Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b470748f-5988-4a4c-a004-6bf2c03dec55.roa
File:                     b470748f-5988-4a4c-a004-6bf2c03dec55.roa (raw, json)
Hash identifier:          0u9FswPt440SooI8Cc1Scq5C1HN4EyX7EQ1y7RiYWYk=
Subject key identifier:   18:F8:68:23:23:6D:99:6A:DD:9B:23:F9:A9:A0:9C:9B:46:AF:EA:1E
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       11D928306762F0777A09F605BC8D62484D747B6A
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b470748f-5988-4a4c-a004-6bf2c03dec55.roa
Signing time:             Mon 27 May 2024 00:00:00 +0000
ROA not before:           Mon 27 May 2024 00:00:00 +0000
ROA not after:            Mon 01 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dafc:4800::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 19 Jun 2024 00:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:d9:28:30:67:62:f0:77:7a:09:f6:05:bc:8d:62:48:4d:74:7b:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: May 27 00:00:00 2024 GMT
            Not After : Jul  1 23:59:59 2024 GMT
        Subject: serialNumber=4f45ea2826d5c5580dd0b8bcf487123b2998a395202dac0859e3d59152f8ee42, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:9d:4b:4a:7d:7d:b1:5f:62:5c:c0:5b:4f:03:
                    e5:b8:fa:4d:e2:a3:01:34:79:cd:4c:2b:e9:e0:e0:
                    ed:b0:17:42:dc:35:cb:b6:29:90:54:bb:df:03:98:
                    fd:19:36:82:63:47:b4:13:6d:6d:1c:54:41:a3:75:
                    1f:7f:af:24:ea:4d:dd:35:c3:17:9b:84:0e:07:82:
                    1a:fb:35:63:d4:b7:8a:5a:4e:6f:79:76:df:51:61:
                    b5:ac:f8:7d:1e:3b:af:33:1b:2f:da:39:d1:f2:c6:
                    e7:f5:32:c0:b3:ec:b4:cc:24:a0:38:1e:2f:19:78:
                    85:3b:c2:65:be:d0:6f:94:fe:f5:05:a4:15:00:e5:
                    dd:d5:4c:f2:32:ee:68:dc:80:12:82:5f:c1:b4:b3:
                    39:d6:a2:e2:01:8c:3c:26:0a:6f:39:f1:4a:7f:d0:
                    84:bf:18:ff:b6:92:30:26:80:5f:36:55:48:cf:46:
                    cd:13:e9:3c:d7:07:fc:c3:ff:f1:36:be:aa:25:83:
                    73:42:24:45:7d:55:a7:ad:93:32:7d:57:4e:98:ed:
                    c4:07:18:2f:df:13:e9:7f:92:d8:d6:f6:8d:2a:14:
                    b7:38:d3:b9:cc:f6:8d:f4:96:f0:d0:e8:de:f6:05:
                    31:79:7d:bc:74:89:1a:99:37:b5:af:d6:6b:de:ce:
                    7c:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:F8:68:23:23:6D:99:6A:DD:9B:23:F9:A9:A0:9C:9B:46:AF:EA:1E
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b470748f-5988-4a4c-a004-6bf2c03dec55.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dafc:4800::/40

    Signature Algorithm: sha256WithRSAEncryption
         4e:47:f1:8c:94:c6:ee:ba:96:09:6a:1c:ac:d8:68:88:94:90:
         8c:b3:cb:20:9c:ea:f2:7b:de:b2:ff:8a:e5:a7:59:bf:d9:0c:
         46:3e:e0:1a:8d:c6:4a:21:a0:e9:dd:15:3f:ff:10:96:12:88:
         58:72:31:5f:33:fb:a1:fd:b2:31:91:c5:71:33:17:af:dd:50:
         20:f4:6f:2c:6a:77:e1:b4:1c:aa:a7:a2:60:ed:c5:ec:ab:de:
         d0:6d:58:0f:fd:2a:a9:3f:f3:56:5a:de:85:7e:ef:9f:b6:49:
         a3:af:8f:f9:c5:e5:83:33:52:3c:5c:62:51:1e:4d:c3:bf:27:
         2d:7d:2c:2e:8f:6e:07:99:8f:f1:af:8c:fe:1f:b5:1d:a4:01:
         4c:b2:cd:a2:5c:ab:f4:3b:65:8e:12:b9:af:7b:d6:08:11:ac:
         3a:8b:4c:8e:3b:cf:92:f5:c6:e6:0d:a3:8f:0a:a3:6c:0d:0c:
         53:12:de:6a:b4:51:4b:2a:f3:ec:dd:09:2a:56:45:7d:a1:5e:
         b9:16:57:35:50:fa:79:64:5f:6f:2e:32:8f:48:d9:44:7c:73:
         ba:b3:66:eb:e0:8b:9b:32:c1:62:47:f6:4c:f8:cf:f5:58:df:
         ee:ac:53:76:06:7a:d9:a8:b4:37:a5:ca:35:1b:69:5e:a0:0a:
         af:99:9c:2b
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUEdkoMGdi8Hd6CfYFvI1iSE10e2owDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUyNzAwMDAwMFoX
DTI0MDcwMTIzNTk1OVowejFJMEcGA1UEBRNANGY0NWVhMjgyNmQ1YzU1ODBkZDBi
OGJjZjQ4NzEyM2IyOTk4YTM5NTIwMmRhYzA4NTllM2Q1OTE1MmY4ZWU0MjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZ1LSn19sV9iXMBbTwPluPpN4qMB
NHnNTCvp4ODtsBdC3DXLtimQVLvfA5j9GTaCY0e0E21tHFRBo3Uff68k6k3dNcMX
m4QOB4Ia+zVj1LeKWk5veXbfUWG1rPh9HjuvMxsv2jnR8sbn9TLAs+y0zCSgOB4v
GXiFO8JlvtBvlP71BaQVAOXd1UzyMu5o3IASgl/BtLM51qLiAYw8JgpvOfFKf9CE
vxj/tpIwJoBfNlVIz0bNE+k81wf8w//xNr6qJYNzQiRFfVWnrZMyfVdOmO3EBxgv
3xPpf5LY1vaNKhS3ONO5zPaN9Jbw0Oje9gUxeX28dIkamTe1r9Zr3s58jwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFBj4aCMjbZlq3Zsj+amgnJtGr+oeMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2I0NzA3NDhmLTU5ODgtNGE0Yy1hMDA0LTZiZjJjMDNkZWM1NS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba/EgwDQYJKoZIhvcNAQELBQADggEBAE5H8YyUxu66lglqHKzY
aIiUkIyzyyCc6vJ73rL/iuWnWb/ZDEY+4BqNxkohoOndFT//EJYSiFhyMV8z+6H9
sjGRxXEzF6/dUCD0byxqd+G0HKqnomDtxeyr3tBtWA/9Kqk/81Za3oV+75+2SaOv
j/nF5YMzUjxcYlEeTcO/Jy19LC6PbgeZj/GvjP4ftR2kAUyyzaJcq/Q7ZY4Sua97
1ggRrDqLTI47z5L1xuYNo48Ko2wNDFMS3mq0UUsq8+zdCSpWRX2hXrkWVzVQ+nlk
X28uMo9I2UR8c7qzZuvgi5sywWJH9kz4z/VY3+6sU3YGetmotDelyjUbaV6gCq+Z
nCs=
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:42:06 2024 by rpki-client on console-ams.rpki-client.org