Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e0fbaecf-3318-488e-80aa-57f0a5202e27.roa
File:                     e0fbaecf-3318-488e-80aa-57f0a5202e27.roa (raw, json)
Hash identifier:          B7eR+N9D15gQZ62Cx02NZDDTSYzBLP3f1usc28kVnTs=
Subject key identifier:   A5:53:D5:E4:2B:DA:0E:12:6A:EF:4F:D5:52:A3:87:F1:C2:F1:E4:34
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       7E8F83F3685977EEB1AE85C28CDF1C96E98C9504
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e0fbaecf-3318-488e-80aa-57f0a5202e27.roa
Signing time:             Tue 25 Jun 2024 00:00:00 +0000
ROA not before:           Tue 25 Jun 2024 00:00:00 +0000
ROA not after:            Tue 30 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da00:8000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 21 Jul 2024 00:10:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:8f:83:f3:68:59:77:ee:b1:ae:85:c2:8c:df:1c:96:e9:8c:95:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jun 25 00:00:00 2024 GMT
            Not After : Jul 30 23:59:59 2024 GMT
        Subject: serialNumber=dedd27325a4497f033eafa74ba10165eb0f5fe5f85a58008a1baedb3df0f127e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:5e:50:3e:68:3a:d0:cd:8c:af:90:e5:b4:73:
                    1f:d1:8c:71:f6:12:0e:e5:c8:8e:dd:48:1f:40:97:
                    d6:dd:e0:bd:e3:73:11:ce:45:e1:63:e0:f6:e0:64:
                    01:d1:df:e1:70:b7:be:fb:2f:0a:a0:33:4e:fe:db:
                    5d:38:22:bc:3a:4c:25:1b:12:50:fa:40:c9:97:e2:
                    66:2f:9c:3b:a4:88:b0:13:f4:5b:69:49:66:54:9c:
                    62:48:50:db:27:64:9f:d2:d3:6d:77:0e:2d:65:4b:
                    7d:70:57:1a:d0:09:65:37:f2:bf:07:62:35:86:09:
                    6d:85:5c:09:f3:a6:b9:0a:33:93:80:21:68:09:35:
                    97:38:a4:6f:2e:8f:8d:95:b6:d5:c3:2d:51:bb:e5:
                    58:1e:5a:b7:b1:5b:fb:86:25:32:75:3e:7d:8d:e0:
                    49:eb:21:68:c1:26:20:16:97:8e:e3:8c:1e:58:ea:
                    93:68:fc:ec:e2:2c:65:bf:a3:63:fb:00:73:42:0b:
                    9f:50:c2:39:53:b6:60:9b:49:d4:4b:ce:d6:15:52:
                    c5:d4:bc:db:1f:a9:71:2a:15:3b:e1:16:6d:50:ea:
                    e5:2c:21:e6:35:6d:bb:82:b2:26:7c:02:b7:03:69:
                    4e:a5:f7:8e:9c:ed:bf:8d:b5:9d:4e:63:bf:50:62:
                    e0:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:53:D5:E4:2B:DA:0E:12:6A:EF:4F:D5:52:A3:87:F1:C2:F1:E4:34
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e0fbaecf-3318-488e-80aa-57f0a5202e27.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da00:8000::/40

    Signature Algorithm: sha256WithRSAEncryption
         64:b4:7f:49:d6:00:e6:a7:3a:09:ee:cc:ea:36:e3:2f:d4:68:
         7b:2f:e5:09:46:0e:20:99:58:03:e4:ac:45:a6:3c:c5:74:78:
         74:70:59:78:da:a7:92:9d:70:9c:8f:c5:e0:84:cc:e8:d0:e5:
         57:d2:d0:dd:3a:6f:9f:2b:59:49:04:81:be:44:22:f6:8b:07:
         12:7f:32:2c:59:62:0a:fd:fc:a3:ad:e6:15:e6:b8:ac:5f:79:
         31:7e:8f:48:2c:42:66:15:6a:80:a2:0a:03:86:4c:36:15:a0:
         85:37:16:38:30:9e:67:34:12:d9:8e:f4:2c:f0:b9:a6:0e:aa:
         c1:22:72:3e:c9:ef:d1:4c:4e:c1:9f:2d:4f:ec:25:63:a2:29:
         54:94:fb:64:69:e0:16:57:d4:e4:06:6d:98:63:ee:33:af:5c:
         91:32:38:63:88:20:1f:da:1e:bc:a7:c8:5f:09:d6:13:dd:d7:
         a8:63:92:b9:8a:45:f6:f4:18:61:db:27:2f:fc:a5:ab:59:cf:
         42:70:79:58:7b:94:9e:08:a5:5f:5e:4f:a8:0c:b3:fa:e7:ba:
         33:08:79:da:02:90:b6:4c:63:ac:87:4f:09:0d:c1:54:91:fa:
         8c:de:9d:59:df:48:08:af:1e:a4:8b:98:e5:7d:1a:00:f5:c5:
         75:4b:7e:29
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUfo+D82hZd+6xroXCjN8clumMlQQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDYyNTAwMDAwMFoX
DTI0MDczMDIzNTk1OVowejFJMEcGA1UEBRNAZGVkZDI3MzI1YTQ0OTdmMDMzZWFm
YTc0YmExMDE2NWViMGY1ZmU1Zjg1YTU4MDA4YTFiYWVkYjNkZjBmMTI3ZTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk15QPmg60M2Mr5DltHMf0Yxx9hIO
5ciO3UgfQJfW3eC943MRzkXhY+D24GQB0d/hcLe++y8KoDNO/ttdOCK8OkwlGxJQ
+kDJl+JmL5w7pIiwE/RbaUlmVJxiSFDbJ2Sf0tNtdw4tZUt9cFca0AllN/K/B2I1
hglthVwJ86a5CjOTgCFoCTWXOKRvLo+NlbbVwy1Ru+VYHlq3sVv7hiUydT59jeBJ
6yFowSYgFpeO44weWOqTaPzs4ixlv6Nj+wBzQgufUMI5U7Zgm0nUS87WFVLF1Lzb
H6lxKhU74RZtUOrlLCHmNW27grImfAK3A2lOpfeOnO2/jbWdTmO/UGLg6wIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFKVT1eQr2g4Sau9P1VKjh/HC8eQ0MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2UwZmJhZWNmLTMzMTgtNDg4ZS04MGFhLTU3ZjBhNTIwMmUyNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaAIAwDQYJKoZIhvcNAQELBQADggEBAGS0f0nWAOanOgnuzOo2
4y/UaHsv5QlGDiCZWAPkrEWmPMV0eHRwWXjap5KdcJyPxeCEzOjQ5VfS0N06b58r
WUkEgb5EIvaLBxJ/MixZYgr9/KOt5hXmuKxfeTF+j0gsQmYVaoCiCgOGTDYVoIU3
Fjgwnmc0EtmO9CzwuaYOqsEicj7J79FMTsGfLU/sJWOiKVSU+2Rp4BZX1OQGbZhj
7jOvXJEyOGOIIB/aHrynyF8J1hPd16hjkrmKRfb0GGHbJy/8patZz0JweVh7lJ4I
pV9eT6gMs/rnujMIedoCkLZMY6yHTwkNwVSR+ozenVnfSAivHqSLmOV9GgD1xXVL
fik=
-----END CERTIFICATE-----
Generated at Wed Jul 17 01:22:47 2024 by rpki-client on console-fra.rpki-client.org