Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e34a1112-42b9-4563-9cde-de9af887a3d6.roa
File:                     e34a1112-42b9-4563-9cde-de9af887a3d6.roa (raw, json)
Hash identifier:          dTYsV5re29Sk6FNVRZEQvFGywZjVmr3jODVWp+Q3bVY=
Subject key identifier:   90:74:96:F8:AF:BF:DA:F7:2E:28:A9:2C:BE:47:9B:57:3D:C9:11:FA
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       0798A7D27F0E4D4E46B17257BF8582484A9C9A16
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e34a1112-42b9-4563-9cde-de9af887a3d6.roa
Signing time:             Fri 21 Jun 2024 00:00:00 +0000
ROA not before:           Fri 21 Jun 2024 00:00:00 +0000
ROA not after:            Fri 26 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da38:2000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 28 Jun 2024 00:11:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:98:a7:d2:7f:0e:4d:4e:46:b1:72:57:bf:85:82:48:4a:9c:9a:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jun 21 00:00:00 2024 GMT
            Not After : Jul 26 23:59:59 2024 GMT
        Subject: serialNumber=40d151b993c50d3bae92a7cd9457b7903d32fb9227255f6de570d7aed354ea66, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:7f:81:0c:a6:e3:e8:f9:cb:3d:48:8f:66:59:
                    82:15:d2:90:e9:b6:e6:2d:38:a1:f3:da:d6:e4:e3:
                    23:02:d7:1c:0f:26:9a:da:44:dc:91:e5:9a:4f:c2:
                    02:cf:fd:f6:28:2c:4e:d6:a2:fd:c5:3d:86:d0:e2:
                    e3:5f:18:2c:8c:81:bf:76:83:26:b3:9b:91:d2:a4:
                    9a:df:b3:a3:48:0c:b3:b5:f3:e6:eb:43:0a:a1:53:
                    ac:5d:0e:14:51:e5:c4:46:a0:8c:3e:ee:dc:b8:a2:
                    3f:d2:1e:b6:c8:6f:e8:d9:f0:e4:a3:53:7c:f0:cc:
                    4b:aa:a5:a3:47:5f:e4:51:3c:65:51:77:22:04:18:
                    30:0b:68:9a:65:59:e1:a7:32:66:be:52:d3:ed:4a:
                    03:6a:7c:b3:28:66:34:95:19:14:6c:69:b6:7c:24:
                    34:97:9c:b9:3d:54:cd:c2:e4:7b:d7:cd:6d:77:84:
                    a7:f0:33:e1:51:eb:cc:d4:68:54:75:e8:4b:4c:84:
                    83:e6:d7:6a:c7:18:fe:7b:35:58:47:e3:82:77:ed:
                    8a:d0:c1:3a:d6:8b:62:f1:07:32:f2:fa:f1:7b:de:
                    82:be:62:b9:7a:2a:d4:ee:5a:8f:d3:88:86:81:d9:
                    b5:06:4d:4b:cf:8e:27:ae:b5:2d:81:b3:7c:62:8b:
                    ff:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:74:96:F8:AF:BF:DA:F7:2E:28:A9:2C:BE:47:9B:57:3D:C9:11:FA
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e34a1112-42b9-4563-9cde-de9af887a3d6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da38:2000::/40

    Signature Algorithm: sha256WithRSAEncryption
         bb:6a:54:6c:4c:35:50:b5:1e:f1:04:16:32:e6:b6:bb:34:18:
         31:d0:ac:78:bd:be:fc:cd:71:18:c2:6d:78:3e:58:3a:8b:95:
         a2:32:66:f7:85:8a:08:ce:84:e8:79:8a:15:47:e3:d9:e5:f2:
         9b:0c:14:93:08:88:d7:d3:6a:72:a7:75:2e:47:fe:2b:9b:01:
         a4:3f:87:6a:06:4f:25:68:dd:31:9d:d7:57:bc:3b:4c:2a:c8:
         1d:6a:92:84:19:b5:d1:66:46:2d:7d:f1:be:92:f9:b6:33:77:
         46:2e:b2:80:4f:37:27:3c:58:e9:55:c2:5f:5c:5e:ba:21:98:
         be:3f:6b:75:67:45:38:6f:a0:9e:bb:33:31:d2:a3:e2:f4:e3:
         ff:5f:38:be:03:cd:88:9f:9c:a0:36:5d:1a:ab:2c:9f:cd:45:
         28:a2:d0:8c:09:18:e8:81:3f:67:88:52:4d:e1:c8:11:51:06:
         47:11:09:f9:e2:f3:35:55:60:b9:5f:64:f3:2a:7e:cc:f0:73:
         fe:96:ba:4a:ba:98:13:5b:23:97:cd:37:92:e7:d1:fc:57:c2:
         d4:e1:dd:c3:a6:59:07:c7:8a:28:6f:6f:8f:42:6e:5c:15:1d:
         91:30:dc:54:55:fc:b5:53:64:b7:ac:0d:da:ee:75:a6:1c:c6:
         93:f8:44:81
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUB5in0n8OTU5GsXJXv4WCSEqcmhYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDYyMTAwMDAwMFoX
DTI0MDcyNjIzNTk1OVowejFJMEcGA1UEBRNANDBkMTUxYjk5M2M1MGQzYmFlOTJh
N2NkOTQ1N2I3OTAzZDMyZmI5MjI3MjU1ZjZkZTU3MGQ3YWVkMzU0ZWE2NjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtX+BDKbj6PnLPUiPZlmCFdKQ6bbm
LTih89rW5OMjAtccDyaa2kTckeWaT8ICz/32KCxO1qL9xT2G0OLjXxgsjIG/doMm
s5uR0qSa37OjSAyztfPm60MKoVOsXQ4UUeXERqCMPu7cuKI/0h62yG/o2fDko1N8
8MxLqqWjR1/kUTxlUXciBBgwC2iaZVnhpzJmvlLT7UoDanyzKGY0lRkUbGm2fCQ0
l5y5PVTNwuR7181td4Sn8DPhUevM1GhUdehLTISD5tdqxxj+ezVYR+OCd+2K0ME6
1oti8Qcy8vrxe96CvmK5eirU7lqP04iGgdm1Bk1Lz44nrrUtgbN8Yov/wQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFJB0lvivv9r3LiipLL5Hm1c9yRH6MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2UzNGExMTEyLTQyYjktNDU2My05Y2RlLWRlOWFmODg3YTNkNi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaOCAwDQYJKoZIhvcNAQELBQADggEBALtqVGxMNVC1HvEEFjLm
trs0GDHQrHi9vvzNcRjCbXg+WDqLlaIyZveFigjOhOh5ihVH49nl8psMFJMIiNfT
anKndS5H/iubAaQ/h2oGTyVo3TGd11e8O0wqyB1qkoQZtdFmRi198b6S+bYzd0Yu
soBPNyc8WOlVwl9cXrohmL4/a3VnRThvoJ67MzHSo+L04/9fOL4DzYifnKA2XRqr
LJ/NRSii0IwJGOiBP2eIUk3hyBFRBkcRCfni8zVVYLlfZPMqfszwc/6Wukq6mBNb
I5fNN5Ln0fxXwtTh3cOmWQfHiihvb49CblwVHZEw3FRV/LVTZLesDdrudaYcxpP4
RIE=
-----END CERTIFICATE-----
Generated at Mon Jun 24 00:42:56 2024 by rpki-client on console-fra.rpki-client.org