o7UI8C8AW49vyqoQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFPsXSvC4bRzkb1YtOj9/HD+W8Y7VMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzgxM2ZkOGRiLWM4NTMtNDRiNy1iZDU1LTEyN2UxZTRmNWQyNC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba8JAwDQYJKoZIhvcNAQELBQADggEBADBeBK2h2kMPa7oHowz4
x9gSTFnTfhpOnTMTj5F1no0FSi6ozF0aXK+USKMpC7l//pV3iE3SM5sk7EUEPJ5S
2GCC7HmxXErn1vR3n4WHb2tf/ZcEpCiClouYw+IjEGLJdhap1aIcjJqG6mgtnHCD
Y/wW0qYY874GPUKsk/Lwmjl/bM8yaQWvyzxKveqHjZFXuBgnga/XX/st+lHG9pGy
rq/wU8+WpMsmSJhWPcNMKeoEDA0q+UP61elIEDOv1UNzNlzuQFtkM/yhv9jsQAl9
zM/DC+p0sfFBZU6l818KkWIB8weaRJs2kks8+hNNIeb7ZXGNalF+rTlbwX178p+t
a/Y=
-----END CERTIFICATE-----
Generated at Tue Jul 16 02:05:57 2024 by rpki-client on console-fra.rpki-client.org