Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e527b4cc-d757-4fe5-b860-39f3cd54f2dc.roa
File:                     e527b4cc-d757-4fe5-b860-39f3cd54f2dc.roa (raw, json)
Hash identifier:          NTDKaWDtN2utUxoRyQvKD/IWPnUtdMzYny1RkqDWyLE=
Subject key identifier:   EA:49:2F:41:DD:DD:A5:36:11:B0:BE:80:FB:2C:55:7B:25:07:54:4F
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       12FA6BDAF5F52338D9D1688C27B058FF5F0B5674
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e527b4cc-d757-4fe5-b860-39f3cd54f2dc.roa
Signing time:             Mon 18 Sep 2023 00:00:00 +0000
ROA not before:           Mon 18 Sep 2023 00:00:00 +0000
ROA not after:            Mon 23 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf2:1000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 20 Sep 2023 03:07:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:fa:6b:da:f5:f5:23:38:d9:d1:68:8c:27:b0:58:ff:5f:0b:56:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Sep 18 00:00:00 2023 GMT
            Not After : Oct 23 23:59:59 2023 GMT
        Subject: serialNumber=73eba5b42d490bfbf78815a5649d698f21671b605afc91279c4ad3820a1ccbe2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:82:16:77:39:37:5f:a9:5e:52:64:b1:71:19:
                    f8:94:cd:70:b1:ca:9c:04:47:96:3f:37:32:e3:15:
                    e5:92:ed:05:9b:72:d9:c9:40:8b:bf:de:e7:c5:a0:
                    23:c3:3b:13:12:5f:ba:69:2b:c3:54:5e:7e:0a:84:
                    7f:1f:09:aa:a4:ec:87:f2:f5:ca:6f:84:1f:40:d3:
                    81:1a:87:83:c5:10:46:f1:72:11:fa:c5:6e:e8:37:
                    31:da:cb:a1:4b:91:bc:55:c4:6a:4c:2c:68:5a:0d:
                    8f:55:b2:7c:1e:45:c7:80:79:87:a2:b1:6c:69:66:
                    6c:36:49:af:af:56:00:c1:bc:53:68:18:a0:9a:51:
                    de:62:81:bc:c8:3c:5f:ec:9d:19:71:ac:9b:e9:d8:
                    fd:d3:47:41:09:80:29:8d:1c:3a:c8:93:19:b9:c3:
                    1b:10:cb:ca:f5:81:8c:2c:be:d5:ad:2f:24:86:e9:
                    97:1d:8d:18:0b:34:7a:a5:89:31:53:02:55:99:8c:
                    16:02:31:d8:eb:69:fd:ec:66:59:2f:42:83:21:de:
                    7c:af:e1:1a:b0:2a:b2:2d:d5:27:96:a9:a4:35:60:
                    13:eb:d2:f7:22:42:79:de:99:03:11:4b:d8:e5:67:
                    cf:f3:f2:69:ae:07:47:04:fe:09:10:30:83:39:4f:
                    4f:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:49:2F:41:DD:DD:A5:36:11:B0:BE:80:FB:2C:55:7B:25:07:54:4F
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e527b4cc-d757-4fe5-b860-39f3cd54f2dc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf2:1000::/40

    Signature Algorithm: sha256WithRSAEncryption
         68:5d:49:59:4b:fa:ec:37:48:68:42:ae:cc:05:5b:8b:6f:30:
         36:eb:98:2e:a2:53:c5:4a:e6:af:20:49:9a:25:47:ca:d2:4e:
         7c:73:01:b8:9f:79:a1:81:16:a7:d1:8f:56:98:87:fa:d6:6a:
         11:ab:b9:5d:11:66:6d:88:8c:4e:ab:b3:24:54:ed:63:35:7c:
         6a:20:66:35:f9:75:df:5c:19:f2:66:5d:4c:cc:4c:f3:c5:1f:
         b9:3c:bc:b4:8b:ba:59:b7:6c:e9:37:ca:d4:b8:dd:eb:38:e2:
         ca:76:b3:06:d2:14:46:2e:9c:45:d2:08:11:86:93:b6:a6:1b:
         cc:38:08:73:9a:f9:d0:25:ce:8d:59:1f:c3:6b:2c:70:c2:ce:
         ae:7e:2b:00:4e:5b:68:11:d4:19:c8:20:15:94:b6:c0:84:3b:
         75:d3:e2:c4:48:4c:ad:96:77:3e:59:ba:e2:f6:02:cf:10:a3:
         ef:47:f8:90:4c:c2:34:58:c4:b1:a6:67:28:b6:6b:d1:ba:27:
         22:d2:8b:58:d1:da:98:34:6f:40:59:36:fb:89:eb:21:6c:c4:
         ee:3e:a0:f7:55:13:27:15:8e:37:f0:38:20:9c:80:6a:97:60:
         34:26:70:c0:03:c5:5c:4a:8e:76:01:90:a0:94:ec:e2:9c:cb:
         17:b7:7f:56
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUEvpr2vX1IzjZ0WiMJ7BY/18LVnQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkxODAwMDAwMFoX
DTIzMTAyMzIzNTk1OVowejFJMEcGA1UEBRNANzNlYmE1YjQyZDQ5MGJmYmY3ODgx
NWE1NjQ5ZDY5OGYyMTY3MWI2MDVhZmM5MTI3OWM0YWQzODIwYTFjY2JlMjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIIWdzk3X6leUmSxcRn4lM1wscqc
BEeWPzcy4xXlku0Fm3LZyUCLv97nxaAjwzsTEl+6aSvDVF5+CoR/HwmqpOyH8vXK
b4QfQNOBGoeDxRBG8XIR+sVu6Dcx2suhS5G8VcRqTCxoWg2PVbJ8HkXHgHmHorFs
aWZsNkmvr1YAwbxTaBigmlHeYoG8yDxf7J0Zcayb6dj900dBCYApjRw6yJMZucMb
EMvK9YGMLL7VrS8khumXHY0YCzR6pYkxUwJVmYwWAjHY62n97GZZL0KDId58r+Ea
sCqyLdUnlqmkNWAT69L3IkJ53pkDEUvY5WfP8/JprgdHBP4JEDCDOU9PGQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFOpJL0Hd3aU2EbC+gPssVXslB1RPMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2U1MjdiNGNjLWQ3NTctNGZlNS1iODYwLTM5ZjNjZDU0ZjJkYy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba8hAwDQYJKoZIhvcNAQELBQADggEBAGhdSVlL+uw3SGhCrswF
W4tvMDbrmC6iU8VK5q8gSZolR8rSTnxzAbifeaGBFqfRj1aYh/rWahGruV0RZm2I
jE6rsyRU7WM1fGogZjX5dd9cGfJmXUzMTPPFH7k8vLSLulm3bOk3ytS43es44sp2
swbSFEYunEXSCBGGk7amG8w4CHOa+dAlzo1ZH8NrLHDCzq5+KwBOW2gR1BnIIBWU
tsCEO3XT4sRITK2Wdz5ZuuL2As8Qo+9H+JBMwjRYxLGmZyi2a9G6JyLSi1jR2pg0
b0BZNvuJ6yFsxO4+oPdVEycVjjfwOCCcgGqXYDQmcMADxVxKjnYBkKCU7OKcyxe3
f1Y=
-----END CERTIFICATE-----
Generated at Mon Sep 18 15:40:40 2023 by rpki-client on console-ams.rpki-client.org