Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e1567509-f31d-4739-a7a6-ed24530c598b.roa
File:                     e1567509-f31d-4739-a7a6-ed24530c598b.roa (raw, json)
Hash identifier:          iZTZgBq/nwtYQdCu2b+6YWR6iTs3Gv40TIvm0G5hZ1U=
Subject key identifier:   D6:7D:71:7D:6F:A5:5F:29:25:7C:9B:97:A1:DF:BB:8F:0E:F8:EE:7A
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       1E036B313CE0A6CBC9072687BCFE9C8E094F6E6B
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e1567509-f31d-4739-a7a6-ed24530c598b.roa
Signing time:             Fri 14 Jun 2024 00:00:00 +0000
ROA not before:           Fri 14 Jun 2024 00:00:00 +0000
ROA not after:            Fri 19 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf5:c000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 20 Jun 2024 00:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:03:6b:31:3c:e0:a6:cb:c9:07:26:87:bc:fe:9c:8e:09:4f:6e:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jun 14 00:00:00 2024 GMT
            Not After : Jul 19 23:59:59 2024 GMT
        Subject: serialNumber=6d99693b19d4549598abacbed0ac6530095c6610556670cf8f3bb8943a7b3b64, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:42:c0:90:fe:c4:d1:77:6f:5a:20:80:85:17:
                    3b:71:09:d2:62:e3:68:53:73:cd:bc:fd:83:a4:57:
                    04:1a:08:83:5e:f3:83:b5:c7:66:de:2e:f4:99:93:
                    77:a0:a7:8d:62:11:68:31:60:54:80:4d:13:a0:5a:
                    8c:7e:ef:f3:23:7d:28:dd:ae:ee:73:1d:55:3d:59:
                    fb:ee:90:3c:96:6a:16:78:37:ef:00:1a:35:14:3c:
                    5f:3b:03:58:34:98:c7:83:41:e9:78:9f:a5:b0:09:
                    70:63:fd:f7:1e:3a:5a:c1:65:f9:77:a5:4a:bc:e2:
                    5b:45:d4:e8:fa:7c:dd:bd:25:86:c8:55:f0:43:76:
                    e4:54:72:b9:a6:13:08:a8:99:4a:9f:67:c9:82:71:
                    1a:72:45:7f:65:fc:a9:f4:f8:8b:36:31:3f:1f:e1:
                    b3:73:92:c6:f5:f5:e9:12:14:97:39:84:63:00:fb:
                    25:a0:63:e1:09:c0:76:1d:da:f1:08:45:5b:78:5a:
                    4d:20:aa:29:2a:5c:99:6b:2b:09:be:6f:cf:a8:47:
                    4e:40:aa:49:a9:fc:0d:c8:62:b1:19:a6:2d:ab:fe:
                    24:21:5a:7d:92:c5:4a:2f:dd:0f:29:99:5d:85:7c:
                    be:c0:11:8d:5e:d5:0b:ba:25:b5:8d:8d:28:9f:f2:
                    db:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:7D:71:7D:6F:A5:5F:29:25:7C:9B:97:A1:DF:BB:8F:0E:F8:EE:7A
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e1567509-f31d-4739-a7a6-ed24530c598b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf5:c000::/40

    Signature Algorithm: sha256WithRSAEncryption
         97:10:3d:61:ff:38:5a:4d:21:dd:f2:7e:33:88:05:74:a9:11:
         91:da:ee:db:b5:95:e8:44:fc:5d:5e:e9:fc:95:45:42:94:79:
         be:b1:72:bf:07:80:b7:dd:e6:df:99:d8:4c:af:a4:e0:9d:26:
         09:e4:40:bf:ce:f6:05:bc:e2:1e:1c:5c:51:fb:c7:c2:ad:c4:
         81:ab:a8:53:fe:ed:20:f9:43:a7:11:3f:24:07:09:7b:ec:bf:
         99:03:46:8b:76:a8:11:ca:e6:8b:48:c6:d4:da:a9:da:ff:f9:
         25:d6:5c:ed:ac:8f:6d:d3:b0:a4:a0:15:0d:e4:18:fc:2e:f8:
         db:ac:8e:fb:5e:e2:0b:da:03:0a:ab:7b:da:86:55:47:7b:95:
         53:bb:fa:34:bd:08:84:1f:da:c6:e0:cf:f1:29:0b:ab:54:42:
         00:86:6f:2f:1a:74:f9:fc:ef:8f:33:15:16:20:2b:4d:94:cc:
         ed:c7:c4:82:c8:7b:e9:ec:e6:f3:3c:1e:9f:d2:95:5b:f5:e9:
         d4:e5:62:fc:98:2d:b3:43:6b:7a:61:46:b4:d1:8e:2b:c1:eb:
         40:ec:22:01:4a:4f:46:bd:ef:52:13:1c:5a:30:12:7c:07:0d:
         a9:dc:4c:31:89:b3:5f:a4:54:35:cb:63:05:c6:eb:be:49:1d:
         1a:d2:76:96
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUHgNrMTzgpsvJByaHvP6cjglPbmswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDYxNDAwMDAwMFoX
DTI0MDcxOTIzNTk1OVowejFJMEcGA1UEBRNANmQ5OTY5M2IxOWQ0NTQ5NTk4YWJh
Y2JlZDBhYzY1MzAwOTVjNjYxMDU1NjY3MGNmOGYzYmI4OTQzYTdiM2I2NDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0LAkP7E0XdvWiCAhRc7cQnSYuNo
U3PNvP2DpFcEGgiDXvODtcdm3i70mZN3oKeNYhFoMWBUgE0ToFqMfu/zI30o3a7u
cx1VPVn77pA8lmoWeDfvABo1FDxfOwNYNJjHg0HpeJ+lsAlwY/33HjpawWX5d6VK
vOJbRdTo+nzdvSWGyFXwQ3bkVHK5phMIqJlKn2fJgnEackV/Zfyp9PiLNjE/H+Gz
c5LG9fXpEhSXOYRjAPsloGPhCcB2HdrxCEVbeFpNIKopKlyZaysJvm/PqEdOQKpJ
qfwNyGKxGaYtq/4kIVp9ksVKL90PKZldhXy+wBGNXtULuiW1jY0on/LbxwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFNZ9cX1vpV8pJXybl6Hfu48O+O56MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2UxNTY3NTA5LWYzMWQtNDczOS1hN2E2LWVkMjQ1MzBjNTk4Yi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba9cAwDQYJKoZIhvcNAQELBQADggEBAJcQPWH/OFpNId3yfjOI
BXSpEZHa7tu1lehE/F1e6fyVRUKUeb6xcr8HgLfd5t+Z2EyvpOCdJgnkQL/O9gW8
4h4cXFH7x8KtxIGrqFP+7SD5Q6cRPyQHCXvsv5kDRot2qBHK5otIxtTaqdr/+SXW
XO2sj23TsKSgFQ3kGPwu+Nusjvte4gvaAwqre9qGVUd7lVO7+jS9CIQf2sbgz/Ep
C6tUQgCGby8adPn8748zFRYgK02UzO3HxILIe+ns5vM8Hp/SlVv16dTlYvyYLbND
a3phRrTRjivB60DsIgFKT0a971ITHFowEnwHDancTDGJs1+kVDXLYwXG675JHRrS
dpY=
-----END CERTIFICATE-----
Generated at Sun Jun 16 00:43:44 2024 by rpki-client on console-ams.rpki-client.org