Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/996cc3b8-0df0-4f17-97f0-d59aa845427c.roa
File:                     996cc3b8-0df0-4f17-97f0-d59aa845427c.roa (raw, json)
Hash identifier:          PXlNfw0im5rWc/PrgmpMhN8SHzmQM8Wa8Lk13MRxwkk=
Subject key identifier:   4E:5B:59:9C:56:03:74:16:B4:EB:C1:BC:87:15:0E:A2:6E:19:6C:5B
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       2D6C6813F98270A2448AB89054DF638819E381B3
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/996cc3b8-0df0-4f17-97f0-d59aa845427c.roa
Signing time:             Fri 07 Jun 2024 00:00:00 +0000
ROA not before:           Fri 07 Jun 2024 00:00:00 +0000
ROA not after:            Fri 12 Jul 2024 23:59:59 +0000
asID:                     14618
IP address blocks:        2406:da00:ff00::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 29 Jun 2024 00:21:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:6c:68:13:f9:82:70:a2:44:8a:b8:90:54:df:63:88:19:e3:81:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jun  7 00:00:00 2024 GMT
            Not After : Jul 12 23:59:59 2024 GMT
        Subject: serialNumber=e68c9955e75bac675deb9a7ebf4cf0c0dd429772a2bb90d09a4af67fd64bebaa, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:71:ab:b3:e5:79:3f:30:97:23:5a:84:e8:be:
                    94:b5:7b:a1:67:27:34:63:8f:05:57:33:70:e0:ad:
                    39:24:ad:be:7c:c5:54:a6:72:06:31:bb:47:53:52:
                    04:c3:36:35:41:67:be:03:36:92:11:ec:b8:72:44:
                    fe:4b:5e:89:29:c0:99:d1:0b:17:54:db:20:4f:e7:
                    37:30:56:44:7a:0d:2e:ee:f2:44:78:09:36:03:09:
                    92:3d:79:f5:c7:29:8d:b8:7a:e6:0e:3e:58:cc:57:
                    0e:b6:f6:db:75:69:2d:5d:b7:13:23:1e:d6:bb:8c:
                    b7:67:f5:a8:83:cb:50:a8:dd:fd:6e:b1:70:a2:e0:
                    e1:3d:99:cb:17:d1:df:bf:cb:2c:e0:da:4d:52:80:
                    e1:76:71:03:ec:fa:f3:b9:90:f3:a4:f9:ea:5c:da:
                    a9:86:85:2c:f1:83:a8:01:bb:1a:7a:83:3d:16:74:
                    ad:37:2c:99:4a:8b:4b:3b:5d:69:f6:63:4b:1a:3e:
                    15:7f:2e:9c:8c:e2:01:a0:44:f6:b0:d9:03:f6:c3:
                    b5:25:3a:ef:15:77:59:c6:2e:db:9c:b5:fc:e7:cd:
                    cd:8e:44:0e:31:c7:16:f8:92:1d:7a:23:3d:32:46:
                    7a:19:b8:5f:16:2b:39:d0:27:b1:90:6f:2d:9b:57:
                    1c:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:5B:59:9C:56:03:74:16:B4:EB:C1:BC:87:15:0E:A2:6E:19:6C:5B
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/996cc3b8-0df0-4f17-97f0-d59aa845427c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da00:ff00::/48

    Signature Algorithm: sha256WithRSAEncryption
         7c:b6:18:0b:47:7e:42:76:a1:b4:e5:b0:34:cb:dc:d9:f3:8f:
         ac:3c:bd:0c:0e:c8:59:03:6b:6f:33:f2:9f:18:96:f6:3f:a2:
         84:14:2e:f7:72:c7:50:06:3b:70:a0:a3:d9:71:95:53:9c:1e:
         43:d1:01:7b:c9:90:ba:b9:ac:7f:b4:2e:06:33:14:8d:73:3f:
         5a:30:83:d0:52:a2:f8:da:06:d4:66:50:18:2d:60:61:45:e7:
         dc:cf:d6:27:52:22:a0:7a:b9:fa:a0:db:5e:fb:1f:da:d2:de:
         3d:c0:a5:8e:16:75:6e:0f:50:34:71:81:fb:8d:2d:bf:f9:49:
         2c:79:a7:2d:8f:9b:e9:48:00:79:32:33:07:0f:a0:6e:08:de:
         68:c3:3d:00:f7:b7:e9:61:3a:9d:15:27:75:3a:e8:fd:1d:fc:
         74:39:1f:ac:3c:09:79:4e:5f:b2:1f:c2:11:e3:e9:f7:27:ea:
         da:31:fd:fb:5c:32:65:54:f4:2b:a2:f4:3e:b5:d6:ff:64:56:
         42:92:3d:a8:59:7b:0f:c6:85:df:98:a6:9c:f7:58:79:8b:22:
         fb:9c:f4:3b:75:a7:7c:7f:36:c3:db:f2:7f:f8:7e:cf:d9:56:
         62:a4:b2:d2:28:1f:ca:26:e6:57:67:a4:9c:46:db:37:d9:3b:
         74:40:ef:67
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIULWxoE/mCcKJEiriQVN9jiBnjgbMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDYwNzAwMDAwMFoX
DTI0MDcxMjIzNTk1OVowejFJMEcGA1UEBRNAZTY4Yzk5NTVlNzViYWM2NzVkZWI5
YTdlYmY0Y2YwYzBkZDQyOTc3MmEyYmI5MGQwOWE0YWY2N2ZkNjRiZWJhYTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXGrs+V5PzCXI1qE6L6UtXuhZyc0
Y48FVzNw4K05JK2+fMVUpnIGMbtHU1IEwzY1QWe+AzaSEey4ckT+S16JKcCZ0QsX
VNsgT+c3MFZEeg0u7vJEeAk2AwmSPXn1xymNuHrmDj5YzFcOtvbbdWktXbcTIx7W
u4y3Z/Wog8tQqN39brFwouDhPZnLF9Hfv8ss4NpNUoDhdnED7PrzuZDzpPnqXNqp
hoUs8YOoAbsaeoM9FnStNyyZSotLO11p9mNLGj4Vfy6cjOIBoET2sNkD9sO1JTrv
FXdZxi7bnLX8583NjkQOMccW+JIdeiM9MkZ6GbhfFis50CexkG8tm1ccXwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFE5bWZxWA3QWtOvBvIcVDqJuGWxbMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzk5NmNjM2I4LTBkZjAtNGYxNy05N2YwLWQ1OWFhODQ1NDI3Yy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAbaAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQB8thgLR35CdqG05bA0
y9zZ84+sPL0MDshZA2tvM/KfGJb2P6KEFC73csdQBjtwoKPZcZVTnB5D0QF7yZC6
uax/tC4GMxSNcz9aMIPQUqL42gbUZlAYLWBhRefcz9YnUiKgern6oNte+x/a0t49
wKWOFnVuD1A0cYH7jS2/+Ukseactj5vpSAB5MjMHD6BuCN5owz0A97fpYTqdFSd1
Ouj9Hfx0OR+sPAl5Tl+yH8IR4+n3J+raMf37XDJlVPQrovQ+tdb/ZFZCkj2oWXsP
xoXfmKac91h5iyL7nPQ7dad8fzbD2/J/+H7P2VZipLLSKB/KJuZXZ6ScRts32Tt0
QO9n
-----END CERTIFICATE-----
Generated at Tue Jun 25 02:50:51 2024 by rpki-client on console-fra.rpki-client.org