Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c5a1a1a0-4f4f-473d-bfac-fd46ff826004.roa
File:                     c5a1a1a0-4f4f-473d-bfac-fd46ff826004.roa (raw, json)
Hash identifier:          TW8eqcgnZkhyRSBBaQaY9rLEZ8i636ui+jmR9tdmcMQ=
Subject key identifier:   C4:7B:46:B3:49:CD:2B:93:C4:AE:49:25:D3:FA:C1:65:F0:CE:7B:ED
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       381E111501071D00FA2A9DD8559AE1BD772CD118
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c5a1a1a0-4f4f-473d-bfac-fd46ff826004.roa
Signing time:             Mon 07 Jul 2025 15:40:21 +0000
ROA not before:           Mon 07 Jul 2025 15:40:21 +0000
ROA not after:            Mon 11 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da12:8400::/38 maxlen: 38
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 03 Aug 2025 18:53:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:1e:11:15:01:07:1d:00:fa:2a:9d:d8:55:9a:e1:bd:77:2c:d1:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul  7 15:40:21 2025 GMT
            Not After : Aug 11 23:59:59 2025 GMT
        Subject: serialNumber=07d63d066015691a69b960c3b8fc8ab8573f8f5ff98b52ce46b1ce1657860bd8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:97:e9:f8:59:89:75:b2:43:01:94:5d:2c:b9:
                    d7:36:19:35:c2:a0:6a:36:a7:f9:21:c6:da:f7:db:
                    59:84:4c:5f:b1:75:82:f5:9f:0b:11:8b:74:e9:2a:
                    d6:c1:1d:32:5b:fe:3a:77:36:12:94:e6:31:dd:c2:
                    69:8f:2d:d0:ef:bb:77:28:89:eb:c1:a6:41:81:26:
                    75:75:f7:67:bf:d5:df:64:a6:bc:13:80:f1:e3:d2:
                    76:e2:e2:40:05:4c:67:5c:1d:b0:3b:80:2d:32:17:
                    0b:a5:3f:90:a1:2b:26:fe:0c:f0:17:7e:3a:c6:2e:
                    9f:5c:45:19:16:30:9e:bc:c1:3a:76:0c:f9:4e:26:
                    ed:a8:90:a6:dc:48:1b:8b:fb:da:34:ec:36:7b:45:
                    00:19:64:01:cc:14:a4:c6:dd:e5:bc:d3:3c:b8:ae:
                    dc:6c:18:04:f5:74:e1:2c:bf:97:59:ee:44:23:4c:
                    88:e9:bb:1d:28:d6:62:5d:80:14:c9:4b:e5:d4:7b:
                    91:66:99:dc:3d:91:82:cb:3c:4b:d9:11:69:df:1c:
                    d0:5a:05:6f:23:93:80:75:3b:c3:c3:fa:95:1c:7a:
                    0a:a7:ce:c4:e7:09:d6:0e:73:55:94:6c:78:fe:e2:
                    d6:d3:40:e4:b3:8c:81:6e:6d:81:5a:6c:3b:d2:50:
                    ff:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:7B:46:B3:49:CD:2B:93:C4:AE:49:25:D3:FA:C1:65:F0:CE:7B:ED
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c5a1a1a0-4f4f-473d-bfac-fd46ff826004.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da12:8400::/38

    Signature Algorithm: sha256WithRSAEncryption
         04:7d:48:3b:50:38:22:ba:77:13:cb:97:05:07:b9:c9:00:b3:
         9c:e3:fb:a3:cd:90:db:1e:fa:88:50:9a:15:a3:7f:0a:d5:de:
         ab:fd:93:5b:a5:ed:f7:42:3c:9b:82:f8:b2:ea:4c:53:65:e8:
         e7:bd:39:ba:4f:bb:3a:51:75:00:15:5c:c2:8f:db:3a:e3:44:
         2f:ad:43:07:31:3a:c1:e1:15:28:51:b5:1e:83:c0:46:16:5c:
         dd:fc:f4:b7:6a:b2:e4:c9:a6:6e:ed:c0:20:63:3c:b0:3a:6c:
         12:e7:5d:53:09:12:a0:cc:a9:44:ec:a8:0d:67:54:74:23:60:
         60:d6:fe:38:5d:b1:b8:6e:b0:e6:7f:d3:3e:bf:4c:9c:30:7f:
         81:d8:1e:a0:eb:07:82:e8:13:8f:de:f5:8e:55:9a:4e:1e:0d:
         ae:bc:55:b0:87:9d:d1:52:f8:ad:c0:f5:7b:59:00:95:72:93:
         03:b6:ff:8e:a1:16:63:7b:a4:20:7e:33:08:53:6c:2e:4b:a6:
         30:bb:0a:99:0b:76:aa:14:7b:87:dd:d7:df:a1:8e:6a:5f:47:
         51:5a:6c:c8:ac:df:f0:8b:fb:22:33:cd:fe:2a:49:e2:94:f4:
         d8:68:0f:80:5f:c7:f2:d7:98:ed:a7:38:ad:70:4f:aa:45:e5:
         48:1a:d1:8a
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUOB4RFQEHHQD6Kp3YVZrhvXcs0RgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcwNzE1NDAyMVoX
DTI1MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAMDdkNjNkMDY2MDE1NjkxYTY5Yjk2
MGMzYjhmYzhhYjg1NzNmOGY1ZmY5OGI1MmNlNDZiMWNlMTY1Nzg2MGJkODEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA25fp+FmJdbJDAZRdLLnXNhk1wqBq
Nqf5Icba99tZhExfsXWC9Z8LEYt06SrWwR0yW/46dzYSlOYx3cJpjy3Q77t3KInr
waZBgSZ1dfdnv9XfZKa8E4Dx49J24uJABUxnXB2wO4AtMhcLpT+QoSsm/gzwF346
xi6fXEUZFjCevME6dgz5TibtqJCm3Egbi/vaNOw2e0UAGWQBzBSkxt3lvNM8uK7c
bBgE9XThLL+XWe5EI0yI6bsdKNZiXYAUyUvl1HuRZpncPZGCyzxL2RFp3xzQWgVv
I5OAdTvDw/qVHHoKp87E5wnWDnNVlGx4/uLW00Dks4yBbm2BWmw70lD/owIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFMR7RrNJzSuTxK5JJdP6wWXwznvtMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2M1YTFhMWEwLTRmNGYtNDczZC1iZmFjLWZkNDZmZjgyNjAwNC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYCJAbaEoQwDQYJKoZIhvcNAQELBQADggEBAAR9SDtQOCK6dxPLlwUH
uckAs5zj+6PNkNse+ohQmhWjfwrV3qv9k1ul7fdCPJuC+LLqTFNl6Oe9ObpPuzpR
dQAVXMKP2zrjRC+tQwcxOsHhFShRtR6DwEYWXN389LdqsuTJpm7twCBjPLA6bBLn
XVMJEqDMqUTsqA1nVHQjYGDW/jhdsbhusOZ/0z6/TJwwf4HYHqDrB4LoE4/e9Y5V
mk4eDa68VbCHndFS+K3A9XtZAJVykwO2/46hFmN7pCB+MwhTbC5LpjC7CpkLdqoU
e4fd19+hjmpfR1FabMis3/CL+yIzzf4qSeKU9NhoD4Bfx/LXmO2nOK1wT6pF5Uga
0Yo=
-----END CERTIFICATE-----
Generated at Thu Jul 31 00:57:23 2025 by rpki-client