Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cbb078e9-a430-471e-97da-98312e84ae50.roa
File:                     cbb078e9-a430-471e-97da-98312e84ae50.roa (raw, json)
Hash identifier:          o0NeZshhKr/3jjAN/VRneS+Fa8rVXsq7EC7a01h8aeI=
Subject key identifier:   3D:E1:E3:88:9F:E1:74:00:D1:6F:11:B3:EC:D1:94:84:6B:C1:A0:69
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       0F598B9C646548FC3BCC7D854F8423606F94E339
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cbb078e9-a430-471e-97da-98312e84ae50.roa
Signing time:             Fri 31 May 2024 00:00:00 +0000
ROA not before:           Fri 31 May 2024 00:00:00 +0000
ROA not after:            Fri 05 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da69:4000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 25 Jun 2024 00:51:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:59:8b:9c:64:65:48:fc:3b:cc:7d:85:4f:84:23:60:6f:94:e3:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: May 31 00:00:00 2024 GMT
            Not After : Jul  5 23:59:59 2024 GMT
        Subject: serialNumber=b7981f08e5dbe615679cc19b524367892d339e5822a89eadac1b27d404007696, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:cc:fb:99:13:8f:55:b6:be:35:f0:55:d4:10:
                    13:5e:ef:53:7f:19:51:18:81:e5:a4:f4:00:a3:70:
                    00:9a:ed:f4:44:92:0d:0a:59:c6:4f:13:ea:99:23:
                    fe:16:c3:74:d6:c9:8d:93:8d:7f:ca:b5:43:da:de:
                    83:48:e7:be:df:06:ff:6c:34:16:1d:26:fd:e4:ae:
                    0d:54:18:5a:17:f5:8e:00:60:79:1e:d9:c1:aa:e4:
                    f8:05:9a:1a:81:e8:58:0d:88:66:dd:ed:7e:5e:2e:
                    74:70:61:1c:49:c1:08:56:f2:68:3a:98:49:ef:27:
                    70:3c:61:de:b4:54:bd:8c:95:08:28:06:46:02:3f:
                    6e:99:58:8d:3d:ac:11:d0:60:de:e4:2a:55:32:ee:
                    15:ff:12:20:0e:12:95:4e:2f:f0:25:d3:55:48:cd:
                    0a:53:df:87:3f:68:07:c0:93:37:91:b2:66:4a:f1:
                    4b:5f:a4:b4:d8:6e:c0:9a:c9:19:86:bd:0e:38:81:
                    c0:2c:4b:7c:eb:12:12:5b:33:13:24:46:a6:83:46:
                    37:94:6d:40:97:47:3e:e7:8a:30:d3:77:63:83:f0:
                    bd:5b:3f:3b:87:46:ab:f0:50:fd:74:93:80:6d:7d:
                    b6:3a:e6:99:a6:ff:b8:f5:aa:1c:31:8d:fb:7c:7a:
                    95:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:E1:E3:88:9F:E1:74:00:D1:6F:11:B3:EC:D1:94:84:6B:C1:A0:69
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cbb078e9-a430-471e-97da-98312e84ae50.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da69:4000::/40

    Signature Algorithm: sha256WithRSAEncryption
         81:00:2b:65:58:04:56:78:fe:2f:94:80:8d:82:b4:fc:f5:8d:
         bb:ee:29:1e:c3:e1:13:25:72:d0:c4:3f:52:69:93:bb:72:4b:
         ed:69:7c:72:ff:29:a7:de:d9:be:34:72:5a:48:78:59:43:63:
         21:e2:6b:49:ea:f5:1f:79:ea:dd:e8:f1:7a:e5:14:1a:8b:6b:
         2f:a3:73:2b:d9:5a:9a:96:27:6d:92:8f:5e:99:ef:da:3f:1d:
         27:10:ba:b5:d7:97:93:df:b3:17:f0:91:87:71:ed:86:55:00:
         ea:8b:96:89:fb:e2:4e:2f:80:97:53:e6:24:c3:d3:06:9a:81:
         e1:fc:45:85:a5:54:5f:e2:ce:89:72:ec:d5:8d:bd:0e:12:ba:
         b2:b8:b1:97:8d:cc:1f:0f:e8:48:ec:ea:c3:46:c0:ae:58:ac:
         ef:9e:00:9d:1b:0a:28:05:0a:d1:89:b2:62:c7:0e:53:0d:64:
         3b:64:b5:4b:2f:27:44:f0:09:6c:8e:33:28:cf:51:84:26:12:
         62:17:d2:29:7f:17:63:1a:21:9f:6a:2f:ca:60:ec:49:b1:89:
         6c:1a:fa:c7:0e:f5:b0:7a:61:ab:d7:83:5b:07:8a:c5:76:05:
         41:65:2c:0b:57:4f:e8:fa:10:76:36:e2:be:bb:17:0f:4d:a7:
         dd:58:95:5c
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUD1mLnGRlSPw7zH2FT4QjYG+U4zkwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUzMTAwMDAwMFoX
DTI0MDcwNTIzNTk1OVowejFJMEcGA1UEBRNAYjc5ODFmMDhlNWRiZTYxNTY3OWNj
MTliNTI0MzY3ODkyZDMzOWU1ODIyYTg5ZWFkYWMxYjI3ZDQwNDAwNzY5NjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMz7mROPVba+NfBV1BATXu9TfxlR
GIHlpPQAo3AAmu30RJINClnGTxPqmSP+FsN01smNk41/yrVD2t6DSOe+3wb/bDQW
HSb95K4NVBhaF/WOAGB5HtnBquT4BZoagehYDYhm3e1+Xi50cGEcScEIVvJoOphJ
7ydwPGHetFS9jJUIKAZGAj9umViNPawR0GDe5CpVMu4V/xIgDhKVTi/wJdNVSM0K
U9+HP2gHwJM3kbJmSvFLX6S02G7AmskZhr0OOIHALEt86xISWzMTJEamg0Y3lG1A
l0c+54ow03djg/C9Wz87h0ar8FD9dJOAbX22OuaZpv+49aocMY37fHqV3QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFD3h44if4XQA0W8Rs+zRlIRrwaBpMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2NiYjA3OGU5LWE0MzAtNDcxZS05N2RhLTk4MzEyZTg0YWU1MC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaaUAwDQYJKoZIhvcNAQELBQADggEBAIEAK2VYBFZ4/i+UgI2C
tPz1jbvuKR7D4RMlctDEP1Jpk7tyS+1pfHL/Kafe2b40clpIeFlDYyHia0nq9R95
6t3o8XrlFBqLay+jcyvZWpqWJ22Sj16Z79o/HScQurXXl5PfsxfwkYdx7YZVAOqL
lon74k4vgJdT5iTD0waageH8RYWlVF/izoly7NWNvQ4SurK4sZeNzB8P6Ejs6sNG
wK5YrO+eAJ0bCigFCtGJsmLHDlMNZDtktUsvJ0TwCWyOMyjPUYQmEmIX0il/F2Ma
IZ9qL8pg7EmxiWwa+scO9bB6YavXg1sHisV2BUFlLAtXT+j6EHY24r67Fw9Np91Y
lVw=
-----END CERTIFICATE-----
Generated at Fri Jun 21 01:45:40 2024 by rpki-client on console-ams.rpki-client.org