Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/99f57a1e-3186-4e34-800e-52aeee0fb0a4.roa
File:                     99f57a1e-3186-4e34-800e-52aeee0fb0a4.roa (raw, json)
Hash identifier:          8yrQSHDj6mvIBIchcbNWx8jirp8ZdIabZ15CCsNB0jw=
Subject key identifier:   E6:60:6F:46:AA:C2:98:6B:D7:FB:6B:94:1C:5C:49:68:4B:14:8B:3A
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       3A5589722D062E08B090656BB9F26D51DAF1DA52
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/99f57a1e-3186-4e34-800e-52aeee0fb0a4.roa
Signing time:             Mon 10 Jun 2024 00:00:00 +0000
ROA not before:           Mon 10 Jun 2024 00:00:00 +0000
ROA not after:            Mon 15 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da18:8000::/36 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 29 Jun 2024 00:21:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:55:89:72:2d:06:2e:08:b0:90:65:6b:b9:f2:6d:51:da:f1:da:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jun 10 00:00:00 2024 GMT
            Not After : Jul 15 23:59:59 2024 GMT
        Subject: serialNumber=2220161820febf499cd029ee266227638a4ad67970a2b0c943d63d4a26ddb078, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:66:78:f6:80:21:1d:47:55:fa:98:ca:59:a5:
                    c8:a2:0b:e2:89:43:a4:f1:31:7c:75:18:2c:8f:19:
                    b8:e1:e7:5d:2f:93:5e:60:9e:5f:9c:ae:d5:56:5a:
                    83:28:ab:38:3e:2f:76:22:58:aa:8b:87:7f:67:8e:
                    f5:bd:4b:6a:90:80:db:ef:9c:6d:94:eb:e8:1e:20:
                    f4:3b:bd:22:7b:14:cb:09:a9:29:58:36:1f:59:44:
                    12:ec:b1:e4:7c:53:ed:fc:85:a1:f1:6e:fe:9e:d7:
                    70:90:e2:f5:21:de:cf:e8:43:0d:ab:10:f7:c9:8c:
                    42:a1:95:d5:2e:62:02:4f:f8:af:00:1a:05:84:94:
                    b0:cc:f5:36:2b:c3:53:d9:e0:34:7a:e8:2f:c3:29:
                    19:ae:f6:e7:e8:35:bf:e9:96:b4:4e:45:5d:ec:04:
                    38:01:71:f4:5d:47:d0:70:30:15:d7:1e:7c:7e:fd:
                    4b:4a:f5:a8:4a:7d:26:d0:43:96:10:eb:a9:26:3d:
                    1b:85:97:51:26:3a:ca:c8:8a:f9:7e:e3:e0:fe:41:
                    04:19:cf:de:13:0d:70:41:63:6e:14:4b:89:09:85:
                    b0:86:2d:18:b0:85:77:58:3b:ee:01:a7:08:a4:d3:
                    15:a2:7f:14:ec:2d:7c:d3:44:f4:a0:07:94:fb:17:
                    e1:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:60:6F:46:AA:C2:98:6B:D7:FB:6B:94:1C:5C:49:68:4B:14:8B:3A
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/99f57a1e-3186-4e34-800e-52aeee0fb0a4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da18:8000::/36

    Signature Algorithm: sha256WithRSAEncryption
         7e:41:78:d1:c6:c6:47:45:41:4f:82:b4:ee:ed:c9:c9:07:ca:
         92:41:a9:36:c6:eb:79:cc:e4:a9:6b:27:a4:10:e5:8f:d0:56:
         35:a9:62:7b:e6:dd:f3:93:bc:0e:e9:76:01:6a:69:75:84:62:
         4e:a7:bb:ce:85:70:06:42:69:f2:57:dd:ae:02:0e:0a:8f:16:
         1e:e9:78:4e:cd:08:48:03:6e:e4:ee:08:2f:5a:9e:a6:04:2f:
         78:9b:6a:fa:51:82:c2:67:86:02:b8:b7:f5:3c:a1:66:89:bf:
         a4:f7:d8:f1:16:f3:61:62:ce:98:0c:81:23:32:46:d1:1d:34:
         69:bb:ce:70:f4:f2:af:13:d7:f9:da:46:27:4b:04:7b:b8:a5:
         0a:b5:1c:e0:9a:10:ee:4f:4d:6f:b6:23:a9:ef:22:bf:5c:2b:
         02:b2:ba:dd:ec:c2:ee:ae:74:4b:b1:79:54:72:a7:64:14:ea:
         b3:51:68:3e:8d:12:ac:10:8e:07:1e:08:09:48:1b:71:b3:57:
         44:17:fe:61:04:0b:86:81:e0:64:bf:5e:ac:3b:e2:78:ab:fb:
         98:d7:60:cf:e7:f2:b6:8e:46:3a:64:9c:c0:6a:87:63:85:1d:
         43:d3:1a:b0:30:f5:40:6d:68:cb:26:76:76:3a:22:7f:83:8c:
         b2:d7:4f:15
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUOlWJci0GLgiwkGVrufJtUdrx2lIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDYxMDAwMDAwMFoX
DTI0MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAMjIyMDE2MTgyMGZlYmY0OTljZDAy
OWVlMjY2MjI3NjM4YTRhZDY3OTcwYTJiMGM5NDNkNjNkNGEyNmRkYjA3ODEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWZ49oAhHUdV+pjKWaXIogviiUOk
8TF8dRgsjxm44eddL5NeYJ5fnK7VVlqDKKs4Pi92Iliqi4d/Z471vUtqkIDb75xt
lOvoHiD0O70iexTLCakpWDYfWUQS7LHkfFPt/IWh8W7+ntdwkOL1Id7P6EMNqxD3
yYxCoZXVLmICT/ivABoFhJSwzPU2K8NT2eA0eugvwykZrvbn6DW/6Za0TkVd7AQ4
AXH0XUfQcDAV1x58fv1LSvWoSn0m0EOWEOupJj0bhZdRJjrKyIr5fuPg/kEEGc/e
Ew1wQWNuFEuJCYWwhi0YsIV3WDvuAacIpNMVon8U7C1800T0oAeU+xfhFwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFOZgb0aqwphr1/trlBxcSWhLFIs6MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzk5ZjU3YTFlLTMxODYtNGUzNC04MDBlLTUyYWVlZTBmYjBhNC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYEJAbaGIAwDQYJKoZIhvcNAQELBQADggEBAH5BeNHGxkdFQU+CtO7t
yckHypJBqTbG63nM5KlrJ6QQ5Y/QVjWpYnvm3fOTvA7pdgFqaXWEYk6nu86FcAZC
afJX3a4CDgqPFh7peE7NCEgDbuTuCC9anqYEL3ibavpRgsJnhgK4t/U8oWaJv6T3
2PEW82FizpgMgSMyRtEdNGm7znD08q8T1/naRidLBHu4pQq1HOCaEO5PTW+2I6nv
Ir9cKwKyut3swu6udEuxeVRyp2QU6rNRaD6NEqwQjgceCAlIG3GzV0QX/mEEC4aB
4GS/Xqw74nir+5jXYM/n8raORjpknMBqh2OFHUPTGrAw9UBtaMsmdnY6In+DjLLX
TxU=
-----END CERTIFICATE-----
Generated at Tue Jun 25 00:53:10 2024 by rpki-client on console-ams.rpki-client.org