Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e5ccec14-e28e-4293-bc2f-c216327b4af8.roa
File:                     e5ccec14-e28e-4293-bc2f-c216327b4af8.roa (raw, json)
Hash identifier:          azxjXXbSzqsl5q8octgve3jEXjcdvH7RPOvcImGVDIY=
Subject key identifier:   84:FA:4C:A0:EB:25:1D:C4:40:B1:5A:F1:90:DC:CF:0A:0F:F5:A8:F9
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       372F02971918EA5E043E3ED4F090A8EEB0236AA4
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e5ccec14-e28e-4293-bc2f-c216327b4af8.roa
Signing time:             Tue 16 Jul 2024 00:00:00 +0000
ROA not before:           Tue 16 Jul 2024 00:00:00 +0000
ROA not after:            Tue 20 Aug 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dafc:ff80::/46 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 21 Jul 2024 00:10:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:2f:02:97:19:18:ea:5e:04:3e:3e:d4:f0:90:a8:ee:b0:23:6a:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jul 16 00:00:00 2024 GMT
            Not After : Aug 20 23:59:59 2024 GMT
        Subject: serialNumber=1cf71107a31180f05424d7a3bb5c4154fee88da93869cc7e0e2659f9ffedd1ae, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:39:dd:cc:c0:4c:54:5d:26:27:e0:b7:4d:20:
                    2e:4d:a6:69:4d:4a:08:19:fa:ae:03:60:9e:a9:11:
                    25:de:06:21:d7:69:53:02:82:ce:b7:cb:82:36:8c:
                    19:45:09:87:03:7a:45:e8:e5:22:71:8e:73:43:26:
                    21:7d:2f:0d:d7:e3:1f:a8:f1:00:58:9e:2a:a3:ff:
                    1b:b0:d3:c7:8b:79:26:0f:56:db:3d:b7:9c:c3:ce:
                    e9:e9:2f:4c:88:6e:7c:fe:8a:80:34:82:d2:36:e3:
                    eb:c6:d1:c8:6d:47:3f:56:ba:6e:71:b7:aa:72:f3:
                    7e:0f:1c:f9:25:14:e9:c4:73:f7:8c:3b:bc:36:d4:
                    71:f7:90:9a:20:ee:6c:9d:7e:fa:95:4d:ed:8e:f5:
                    a1:51:02:fe:9e:b5:39:a8:b9:12:9a:59:8e:c8:18:
                    ff:de:be:d1:ff:b7:11:81:1a:b1:e0:d8:f2:25:f6:
                    0e:18:74:45:8f:6c:60:8d:78:29:34:6d:e8:20:1a:
                    44:a1:c1:93:ff:5e:2b:3f:9e:51:db:25:fb:30:9b:
                    0e:5c:ca:fa:25:8e:76:40:2a:f5:86:7f:7c:54:9e:
                    53:13:e2:5a:93:18:03:7b:11:94:66:ce:0b:8b:9f:
                    ff:4d:00:59:d0:82:7d:9d:b8:d3:bd:10:fd:1d:52:
                    8c:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:FA:4C:A0:EB:25:1D:C4:40:B1:5A:F1:90:DC:CF:0A:0F:F5:A8:F9
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e5ccec14-e28e-4293-bc2f-c216327b4af8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dafc:ff80::/46

    Signature Algorithm: sha256WithRSAEncryption
         5a:cc:f6:3b:34:72:d7:b7:6f:3f:07:c2:07:fc:f0:38:fd:60:
         fd:06:80:b9:44:38:05:a1:65:c8:31:19:98:d8:e1:cc:39:34:
         0a:c2:40:a6:33:32:8a:2f:3f:66:e5:bd:05:16:33:d0:f4:88:
         72:8a:31:bb:83:b9:7e:98:42:c6:3d:9c:69:6b:bc:80:a2:3e:
         94:ef:ee:7c:3d:37:74:77:5e:67:6e:e0:dd:0e:33:4f:52:61:
         c1:94:26:d2:49:12:7d:97:31:1d:fd:08:b4:15:dc:d7:d5:7d:
         2b:35:5c:6d:ad:c3:58:e1:da:65:be:4d:b0:1f:8d:a7:3a:36:
         6f:bf:ad:a5:25:7a:88:b4:5e:67:6b:bf:05:89:a2:d9:4c:c2:
         65:59:17:45:0d:10:13:9b:08:a8:7c:76:42:d9:b0:f9:53:52:
         9a:c9:1c:99:32:a0:11:96:25:78:d7:b2:94:0e:92:da:9f:b6:
         b1:14:05:86:95:48:02:14:22:8c:1c:c5:8b:67:c0:7b:0c:be:
         ba:a6:34:f0:ef:39:1a:de:a6:ff:97:59:5b:df:a5:39:0a:78:
         15:69:05:27:86:99:e3:fc:28:65:42:ec:39:6b:bd:06:42:19:
         b3:17:b3:7c:f1:56:3f:aa:78:83:23:cd:91:59:12:a9:53:c0:
         9b:a4:fe:30
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUNy8ClxkY6l4EPj7U8JCo7rAjaqQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcxNjAwMDAwMFoX
DTI0MDgyMDIzNTk1OVowejFJMEcGA1UEBRNAMWNmNzExMDdhMzExODBmMDU0MjRk
N2EzYmI1YzQxNTRmZWU4OGRhOTM4NjljYzdlMGUyNjU5ZjlmZmVkZDFhZTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDndzMBMVF0mJ+C3TSAuTaZpTUoI
GfquA2CeqREl3gYh12lTAoLOt8uCNowZRQmHA3pF6OUicY5zQyYhfS8N1+MfqPEA
WJ4qo/8bsNPHi3kmD1bbPbecw87p6S9MiG58/oqANILSNuPrxtHIbUc/Vrpucbeq
cvN+Dxz5JRTpxHP3jDu8NtRx95CaIO5snX76lU3tjvWhUQL+nrU5qLkSmlmOyBj/
3r7R/7cRgRqx4NjyJfYOGHRFj2xgjXgpNG3oIBpEocGT/14rP55R2yX7MJsOXMr6
JY52QCr1hn98VJ5TE+JakxgDexGUZs4Li5//TQBZ0IJ9nbjTvRD9HVKMcQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFIT6TKDrJR3EQLFa8ZDczwoP9aj5MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2U1Y2NlYzE0LWUyOGUtNDI5My1iYzJmLWMyMTYzMjdiNGFmOC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba/P+AMA0GCSqGSIb3DQEBCwUAA4IBAQBazPY7NHLXt28/B8IH
/PA4/WD9BoC5RDgFoWXIMRmY2OHMOTQKwkCmMzKKLz9m5b0FFjPQ9IhyijG7g7l+
mELGPZxpa7yAoj6U7+58PTd0d15nbuDdDjNPUmHBlCbSSRJ9lzEd/Qi0FdzX1X0r
NVxtrcNY4dplvk2wH42nOjZvv62lJXqItF5na78FiaLZTMJlWRdFDRATmwiofHZC
2bD5U1KayRyZMqARliV417KUDpLan7axFAWGlUgCFCKMHMWLZ8B7DL66pjTw7zka
3qb/l1lb36U5CngVaQUnhpnj/ChlQuw5a70GQhmzF7N88VY/qniDI82RWRKpU8Cb
pP4w
-----END CERTIFICATE-----
Generated at Wed Jul 17 01:05:27 2024 by rpki-client on console-ams.rpki-client.org