Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e34a1112-42b9-4563-9cde-de9af887a3d6.roa
File:                     e34a1112-42b9-4563-9cde-de9af887a3d6.roa (raw, json)
Hash identifier:          vNWvqL7anTnJta6QNVxtBB4Eub+xMNx1t3WcagS3pp0=
Subject key identifier:   22:A0:B6:51:F7:E0:75:E7:C7:77:DC:A2:63:0D:07:0F:2D:E0:AD:3D
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       07229A92BD0C2E43F0FA892706291CDDB0A2351B
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e34a1112-42b9-4563-9cde-de9af887a3d6.roa
Signing time:             Mon 07 Jul 2025 15:20:17 +0000
ROA not before:           Mon 07 Jul 2025 15:20:17 +0000
ROA not after:            Mon 11 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da38:2000::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 17 Jul 2025 00:02:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:22:9a:92:bd:0c:2e:43:f0:fa:89:27:06:29:1c:dd:b0:a2:35:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul  7 15:20:17 2025 GMT
            Not After : Aug 11 23:59:59 2025 GMT
        Subject: serialNumber=67eb3399cf813353ba5fbef043fd94094efc69388716cb8627548d2358d512e7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:ed:c5:d0:06:c7:7c:ad:0b:4e:1f:c1:d7:7f:
                    17:64:3d:06:98:fc:e7:9a:2b:47:9c:64:3b:b5:e5:
                    ce:8a:eb:ad:3a:5b:f0:2f:d1:f5:8d:9d:3e:2a:cf:
                    f4:aa:6e:1b:d5:43:f7:70:a9:62:f0:64:9e:f8:92:
                    27:78:e5:8e:99:7d:97:b0:a2:53:20:7f:05:92:6f:
                    d6:ef:e6:3e:2e:c6:d6:6c:26:92:9b:0b:00:d9:b0:
                    c3:47:2a:d8:7e:53:1b:27:02:cb:26:1b:7e:3b:6b:
                    bc:e8:75:c5:ca:e9:bf:6f:03:09:aa:20:2d:a7:2f:
                    ad:a0:11:8e:a4:6b:b4:3a:8c:7e:1a:4b:fc:3f:8f:
                    e9:c2:d3:77:ad:bf:ab:c4:c7:f1:77:88:eb:af:42:
                    cb:2e:89:09:3e:e0:5b:09:0b:9a:63:ed:23:1d:9f:
                    87:19:21:d7:ab:96:9e:c7:e7:e9:be:fd:3e:76:ac:
                    68:1e:8f:d1:dc:fe:b9:24:f4:2b:8c:62:51:de:1e:
                    ca:87:92:c6:09:e9:85:32:8a:f0:86:b8:6c:4a:a7:
                    21:ee:73:0a:38:fb:c5:4d:54:47:aa:47:53:a4:df:
                    e7:d9:14:18:be:6d:0e:ab:5c:2b:d4:33:e0:48:17:
                    0c:bb:77:86:03:b8:fd:2b:c4:f2:29:1e:fc:d1:4e:
                    5d:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:A0:B6:51:F7:E0:75:E7:C7:77:DC:A2:63:0D:07:0F:2D:E0:AD:3D
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e34a1112-42b9-4563-9cde-de9af887a3d6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da38:2000::/40

    Signature Algorithm: sha256WithRSAEncryption
         83:03:50:7d:a5:4f:95:c4:c9:f2:a1:74:d0:bc:ad:d0:c0:d9:
         c3:32:3d:08:14:58:8d:35:ec:cc:39:9e:53:34:4c:ec:da:7b:
         e7:cd:74:39:41:77:7e:0d:5d:3d:19:e7:3a:ab:13:44:8d:ee:
         5b:f0:9a:10:7c:d1:70:c7:32:b8:9d:8f:47:06:b8:99:1b:a2:
         5a:a9:54:0f:7d:6a:95:0b:5f:63:bf:ea:17:d5:9b:a7:48:c1:
         7f:b8:8a:63:94:3a:82:f7:8b:cd:77:48:37:da:06:80:be:4e:
         1f:cb:61:ed:a5:af:8b:ae:e9:e8:4b:4b:00:7c:cf:3c:65:df:
         1d:e4:23:33:5e:1c:dd:f9:90:ec:d7:0c:6f:2a:c9:43:a4:f1:
         99:f5:33:de:21:51:2f:52:d5:93:58:44:11:7c:81:43:d5:9f:
         04:48:8e:2f:1c:7a:cf:ee:02:9f:d9:9f:e3:0c:8c:41:60:a2:
         29:db:03:95:18:52:f7:7c:1b:85:90:e2:f2:4a:28:a0:a6:5d:
         4c:50:37:ea:85:53:af:00:19:0c:b9:36:d0:84:ca:bb:bf:6b:
         ec:6c:96:b1:c1:dd:3a:5d:54:94:10:46:89:cb:74:d7:7f:01:
         ab:96:0c:a6:ea:61:8d:d4:12:55:3a:d2:7e:3e:df:6b:8c:00:
         d3:dc:b0:3c
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUByKakr0MLkPw+oknBikc3bCiNRswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcwNzE1MjAxN1oX
DTI1MDgxMTIzNTk1OVowejFJMEcGA1UEBRNANjdlYjMzOTljZjgxMzM1M2JhNWZi
ZWYwNDNmZDk0MDk0ZWZjNjkzODg3MTZjYjg2Mjc1NDhkMjM1OGQ1MTJlNzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAme3F0AbHfK0LTh/B138XZD0GmPzn
mitHnGQ7teXOiuutOlvwL9H1jZ0+Ks/0qm4b1UP3cKli8GSe+JIneOWOmX2XsKJT
IH8Fkm/W7+Y+LsbWbCaSmwsA2bDDRyrYflMbJwLLJht+O2u86HXFyum/bwMJqiAt
py+toBGOpGu0Oox+Gkv8P4/pwtN3rb+rxMfxd4jrr0LLLokJPuBbCQuaY+0jHZ+H
GSHXq5aex+fpvv0+dqxoHo/R3P65JPQrjGJR3h7Kh5LGCemFMorwhrhsSqch7nMK
OPvFTVRHqkdTpN/n2RQYvm0Oq1wr1DPgSBcMu3eGA7j9K8TyKR780U5d4QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFCKgtlH34HXnx3fcomMNBw8t4K09MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2UzNGExMTEyLTQyYjktNDU2My05Y2RlLWRlOWFmODg3YTNkNi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaOCAwDQYJKoZIhvcNAQELBQADggEBAIMDUH2lT5XEyfKhdNC8
rdDA2cMyPQgUWI017Mw5nlM0TOzae+fNdDlBd34NXT0Z5zqrE0SN7lvwmhB80XDH
Mridj0cGuJkbolqpVA99apULX2O/6hfVm6dIwX+4imOUOoL3i813SDfaBoC+Th/L
Ye2lr4uu6ehLSwB8zzxl3x3kIzNeHN35kOzXDG8qyUOk8Zn1M94hUS9S1ZNYRBF8
gUPVnwRIji8ces/uAp/Zn+MMjEFgoinbA5UYUvd8G4WQ4vJKKKCmXUxQN+qFU68A
GQy5NtCEyru/a+xslrHB3TpdVJQQRonLdNd/AauWDKbqYY3UElU60n4+32uMANPc
sDw=
-----END CERTIFICATE-----
Generated at Sun Jul 13 15:22:13 2025 by rpki-client