Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf01a13f-5374-4ae1-873e-34447bf4f7af.roa
File:                     cf01a13f-5374-4ae1-873e-34447bf4f7af.roa (raw, json)
Hash identifier:          wHTuiFkjHuFhcqRAKY1vocBbaMiYaEeGe+8pUmOGr58=
Subject key identifier:   41:B2:98:FD:82:B0:0F:CF:15:33:45:89:96:75:19:9F:3F:37:9D:67
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       26ED1430E35F1BAA2A2079AF83CA9D10C8A5D5CC
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf01a13f-5374-4ae1-873e-34447bf4f7af.roa
Signing time:             Wed 29 May 2024 00:00:00 +0000
ROA not before:           Wed 29 May 2024 00:00:00 +0000
ROA not after:            Wed 03 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf2:800::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 19 Jun 2024 00:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:ed:14:30:e3:5f:1b:aa:2a:20:79:af:83:ca:9d:10:c8:a5:d5:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: May 29 00:00:00 2024 GMT
            Not After : Jul  3 23:59:59 2024 GMT
        Subject: serialNumber=90c10ee57b791e1c4107fce18e37181440e88be0663aa2967de3e1411ecac478, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:0a:35:ba:69:6b:98:55:6a:1b:78:f8:1e:46:
                    a5:01:7e:f9:0d:60:87:e2:bc:55:94:3b:df:26:c8:
                    f2:4a:65:b9:50:1b:95:ec:8c:d9:28:e5:2b:4b:7b:
                    22:a0:27:e7:d1:b0:aa:c3:67:6c:49:59:5e:f0:be:
                    41:1c:ac:3c:76:66:0d:01:50:8e:e2:63:60:9f:4f:
                    93:31:c6:86:ae:cf:e2:64:cd:00:42:0e:20:39:45:
                    30:cb:e8:77:a2:ba:47:14:57:04:7a:d4:b2:c4:be:
                    6f:9e:30:0d:76:b3:b0:07:ed:7f:65:4b:7f:d6:72:
                    5e:7e:d6:76:d9:49:c4:91:00:24:0a:d3:bf:0e:39:
                    47:e2:6d:ce:67:7e:89:d4:e3:c2:c3:b8:2f:6e:f9:
                    fb:1d:da:d8:13:2e:79:f4:91:84:ff:5f:65:9f:63:
                    08:aa:a7:3d:a9:2e:7d:fb:c0:c6:fd:ac:1d:65:e2:
                    f5:02:da:88:29:7a:de:20:53:3b:a5:9b:58:8a:f7:
                    75:0d:40:e5:72:13:80:4f:2b:b6:d5:dd:f0:0b:a8:
                    b6:86:53:2d:fc:17:b5:46:65:10:05:a6:e1:61:c2:
                    e7:77:81:c4:eb:28:ca:af:a9:a6:53:a2:82:aa:b6:
                    05:b4:e2:68:cc:6e:41:13:16:db:e1:91:14:ed:ea:
                    17:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:B2:98:FD:82:B0:0F:CF:15:33:45:89:96:75:19:9F:3F:37:9D:67
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf01a13f-5374-4ae1-873e-34447bf4f7af.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf2:800::/40

    Signature Algorithm: sha256WithRSAEncryption
         17:6e:97:3e:d3:6e:f0:0e:c3:3d:c6:32:16:f4:62:c5:28:4c:
         02:74:76:84:bd:c1:c4:ee:4e:32:35:42:13:10:ce:81:12:1c:
         35:82:a7:00:d9:e0:17:b2:e2:e6:e6:38:aa:d5:19:65:80:10:
         5d:7c:5b:77:dc:91:7b:72:01:d6:2e:ad:bb:e2:9a:61:8e:e9:
         ed:28:62:94:d5:e7:e7:84:d4:3b:40:52:f5:33:89:d5:00:a9:
         ac:87:fb:19:2b:a9:95:d5:10:ec:85:ff:12:c1:76:fd:de:61:
         16:63:9e:f0:7e:08:9b:52:49:04:ad:83:0e:07:2c:16:47:4e:
         40:66:76:22:81:b7:59:c0:e7:f2:57:67:e2:77:c3:b2:0a:91:
         6f:62:7f:c1:da:e2:38:e3:98:80:f9:cd:26:c1:ab:0a:4c:d9:
         4a:3f:d2:c9:67:f8:73:3b:b1:32:d6:19:55:09:a9:d2:1f:91:
         26:31:9d:1d:f5:0c:0d:ac:a8:ce:ea:0a:29:00:03:f9:0d:fe:
         2f:6d:40:49:d7:51:ad:0c:1e:1d:0f:7d:5c:16:c1:da:bf:39:
         f5:7b:e0:8a:61:17:4e:11:e6:71:78:f6:5e:64:31:cc:54:99:
         1b:e1:ff:3e:20:f9:d1:5c:43:6b:60:9b:fd:8f:9f:5d:ab:c7:
         c9:de:9a:5a
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUJu0UMONfG6oqIHmvg8qdEMil1cwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUyOTAwMDAwMFoX
DTI0MDcwMzIzNTk1OVowejFJMEcGA1UEBRNAOTBjMTBlZTU3Yjc5MWUxYzQxMDdm
Y2UxOGUzNzE4MTQ0MGU4OGJlMDY2M2FhMjk2N2RlM2UxNDExZWNhYzQ3ODEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgo1umlrmFVqG3j4HkalAX75DWCH
4rxVlDvfJsjySmW5UBuV7IzZKOUrS3sioCfn0bCqw2dsSVle8L5BHKw8dmYNAVCO
4mNgn0+TMcaGrs/iZM0AQg4gOUUwy+h3orpHFFcEetSyxL5vnjANdrOwB+1/ZUt/
1nJeftZ22UnEkQAkCtO/DjlH4m3OZ36J1OPCw7gvbvn7HdrYEy559JGE/19ln2MI
qqc9qS59+8DG/awdZeL1AtqIKXreIFM7pZtYivd1DUDlchOATyu21d3wC6i2hlMt
/Be1RmUQBabhYcLnd4HE6yjKr6mmU6KCqrYFtOJozG5BExbb4ZEU7eoXSwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFEGymP2CsA/PFTNFiZZ1GZ8/N51nMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2NmMDFhMTNmLTUzNzQtNGFlMS04NzNlLTM0NDQ3YmY0ZjdhZi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba8ggwDQYJKoZIhvcNAQELBQADggEBABdulz7TbvAOwz3GMhb0
YsUoTAJ0doS9wcTuTjI1QhMQzoESHDWCpwDZ4Bey4ubmOKrVGWWAEF18W3fckXty
AdYurbvimmGO6e0oYpTV5+eE1DtAUvUzidUAqayH+xkrqZXVEOyF/xLBdv3eYRZj
nvB+CJtSSQStgw4HLBZHTkBmdiKBt1nA5/JXZ+J3w7IKkW9if8Ha4jjjmID5zSbB
qwpM2Uo/0sln+HM7sTLWGVUJqdIfkSYxnR31DA2sqM7qCikAA/kN/i9tQEnXUa0M
Hh0PfVwWwdq/OfV74IphF04R5nF49l5kMcxUmRvh/z4g+dFcQ2tgm/2Pn12rx8ne
mlo=
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:01:51 2024 by rpki-client on console-fra.rpki-client.org