Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/92dc1a64-e791-49e1-9f1f-bdbb374adfa6.roa
File:                     92dc1a64-e791-49e1-9f1f-bdbb374adfa6.roa (raw, json)
Hash identifier:          wJEmxHqkoaDP4kUzUT1Os90+JLoIrmZY06x6330w4MA=
Subject key identifier:   4C:D9:6E:D2:6F:69:69:2E:F1:DC:2C:38:93:98:0F:44:D3:D0:EF:FF
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       3B7355C8C4F9CEE185A267E4B2285110D8E994A7
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/92dc1a64-e791-49e1-9f1f-bdbb374adfa6.roa
Signing time:             Mon 07 Jul 2025 16:00:03 +0000
ROA not before:           Mon 07 Jul 2025 16:00:03 +0000
ROA not after:            Mon 11 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        43.198.0.0/15 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 14 Jul 2025 00:08:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:73:55:c8:c4:f9:ce:e1:85:a2:67:e4:b2:28:51:10:d8:e9:94:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul  7 16:00:03 2025 GMT
            Not After : Aug 11 23:59:59 2025 GMT
        Subject: serialNumber=aec31222d754cab6c2f2c68dfcccede22664f904ac18d8d5bfef5f763cf26329, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:dd:6f:8d:12:82:9e:dc:7a:6e:0b:3d:e1:32:
                    2b:36:c4:25:82:aa:14:c9:65:99:c8:b6:16:ae:62:
                    41:62:6e:2d:b2:3c:a4:34:33:82:64:6b:14:4f:db:
                    c8:19:94:0f:81:30:e9:f3:e4:00:de:39:d0:74:c2:
                    6b:9a:e5:c8:cd:3e:31:95:c6:d5:9e:91:9c:3f:cc:
                    ce:32:6f:12:09:e1:5f:19:d8:de:44:f4:a3:59:34:
                    6c:b1:52:be:0d:c4:b0:2c:c4:e7:cd:69:62:7e:16:
                    6f:a4:30:48:52:5d:68:25:07:05:98:79:78:3b:15:
                    49:df:a5:4a:42:ea:ac:d1:61:48:1f:a7:5e:72:ef:
                    3e:87:b2:f0:8a:73:b8:0b:48:fc:3a:7d:21:7b:43:
                    93:69:2b:e4:78:5f:62:e1:0b:55:ee:04:4f:60:d3:
                    52:02:97:0f:8f:d5:6d:4e:42:62:1e:be:b3:77:0a:
                    42:ca:21:9d:3e:0d:94:9e:93:d3:af:25:2f:ce:36:
                    60:7f:89:27:03:37:66:a5:8a:1d:fa:b1:dc:95:eb:
                    7d:2d:be:66:f3:43:43:21:c4:8f:a3:af:27:03:f5:
                    34:25:2f:06:a3:20:23:38:0a:0c:0e:3e:c6:c0:50:
                    f8:d5:11:bd:39:61:4a:d1:45:9e:64:3c:3f:30:7c:
                    9e:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:D9:6E:D2:6F:69:69:2E:F1:DC:2C:38:93:98:0F:44:D3:D0:EF:FF
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/92dc1a64-e791-49e1-9f1f-bdbb374adfa6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.198.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         45:e6:e1:c5:db:ba:d5:c2:6a:41:94:37:0e:9e:50:08:ed:55:
         52:51:e7:3e:ca:f0:06:25:2a:c7:a1:02:66:a8:ee:bd:53:18:
         83:2c:5d:e0:86:81:38:0d:03:a2:59:9d:3a:bf:9b:c7:47:08:
         0a:8d:74:33:05:30:01:1c:45:5f:d2:17:0b:ab:d3:9f:8e:ab:
         ce:7c:f4:0d:89:66:90:bf:a2:32:26:87:d4:92:44:cb:3e:a1:
         61:6b:f6:c0:50:45:ff:59:71:3b:e8:33:86:95:86:41:7f:eb:
         04:91:1c:c7:8f:7d:af:ba:b3:d3:65:8b:46:07:2e:15:30:af:
         49:1f:c0:18:d7:f5:d2:0a:95:b5:1e:ce:9a:53:a7:7e:55:b9:
         a0:02:51:d1:14:3b:8f:b3:45:e7:94:22:b3:ca:fb:63:dd:e3:
         c1:19:42:69:8c:a7:fc:f7:ef:ed:1a:00:cf:a3:5d:59:57:78:
         0a:7e:18:fe:9d:07:14:56:24:d9:f7:c4:f3:a6:12:87:de:4a:
         93:76:a5:f3:7b:3e:67:c5:cd:fb:2d:cf:2f:08:79:a6:55:60:
         15:12:59:e7:9b:a3:22:2f:2a:ed:4a:06:c6:45:f2:6e:32:c7:
         0e:df:81:bc:f2:42:92:28:1b:4c:67:b3:91:66:cc:8a:09:39:
         47:f9:dc:f2
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgIUO3NVyMT5zuGFomfksihRENjplKcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcwNzE2MDAwM1oX
DTI1MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAYWVjMzEyMjJkNzU0Y2FiNmMyZjJj
NjhkZmNjY2VkZTIyNjY0ZjkwNGFjMThkOGQ1YmZlZjVmNzYzY2YyNjMyOTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2t1vjRKCntx6bgs94TIrNsQlgqoU
yWWZyLYWrmJBYm4tsjykNDOCZGsUT9vIGZQPgTDp8+QA3jnQdMJrmuXIzT4xlcbV
npGcP8zOMm8SCeFfGdjeRPSjWTRssVK+DcSwLMTnzWlifhZvpDBIUl1oJQcFmHl4
OxVJ36VKQuqs0WFIH6decu8+h7LwinO4C0j8On0he0OTaSvkeF9i4QtV7gRPYNNS
ApcPj9VtTkJiHr6zdwpCyiGdPg2UnpPTryUvzjZgf4knAzdmpYod+rHclet9Lb5m
80NDIcSPo68nA/U0JS8GoyAjOAoMDj7GwFD41RG9OWFK0UWeZDw/MHyehwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFEzZbtJvaWku8dwsOJOYD0TT0O//MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzkyZGMxYTY0LWU3OTEtNDllMS05ZjFmLWJkYmIzNzRhZGZhNi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL
BAIAATAFAwMBK8YwDQYJKoZIhvcNAQELBQADggEBAEXm4cXbutXCakGUNw6eUAjt
VVJR5z7K8AYlKsehAmao7r1TGIMsXeCGgTgNA6JZnTq/m8dHCAqNdDMFMAEcRV/S
Fwur05+Oq8589A2JZpC/ojImh9SSRMs+oWFr9sBQRf9ZcTvoM4aVhkF/6wSRHMeP
fa+6s9Nli0YHLhUwr0kfwBjX9dIKlbUezppTp35VuaACUdEUO4+zReeUIrPK+2Pd
48EZQmmMp/z37+0aAM+jXVlXeAp+GP6dBxRWJNn3xPOmEofeSpN2pfN7PmfFzfst
zy8IeaZVYBUSWeeboyIvKu1KBsZF8m4yxw7fgbzyQpIoG0xns5FmzIoJOUf53PI=
-----END CERTIFICATE-----
Generated at Thu Jul 10 05:13:43 2025 by rpki-client