Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9ff3d168-754a-40d4-ad25-8b3a7db40970.roa
File:                     9ff3d168-754a-40d4-ad25-8b3a7db40970.roa (raw, json)
Hash identifier:          EaZ+8I/2dxd+OM+TqI7KuhD2+OJo0OepR3holkZ0xQo=
Subject key identifier:   18:EF:6C:DA:D9:16:03:EF:07:76:FC:44:74:5A:4E:6E:26:7F:F8:CF
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       455D99B67D84084F209306A40A0DBD6A11A35B14
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9ff3d168-754a-40d4-ad25-8b3a7db40970.roa
Signing time:             Wed 12 Jun 2024 00:00:00 +0000
ROA not before:           Wed 12 Jun 2024 00:00:00 +0000
ROA not after:            Wed 17 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dab8:7000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 19 Jun 2024 00:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:5d:99:b6:7d:84:08:4f:20:93:06:a4:0a:0d:bd:6a:11:a3:5b:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jun 12 00:00:00 2024 GMT
            Not After : Jul 17 23:59:59 2024 GMT
        Subject: serialNumber=bc36e5037cf929605a091c6ea196effacec135d74ccf754d89520ed356eddbcc, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:fa:8b:5c:7e:18:35:11:74:1a:d5:8b:9b:6a:
                    fb:07:e2:b9:23:a2:ea:67:e1:71:09:95:d4:ce:4f:
                    43:12:55:86:c0:7e:d2:6f:ba:61:0f:f7:98:ed:c3:
                    1c:90:ba:ba:50:80:8d:95:a9:2d:96:a1:4d:c9:3a:
                    80:da:7c:62:2e:3d:8c:6e:41:d0:2e:69:dc:50:44:
                    69:59:1e:94:3e:8e:07:29:7a:79:9c:7d:38:80:b1:
                    68:7d:75:99:a6:d8:8f:44:56:77:c0:e0:af:0e:2c:
                    77:92:23:88:66:99:96:e7:d0:a4:38:af:e0:ca:4c:
                    5a:44:dc:5d:90:72:c8:a9:8b:c8:c3:05:9f:3f:ac:
                    e2:fb:9e:e9:45:b3:45:c8:f6:08:42:5f:21:73:2c:
                    d5:59:4b:11:cf:84:ab:8a:5e:61:9e:63:75:a4:8c:
                    08:eb:50:fa:1e:04:97:35:0c:56:73:30:c7:5c:95:
                    a7:9a:d4:14:22:e2:36:c4:06:70:00:d1:62:19:7c:
                    43:9f:f8:e2:e8:44:e0:7a:68:5c:64:e0:e5:8f:6d:
                    e8:5d:84:e4:3a:be:a3:7c:ca:d0:bd:7c:c0:fa:2b:
                    9f:cf:2f:28:7a:2e:b5:2a:cd:ec:1d:16:91:d5:e0:
                    24:d8:8d:86:5a:45:1e:5e:dd:79:e1:11:65:60:b4:
                    a1:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:EF:6C:DA:D9:16:03:EF:07:76:FC:44:74:5A:4E:6E:26:7F:F8:CF
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9ff3d168-754a-40d4-ad25-8b3a7db40970.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dab8:7000::/40

    Signature Algorithm: sha256WithRSAEncryption
         4d:3f:28:e1:a8:46:ef:bb:f3:bc:c9:dc:71:ce:9e:8e:fc:e7:
         2c:73:46:f8:76:7b:6e:22:17:5e:1c:8c:4b:8a:f8:df:73:2f:
         f0:d7:e2:1b:90:8e:58:8b:9e:b0:da:75:7a:87:98:96:5d:fb:
         82:fb:ac:cf:52:83:a4:99:12:89:15:bf:13:eb:46:b2:c4:29:
         7b:28:92:06:d6:4b:19:98:03:26:23:6e:23:fb:e2:91:24:d8:
         b9:d8:54:16:41:e4:91:f8:46:5d:45:8f:c6:1d:63:98:7c:c1:
         13:2a:74:df:a9:08:ea:12:4b:e1:de:e4:80:8a:66:81:9a:11:
         72:86:ae:64:28:be:00:f9:88:4d:d8:f4:70:45:74:4e:fd:52:
         91:71:47:0d:b8:a5:bb:5e:b0:63:c4:97:eb:75:3e:c1:c0:fc:
         60:98:b8:75:30:66:48:a5:ae:4c:12:10:55:46:42:61:64:63:
         ea:af:b7:a3:6a:2d:d9:14:7f:5a:3f:be:66:48:d6:67:7f:bc:
         3b:19:d4:32:cf:92:f8:37:86:eb:63:e1:1e:2d:88:b7:34:3b:
         cc:88:81:8d:e9:e6:5d:18:f1:3c:b1:58:2b:8d:68:df:09:d0:
         38:cb:f1:4f:0f:c2:d2:27:04:99:1f:35:14:58:f8:6d:09:56:
         5b:d4:ad:63
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIURV2Ztn2ECE8gkwakCg29ahGjWxQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDYxMjAwMDAwMFoX
DTI0MDcxNzIzNTk1OVowejFJMEcGA1UEBRNAYmMzNmU1MDM3Y2Y5Mjk2MDVhMDkx
YzZlYTE5NmVmZmFjZWMxMzVkNzRjY2Y3NTRkODk1MjBlZDM1NmVkZGJjYzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvqLXH4YNRF0GtWLm2r7B+K5I6Lq
Z+FxCZXUzk9DElWGwH7Sb7phD/eY7cMckLq6UICNlaktlqFNyTqA2nxiLj2MbkHQ
LmncUERpWR6UPo4HKXp5nH04gLFofXWZptiPRFZ3wOCvDix3kiOIZpmW59CkOK/g
ykxaRNxdkHLIqYvIwwWfP6zi+57pRbNFyPYIQl8hcyzVWUsRz4Sril5hnmN1pIwI
61D6HgSXNQxWczDHXJWnmtQUIuI2xAZwANFiGXxDn/ji6ETgemhcZODlj23oXYTk
Or6jfMrQvXzA+iufzy8oei61Ks3sHRaR1eAk2I2GWkUeXt154RFlYLShdwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFBjvbNrZFgPvB3b8RHRaTm4mf/jPMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzlmZjNkMTY4LTc1NGEtNDBkNC1hZDI1LThiM2E3ZGI0MDk3MC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbauHAwDQYJKoZIhvcNAQELBQADggEBAE0/KOGoRu+787zJ3HHO
no785yxzRvh2e24iF14cjEuK+N9zL/DX4huQjliLnrDadXqHmJZd+4L7rM9Sg6SZ
EokVvxPrRrLEKXsokgbWSxmYAyYjbiP74pEk2LnYVBZB5JH4Rl1Fj8YdY5h8wRMq
dN+pCOoSS+He5ICKZoGaEXKGrmQovgD5iE3Y9HBFdE79UpFxRw24pbtesGPEl+t1
PsHA/GCYuHUwZkilrkwSEFVGQmFkY+qvt6NqLdkUf1o/vmZI1md/vDsZ1DLPkvg3
hutj4R4tiLc0O8yIgY3p5l0Y8TyxWCuNaN8J0DjL8U8PwtInBJkfNRRY+G0JVlvU
rWM=
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:01:51 2024 by rpki-client on console-fra.rpki-client.org