Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a0c6be0d-b5c2-4296-9e79-8556c5f2dd7f.roa
File:                     a0c6be0d-b5c2-4296-9e79-8556c5f2dd7f.roa (raw, json)
Hash identifier:          IWMa6SXYNS2weVJGo2CM3AY37W4ym/dipXiCriRh48c=
Subject key identifier:   3C:52:C1:00:8E:81:9C:A2:3D:2D:47:7F:AB:B2:14:20:A5:E1:70:CD
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       2E11F971116958F02927D9830A1272FC47AA795D
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a0c6be0d-b5c2-4296-9e79-8556c5f2dd7f.roa
Signing time:             Sat 22 Jun 2024 00:00:00 +0000
ROA not before:           Sat 22 Jun 2024 00:00:00 +0000
ROA not after:            Sat 27 Jul 2024 23:59:59 +0000
asID:                     14618
IP address blocks:        43.218.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 28 Jun 2024 00:11:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:11:f9:71:11:69:58:f0:29:27:d9:83:0a:12:72:fc:47:aa:79:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jun 22 00:00:00 2024 GMT
            Not After : Jul 27 23:59:59 2024 GMT
        Subject: serialNumber=02681fb76536c9ab58aff6b47dfe99a839d5ece5a7bb8e0797913b6394143899, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:3a:29:2d:32:0d:86:ae:4b:45:9c:57:05:a0:
                    9b:72:6e:e2:91:c2:65:0c:09:2e:85:8c:79:41:96:
                    75:57:d3:f8:b4:ae:34:bc:96:f8:d2:c0:7e:82:9b:
                    2d:ae:8e:b9:3a:4c:0b:77:42:07:f4:b7:b5:aa:62:
                    b6:17:d0:f0:48:eb:89:2b:b4:09:51:be:13:ea:0f:
                    d8:ff:cc:87:b3:a5:bc:3f:d8:65:df:0b:8b:72:53:
                    ee:2b:6e:82:9a:9a:ec:4a:e4:fb:6c:b5:8e:80:b7:
                    79:b3:4a:f1:52:47:3d:76:2b:fb:eb:70:a5:c8:3b:
                    ec:05:d6:4b:bd:b6:f5:a1:d3:bf:fc:e7:3c:8d:81:
                    7a:8f:88:37:15:d9:05:d2:3a:ef:ac:28:3f:63:f7:
                    20:11:a3:93:87:e4:08:01:52:48:af:5e:13:be:04:
                    a9:9b:e5:11:90:ae:e8:37:4b:e9:a7:5a:2b:80:13:
                    86:82:3b:6c:11:87:36:45:cf:da:d5:02:a7:36:5a:
                    d6:8f:07:80:85:2c:32:2e:5f:a2:b7:46:99:23:ba:
                    85:d2:bd:ee:d7:ab:a5:42:d9:d3:4f:25:39:4f:9a:
                    fd:b3:9c:85:1b:57:26:4e:42:26:f7:34:92:2e:f4:
                    4f:61:59:0a:f7:d8:29:8c:4d:71:b3:47:4e:aa:7c:
                    1e:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:52:C1:00:8E:81:9C:A2:3D:2D:47:7F:AB:B2:14:20:A5:E1:70:CD
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a0c6be0d-b5c2-4296-9e79-8556c5f2dd7f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.218.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         6a:b2:35:97:43:37:14:69:24:76:8a:ca:0d:31:0e:6e:a3:d3:
         b1:56:48:2f:d1:02:5e:4e:bb:23:01:b4:93:f3:f2:b8:6f:8b:
         79:7e:cc:12:2c:f6:e8:0c:e8:70:0e:14:51:19:f9:b6:60:4b:
         44:1d:05:b1:41:94:1a:f9:75:f3:a2:ea:60:4f:50:c6:70:b3:
         c7:a0:8b:37:e9:11:65:4a:33:da:67:92:ef:78:16:fe:c5:31:
         ed:c6:85:85:ea:bd:4a:9c:2e:6f:5b:4a:e9:80:3c:4f:35:54:
         f1:81:5f:4b:f4:97:b7:2f:39:89:97:4a:84:7e:0d:21:14:22:
         18:c3:4a:a2:1b:09:0e:54:32:e6:18:af:5b:c6:de:4f:ca:2c:
         1c:b6:34:fb:71:70:85:6d:02:16:3a:26:23:b3:a2:8d:18:94:
         41:93:c2:9c:31:cc:0c:20:f1:b5:ee:25:0f:12:df:22:72:90:
         13:c5:69:7e:12:28:6a:1a:42:5e:a1:81:82:ad:95:1d:67:06:
         76:05:bb:88:e9:ec:fc:75:71:65:9b:d6:12:16:7b:85:44:44:
         fe:d6:f2:7e:68:5e:29:93:81:ae:71:b7:ec:af:c8:44:11:16:
         d6:77:19:50:33:28:03:a8:b5:6d:67:f1:3f:68:25:fc:9b:71:
         0e:98:af:fb
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgIULhH5cRFpWPApJ9mDChJy/EeqeV0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDYyMjAwMDAwMFoX
DTI0MDcyNzIzNTk1OVowejFJMEcGA1UEBRNAMDI2ODFmYjc2NTM2YzlhYjU4YWZm
NmI0N2RmZTk5YTgzOWQ1ZWNlNWE3YmI4ZTA3OTc5MTNiNjM5NDE0Mzg5OTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjopLTINhq5LRZxXBaCbcm7ikcJl
DAkuhYx5QZZ1V9P4tK40vJb40sB+gpstro65OkwLd0IH9Le1qmK2F9DwSOuJK7QJ
Ub4T6g/Y/8yHs6W8P9hl3wuLclPuK26CmprsSuT7bLWOgLd5s0rxUkc9div763Cl
yDvsBdZLvbb1odO//Oc8jYF6j4g3FdkF0jrvrCg/Y/cgEaOTh+QIAVJIr14TvgSp
m+URkK7oN0vpp1orgBOGgjtsEYc2Rc/a1QKnNlrWjweAhSwyLl+it0aZI7qF0r3u
16ulQtnTTyU5T5r9s5yFG1cmTkIm9zSSLvRPYVkK99gpjE1xs0dOqnweeQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFDxSwQCOgZyiPS1Hf6uyFCCl4XDNMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2EwYzZiZTBkLWI1YzItNDI5Ni05ZTc5LTg1NTZjNWYyZGQ3Zi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL
BAIAATAFAwMAK9owDQYJKoZIhvcNAQELBQADggEBAGqyNZdDNxRpJHaKyg0xDm6j
07FWSC/RAl5OuyMBtJPz8rhvi3l+zBIs9ugM6HAOFFEZ+bZgS0QdBbFBlBr5dfOi
6mBPUMZws8egizfpEWVKM9pnku94Fv7FMe3GhYXqvUqcLm9bSumAPE81VPGBX0v0
l7cvOYmXSoR+DSEUIhjDSqIbCQ5UMuYYr1vG3k/KLBy2NPtxcIVtAhY6JiOzoo0Y
lEGTwpwxzAwg8bXuJQ8S3yJykBPFaX4SKGoaQl6hgYKtlR1nBnYFu4jp7Px1cWWb
1hIWe4VERP7W8n5oXimTga5xt+yvyEQRFtZ3GVAzKAOotW1n8T9oJfybcQ6Yr/s=
-----END CERTIFICATE-----
Generated at Mon Jun 24 01:28:15 2024 by rpki-client on console-ams.rpki-client.org