Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/94aecf12-a0a8-43cd-b24c-37950ef5429d.roa
File:                     94aecf12-a0a8-43cd-b24c-37950ef5429d.roa (raw, json)
Hash identifier:          M0G5gLJ3/brXgTNjLobSNYzZQCZju3ds90lPlPgeubc=
Subject key identifier:   80:63:B7:36:49:A8:4F:47:95:A2:F3:AB:65:55:89:3F:F2:40:4E:51
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       4BE6CD214B68188674A65EB94D2ADE0363373232
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/94aecf12-a0a8-43cd-b24c-37950ef5429d.roa
Signing time:             Mon 11 Sep 2023 00:00:00 +0000
ROA not before:           Mon 11 Sep 2023 00:00:00 +0000
ROA not after:            Mon 16 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da27::/36 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 13 Sep 2023 03:01:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:e6:cd:21:4b:68:18:86:74:a6:5e:b9:4d:2a:de:03:63:37:32:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Sep 11 00:00:00 2023 GMT
            Not After : Oct 16 23:59:59 2023 GMT
        Subject: serialNumber=3486803b73b6276930d0ebcdf54a93852fab5afb4bbcf65a9ef6ae37a73ecb91, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:b0:26:a0:dd:9c:ed:27:f5:84:5b:83:de:3e:
                    4a:b6:71:b0:da:97:ec:a5:15:da:17:67:65:86:10:
                    4d:eb:07:4c:78:19:e7:51:b9:aa:28:1f:03:d4:04:
                    d4:bf:ee:e6:de:4a:54:bf:90:fa:76:75:bc:f5:e3:
                    a4:ea:df:64:98:16:f2:12:4b:f1:1e:d9:f9:ce:ff:
                    b7:57:a7:10:73:13:8c:ac:c3:0d:9a:01:d6:b5:4a:
                    a3:e2:8f:88:b2:ad:33:63:1f:9f:a4:91:0a:63:12:
                    e5:96:12:67:e5:65:93:bb:a2:f6:43:81:f3:c3:41:
                    a9:cf:09:36:1f:fa:4a:d5:f7:6b:af:91:6b:15:22:
                    b1:00:c6:ae:7c:6b:8a:55:10:84:de:b0:98:dd:d8:
                    62:fd:c1:94:23:df:05:ff:35:3d:f4:25:1c:d5:14:
                    be:53:f3:36:61:5b:19:26:6d:2a:0b:fe:35:26:88:
                    6b:3d:33:09:e5:fc:5f:d4:db:f8:0c:58:48:3d:7b:
                    cd:1a:08:c5:d4:98:a7:0f:11:0a:a1:29:ef:1b:27:
                    a8:af:97:f5:34:5e:a1:b2:1f:3e:36:c0:1a:d4:20:
                    f2:d0:4d:f6:b7:7f:71:13:10:81:ef:af:21:6e:d6:
                    0f:ee:bf:1a:5b:b6:c8:16:51:ef:dc:4f:90:db:d2:
                    3d:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:63:B7:36:49:A8:4F:47:95:A2:F3:AB:65:55:89:3F:F2:40:4E:51
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/94aecf12-a0a8-43cd-b24c-37950ef5429d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da27::/36

    Signature Algorithm: sha256WithRSAEncryption
         bf:78:27:7c:7d:b8:6c:10:bc:aa:c1:89:dd:dc:18:81:58:54:
         fd:35:fc:2d:c3:41:28:db:08:fc:7c:0f:e9:ea:3a:7d:de:80:
         2d:02:d3:24:0e:3d:c9:3d:66:f3:ba:e5:74:30:c5:37:a3:4b:
         6b:11:89:b8:3e:0f:a4:d5:b3:92:a4:b5:20:7e:03:ae:38:d1:
         63:4c:75:3c:3f:75:a9:61:67:f0:c7:8c:7e:c9:4e:e4:1e:3e:
         4d:67:3d:b7:ed:82:76:ab:27:64:6d:15:97:60:b7:1e:48:68:
         1d:4a:80:ce:f6:c5:39:f0:24:f5:15:32:10:a5:e8:84:19:31:
         8f:ab:3d:bd:a4:dc:9f:52:f9:2f:69:2e:c1:0d:f1:59:d6:13:
         75:40:b7:08:b0:73:ea:2c:13:10:45:a7:c6:eb:af:54:b9:9c:
         64:bd:0d:53:32:75:09:32:5d:c5:77:f5:30:0e:59:48:a0:0e:
         69:da:e5:f1:08:e8:a3:81:33:87:f8:72:23:90:a8:5b:47:f2:
         23:6e:f6:81:50:5c:22:2a:82:d1:13:2e:42:3b:22:a9:0b:6a:
         c9:2a:6f:90:ec:95:a6:02:b6:83:b6:bd:02:e9:dc:a1:ea:a2:
         1a:aa:e6:c6:be:1f:ab:4e:69:c3:46:66:2a:a4:bc:37:cc:1c:
         a0:f4:8a:55
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUS+bNIUtoGIZ0pl65TSreA2M3MjIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkxMTAwMDAwMFoX
DTIzMTAxNjIzNTk1OVowejFJMEcGA1UEBRNAMzQ4NjgwM2I3M2I2Mjc2OTMwZDBl
YmNkZjU0YTkzODUyZmFiNWFmYjRiYmNmNjVhOWVmNmFlMzdhNzNlY2I5MTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLAmoN2c7Sf1hFuD3j5KtnGw2pfs
pRXaF2dlhhBN6wdMeBnnUbmqKB8D1ATUv+7m3kpUv5D6dnW89eOk6t9kmBbyEkvx
Htn5zv+3V6cQcxOMrMMNmgHWtUqj4o+Isq0zYx+fpJEKYxLllhJn5WWTu6L2Q4Hz
w0Gpzwk2H/pK1fdrr5FrFSKxAMaufGuKVRCE3rCY3dhi/cGUI98F/zU99CUc1RS+
U/M2YVsZJm0qC/41JohrPTMJ5fxf1Nv4DFhIPXvNGgjF1JinDxEKoSnvGyeor5f1
NF6hsh8+NsAa1CDy0E32t39xExCB768hbtYP7r8aW7bIFlHv3E+Q29I9xwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFIBjtzZJqE9HlaLzq2VViT/yQE5RMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzk0YWVjZjEyLWEwYTgtNDNjZC1iMjRjLTM3OTUwZWY1NDI5ZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYEJAbaJwAwDQYJKoZIhvcNAQELBQADggEBAL94J3x9uGwQvKrBid3c
GIFYVP01/C3DQSjbCPx8D+nqOn3egC0C0yQOPck9ZvO65XQwxTejS2sRibg+D6TV
s5KktSB+A6440WNMdTw/dalhZ/DHjH7JTuQePk1nPbftgnarJ2RtFZdgtx5IaB1K
gM72xTnwJPUVMhCl6IQZMY+rPb2k3J9S+S9pLsEN8VnWE3VAtwiwc+osExBFp8br
r1S5nGS9DVMydQkyXcV39TAOWUigDmna5fEI6KOBM4f4ciOQqFtH8iNu9oFQXCIq
gtETLkI7IqkLaskqb5DslaYCtoO2vQLp3KHqohqq5sa+H6tOacNGZiqkvDfMHKD0
ilU=
-----END CERTIFICATE-----
Generated at Mon Sep 11 15:37:31 2023 by rpki-client on console-fra.rpki-client.org