Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e80997c7-fc55-4344-b2e2-40a9dbd2cc34.roa
File:                     e80997c7-fc55-4344-b2e2-40a9dbd2cc34.roa (raw, json)
Hash identifier:          wYBDwrpf9wi8o0EPTbI+XTg1xfwbpSw3/0rOCopucTg=
Subject key identifier:   2D:57:78:07:21:92:0D:62:09:B3:2A:4C:CB:A3:E5:E7:12:7B:93:14
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       7CD804A6CE628C1F7E770D0905596959F5E2B89B
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e80997c7-fc55-4344-b2e2-40a9dbd2cc34.roa
Signing time:             Tue 25 Jun 2024 00:00:00 +0000
ROA not before:           Tue 25 Jun 2024 00:00:00 +0000
ROA not after:            Tue 30 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da70:c000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 21 Jul 2024 00:10:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:d8:04:a6:ce:62:8c:1f:7e:77:0d:09:05:59:69:59:f5:e2:b8:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jun 25 00:00:00 2024 GMT
            Not After : Jul 30 23:59:59 2024 GMT
        Subject: serialNumber=104059bb02a0c02ef7f3588b4421ac18aeeffb28ab3d681a69a0b1741ef90d59, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:de:27:88:b8:b4:07:09:9b:8f:ef:b4:19:d2:
                    ee:a1:e9:fd:5a:7b:09:77:a4:29:ab:21:c5:75:95:
                    00:b9:d2:9a:7e:04:4d:32:c7:55:03:56:5e:8b:f7:
                    0d:4e:d9:8d:de:38:ab:75:57:76:f7:18:a2:c3:b9:
                    47:46:ba:68:bb:8e:2a:56:d9:fc:8c:06:69:c7:3f:
                    f5:f8:85:c8:e6:86:d4:db:15:3c:0f:43:5d:19:55:
                    76:17:19:3b:ff:30:bc:d6:26:66:e9:f0:f0:1b:a5:
                    24:cf:55:c5:12:a0:55:20:55:32:05:50:6e:19:46:
                    64:53:d3:6e:79:9b:7a:95:97:57:78:68:9a:a4:f5:
                    6d:48:62:a4:64:86:eb:9d:6e:65:68:af:bb:f2:b1:
                    38:0c:e7:69:10:5a:b5:cd:c0:fe:8c:16:79:b0:8d:
                    f1:3b:c5:da:23:dd:a8:03:28:be:26:36:13:75:6d:
                    24:03:00:65:34:ea:c1:41:a8:4e:ae:2f:69:bb:3d:
                    38:7f:fc:2b:1c:10:e7:7d:75:ca:ad:d9:7a:b6:f8:
                    20:15:9b:66:11:b7:a0:17:b8:db:72:d5:5b:68:3f:
                    86:ed:99:11:b9:53:0e:69:b1:1a:c7:8f:4a:f7:bf:
                    d1:8c:d6:d1:02:52:13:fe:f6:18:cd:0e:55:dd:00:
                    22:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:57:78:07:21:92:0D:62:09:B3:2A:4C:CB:A3:E5:E7:12:7B:93:14
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e80997c7-fc55-4344-b2e2-40a9dbd2cc34.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da70:c000::/40

    Signature Algorithm: sha256WithRSAEncryption
         27:1a:a9:57:2f:3b:2a:20:65:07:c2:78:51:55:88:4a:3e:cd:
         c1:8c:a0:fd:ba:79:85:9b:b1:17:2d:d9:1d:e0:1a:02:55:a8:
         bd:7c:b3:78:db:a6:2e:01:86:37:ed:d4:3b:ec:08:86:78:9d:
         b0:41:68:bc:13:b2:6f:36:53:79:0a:45:50:dc:ac:ba:9f:f3:
         ed:35:26:48:6f:0f:ee:26:5e:ef:90:64:1b:79:d5:92:09:60:
         d1:80:29:19:a5:56:f4:12:2c:6d:c5:95:6f:8f:bf:4c:4e:29:
         91:f5:ac:ea:9e:03:b4:bf:ea:61:e8:8f:aa:98:71:77:23:a3:
         4a:0d:f0:f6:06:a1:61:31:20:b4:16:e8:c7:73:c3:e5:78:d4:
         0c:37:93:a6:59:fd:4a:e2:9d:2d:09:d7:41:f4:79:a7:b0:49:
         8b:55:52:65:b6:fe:fe:50:b8:fc:97:66:51:06:8f:25:ed:a7:
         c8:07:49:ba:83:73:ad:74:63:3e:a9:e6:31:38:60:4a:a3:d0:
         44:72:a5:b5:8c:57:c7:d0:42:3e:e6:b8:e5:ed:89:63:aa:33:
         5a:84:89:ab:c5:a7:80:da:57:c7:ee:71:7c:59:e7:44:f2:89:
         83:e9:4c:b9:d6:22:09:de:73:5b:7b:1f:0b:a8:65:9f:42:9b:
         88:ad:e9:46
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUfNgEps5ijB9+dw0JBVlpWfXiuJswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDYyNTAwMDAwMFoX
DTI0MDczMDIzNTk1OVowejFJMEcGA1UEBRNAMTA0MDU5YmIwMmEwYzAyZWY3ZjM1
ODhiNDQyMWFjMThhZWVmZmIyOGFiM2Q2ODFhNjlhMGIxNzQxZWY5MGQ1OTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnt4niLi0Bwmbj++0GdLuoen9WnsJ
d6QpqyHFdZUAudKafgRNMsdVA1Zei/cNTtmN3jirdVd29xiiw7lHRrpou44qVtn8
jAZpxz/1+IXI5obU2xU8D0NdGVV2Fxk7/zC81iZm6fDwG6Ukz1XFEqBVIFUyBVBu
GUZkU9NueZt6lZdXeGiapPVtSGKkZIbrnW5laK+78rE4DOdpEFq1zcD+jBZ5sI3x
O8XaI92oAyi+JjYTdW0kAwBlNOrBQahOri9puz04f/wrHBDnfXXKrdl6tvggFZtm
EbegF7jbctVbaD+G7ZkRuVMOabEax49K97/RjNbRAlIT/vYYzQ5V3QAinwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFC1XeAchkg1iCbMqTMuj5ecSe5MUMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2U4MDk5N2M3LWZjNTUtNDM0NC1iMmUyLTQwYTlkYmQyY2MzNC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbacMAwDQYJKoZIhvcNAQELBQADggEBACcaqVcvOyogZQfCeFFV
iEo+zcGMoP26eYWbsRct2R3gGgJVqL18s3jbpi4Bhjft1DvsCIZ4nbBBaLwTsm82
U3kKRVDcrLqf8+01JkhvD+4mXu+QZBt51ZIJYNGAKRmlVvQSLG3FlW+Pv0xOKZH1
rOqeA7S/6mHoj6qYcXcjo0oN8PYGoWExILQW6Mdzw+V41Aw3k6ZZ/UrinS0J10H0
eaewSYtVUmW2/v5QuPyXZlEGjyXtp8gHSbqDc610Yz6p5jE4YEqj0ERypbWMV8fQ
Qj7muOXtiWOqM1qEiavFp4DaV8fucXxZ50TyiYPpTLnWIgnec1t7HwuoZZ9Cm4it
6UY=
-----END CERTIFICATE-----
Generated at Wed Jul 17 01:05:27 2024 by rpki-client on console-ams.rpki-client.org