Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea4aa742-f8b2-48b7-88b3-6ffe63189359.roa
File:                     ea4aa742-f8b2-48b7-88b3-6ffe63189359.roa (raw, json)
Hash identifier:          ytQ7IuOaE7nol35/sCCLI4jFQgockJVbRHb64IifKvI=
Subject key identifier:   1F:75:6F:9E:F7:8A:15:02:A4:A9:90:68:96:87:6C:5B:56:E3:F7:67
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       5F2DF1BC5DC484F094BF1737EDA45CC6EB64C6D6
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea4aa742-f8b2-48b7-88b3-6ffe63189359.roa
Signing time:             Mon 27 May 2024 00:00:00 +0000
ROA not before:           Mon 27 May 2024 00:00:00 +0000
ROA not after:            Mon 01 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da30:9000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 18 Jun 2024 00:10:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:2d:f1:bc:5d:c4:84:f0:94:bf:17:37:ed:a4:5c:c6:eb:64:c6:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: May 27 00:00:00 2024 GMT
            Not After : Jul  1 23:59:59 2024 GMT
        Subject: serialNumber=4ebfcb179319d138e3a6d3fbaf126d6b5cbc7dca718ad0afca1f7e76b3227498, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:ce:84:64:7c:80:90:a6:d9:44:d7:0b:8e:aa:
                    79:a9:37:63:11:2a:b2:5a:1f:ea:0a:58:1b:ca:5b:
                    b2:e2:80:6e:e4:df:fd:6c:e2:8b:55:58:72:4f:74:
                    0d:9d:99:97:88:b9:89:0c:00:0c:f7:9b:d4:28:41:
                    ad:97:7f:b5:89:bf:35:ae:ee:b0:1f:19:2d:a4:49:
                    bf:75:66:66:df:a4:f6:e6:38:ef:e9:c4:74:21:fe:
                    9d:c3:2b:04:21:db:5d:1d:1b:72:9d:c5:1e:c2:1d:
                    39:1d:e4:c4:55:52:29:3f:a5:d2:c0:d2:93:62:50:
                    d0:bc:5c:6f:ca:8a:d6:ab:e1:95:c9:3a:cd:e3:8e:
                    90:57:4e:a2:3a:0b:4a:ac:3a:80:15:87:32:65:99:
                    92:8e:86:50:d5:af:f8:e4:33:3a:6d:52:fe:92:4b:
                    0a:04:51:2b:c0:e1:1f:c9:de:f8:85:8f:6a:7d:92:
                    16:e8:69:3e:de:09:9d:5a:af:3b:60:cc:c4:e1:bf:
                    11:c6:e0:94:a5:45:51:c5:0c:c4:ab:0b:5b:9a:5d:
                    08:38:8b:d0:46:5c:cb:3d:9c:4d:19:2e:78:d3:dd:
                    63:5e:46:2c:dd:55:e3:6d:06:03:73:d2:73:c8:86:
                    dd:97:85:65:9f:25:c9:eb:7a:4c:5b:c7:23:d4:da:
                    10:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:75:6F:9E:F7:8A:15:02:A4:A9:90:68:96:87:6C:5B:56:E3:F7:67
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea4aa742-f8b2-48b7-88b3-6ffe63189359.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da30:9000::/40

    Signature Algorithm: sha256WithRSAEncryption
         0b:4b:a0:5e:6b:82:50:9d:be:dc:56:c4:a2:d1:be:7c:9a:ff:
         20:c9:fd:43:fd:45:c3:52:b8:a4:72:5c:9b:39:cd:d4:c5:99:
         35:bd:fa:31:37:ed:a7:df:f3:90:8f:4a:58:48:bf:b1:4a:64:
         11:cb:9f:39:0b:db:3d:d2:21:e0:34:22:a6:ec:4f:1d:72:fd:
         a7:aa:ca:57:9b:0a:2b:98:c4:fa:11:57:2a:f6:47:50:fd:68:
         b1:47:7e:62:54:a8:97:06:5b:f8:02:a8:05:ff:b4:e1:70:e0:
         f6:96:0d:ac:dd:94:a3:43:e0:56:50:44:92:00:b2:fb:b4:53:
         b7:ce:47:a6:a5:f4:9c:3e:c5:de:a3:69:cf:f7:26:67:92:5a:
         18:9d:f5:73:73:2e:12:c5:8b:5b:7f:53:8d:f0:23:0d:89:e4:
         bd:44:35:f9:43:bd:84:ca:19:32:91:54:ef:ca:63:46:c3:da:
         80:ee:ff:aa:06:8b:15:76:07:e5:2f:5b:ea:e3:b0:c1:ff:21:
         dd:3b:e7:28:14:60:6a:64:6a:2c:49:ed:74:67:37:23:9c:c8:
         6f:9f:85:6d:3e:e4:37:e7:db:ae:f6:a9:a2:61:32:a4:b4:80:
         d7:b1:04:3c:fc:8c:23:6b:49:e5:92:24:83:20:c8:64:54:9f:
         02:6d:ec:0c
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUXy3xvF3EhPCUvxc37aRcxutkxtYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUyNzAwMDAwMFoX
DTI0MDcwMTIzNTk1OVowejFJMEcGA1UEBRNANGViZmNiMTc5MzE5ZDEzOGUzYTZk
M2ZiYWYxMjZkNmI1Y2JjN2RjYTcxOGFkMGFmY2ExZjdlNzZiMzIyNzQ5ODEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA386EZHyAkKbZRNcLjqp5qTdjESqy
Wh/qClgbyluy4oBu5N/9bOKLVVhyT3QNnZmXiLmJDAAM95vUKEGtl3+1ib81ru6w
HxktpEm/dWZm36T25jjv6cR0If6dwysEIdtdHRtyncUewh05HeTEVVIpP6XSwNKT
YlDQvFxvyorWq+GVyTrN446QV06iOgtKrDqAFYcyZZmSjoZQ1a/45DM6bVL+kksK
BFErwOEfyd74hY9qfZIW6Gk+3gmdWq87YMzE4b8RxuCUpUVRxQzEqwtbml0IOIvQ
RlzLPZxNGS54091jXkYs3VXjbQYDc9JzyIbdl4VlnyXJ63pMW8cj1NoQhQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFB91b573ihUCpKmQaJaHbFtW4/dnMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2VhNGFhNzQyLWY4YjItNDhiNy04OGIzLTZmZmU2MzE4OTM1OS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaMJAwDQYJKoZIhvcNAQELBQADggEBAAtLoF5rglCdvtxWxKLR
vnya/yDJ/UP9RcNSuKRyXJs5zdTFmTW9+jE37aff85CPSlhIv7FKZBHLnzkL2z3S
IeA0IqbsTx1y/aeqylebCiuYxPoRVyr2R1D9aLFHfmJUqJcGW/gCqAX/tOFw4PaW
DazdlKND4FZQRJIAsvu0U7fOR6al9Jw+xd6jac/3JmeSWhid9XNzLhLFi1t/U43w
Iw2J5L1ENflDvYTKGTKRVO/KY0bD2oDu/6oGixV2B+UvW+rjsMH/Id075ygUYGpk
aixJ7XRnNyOcyG+fhW0+5Dfn2672qaJhMqS0gNexBDz8jCNrSeWSJIMgyGRUnwJt
7Aw=
-----END CERTIFICATE-----
Generated at Fri Jun 14 16:48:07 2024 by rpki-client on console-fra.rpki-client.org