Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb17f286-f77e-445f-a084-0fef8b29ef6e.roa
File:                     fb17f286-f77e-445f-a084-0fef8b29ef6e.roa (raw, json)
Hash identifier:          Cnh2MM7ZQ0GqkUsGWHf4avPnL7dscoAHGqUtoAR5BEc=
Subject key identifier:   3A:5D:CD:43:75:F9:64:0D:DD:05:87:C9:49:1D:2B:2B:2E:81:25:6A
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       60081F055B0985DBB2267819F45452D444985FDA
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb17f286-f77e-445f-a084-0fef8b29ef6e.roa
Signing time:             Fri 31 May 2024 00:00:00 +0000
ROA not before:           Fri 31 May 2024 00:00:00 +0000
ROA not after:            Fri 05 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dab8:800::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 19 Jun 2024 00:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:08:1f:05:5b:09:85:db:b2:26:78:19:f4:54:52:d4:44:98:5f:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: May 31 00:00:00 2024 GMT
            Not After : Jul  5 23:59:59 2024 GMT
        Subject: serialNumber=51743cf3256cca00a461dd19723c169f96164efea9e71a7212c550080bb5abaa, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:48:37:c1:aa:75:71:c3:00:58:fe:0a:85:f1:
                    41:cb:14:44:40:01:90:f5:9a:09:3a:cd:0e:b3:05:
                    61:2d:02:3b:08:ba:a6:f6:58:f3:9e:f2:45:8a:d0:
                    5d:be:b8:41:0d:d4:f3:a4:d3:c8:5c:3c:3a:9f:3a:
                    89:f8:71:a8:56:29:77:39:15:c9:70:27:52:61:df:
                    15:91:ff:f3:98:98:18:75:51:b7:28:18:5d:c1:ea:
                    92:ad:e1:5f:76:f7:a0:ce:b9:17:fc:77:25:a3:96:
                    d8:8d:29:e7:1a:6f:b8:80:b6:b0:be:ca:c7:8c:9f:
                    9f:6c:fc:f6:6c:20:e0:62:a8:08:ef:36:ed:8b:23:
                    79:e8:64:69:c7:5f:22:f2:76:0a:2a:32:bd:67:56:
                    eb:5f:b6:60:18:b0:56:08:45:f7:00:c9:2b:f5:40:
                    6f:f5:82:bd:28:a6:fb:1c:f8:05:65:81:4b:bd:6a:
                    b7:d7:ab:ae:08:0f:7b:e0:6f:ad:96:b3:a9:98:7e:
                    e9:8e:b1:26:b5:94:36:40:d2:49:8a:5d:ff:08:21:
                    85:6b:41:1a:f9:cd:a7:85:be:d3:b1:0f:37:e5:89:
                    01:d6:19:7c:6d:51:f5:67:08:7a:98:f0:30:c6:c3:
                    a0:0a:bd:b0:19:69:71:15:07:fa:30:f5:d2:e0:53:
                    4a:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:5D:CD:43:75:F9:64:0D:DD:05:87:C9:49:1D:2B:2B:2E:81:25:6A
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb17f286-f77e-445f-a084-0fef8b29ef6e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dab8:800::/40

    Signature Algorithm: sha256WithRSAEncryption
         7a:22:00:2b:5e:09:c4:26:9a:09:05:35:4e:2e:10:f0:c7:26:
         17:10:e5:58:70:bf:f2:7b:f9:34:35:a0:6a:9b:a7:1f:9c:e6:
         95:ef:cb:96:21:2c:16:38:16:16:d9:91:74:b2:8b:a4:bb:00:
         59:96:06:a7:47:30:4f:9c:85:1d:95:f0:1d:94:54:ce:61:e5:
         5d:5b:54:7e:a1:69:88:9c:d5:48:8e:5d:81:97:ff:04:ec:5b:
         e1:e1:66:c6:3e:2c:64:c2:cf:cf:38:8d:d3:b4:45:a2:f5:02:
         0e:65:67:5d:43:af:eb:a8:8e:3e:94:19:77:b1:db:0f:4e:22:
         34:c6:29:8e:01:30:73:9d:63:da:44:85:fd:34:36:1d:63:f2:
         c7:43:20:1b:85:77:0c:d3:31:fb:e1:26:45:5a:47:52:5f:0c:
         c0:c2:40:5e:c2:63:10:19:75:d9:f5:a2:93:07:00:5e:68:82:
         89:ad:d1:d5:1f:ab:db:56:2a:ed:c8:66:93:0f:04:09:38:55:
         69:a9:4c:ac:6a:59:8c:03:5a:0d:df:e5:96:33:89:b0:8f:7b:
         be:f5:01:f4:32:12:20:f9:a6:cf:76:74:cb:c7:d8:db:71:9b:
         13:36:c6:ea:c4:81:30:98:49:6c:6e:8c:75:d0:b8:85:1b:71:
         0d:82:e9:87
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUYAgfBVsJhduyJngZ9FRS1ESYX9owDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUzMTAwMDAwMFoX
DTI0MDcwNTIzNTk1OVowejFJMEcGA1UEBRNANTE3NDNjZjMyNTZjY2EwMGE0NjFk
ZDE5NzIzYzE2OWY5NjE2NGVmZWE5ZTcxYTcyMTJjNTUwMDgwYmI1YWJhYTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUg3wap1ccMAWP4KhfFByxREQAGQ
9ZoJOs0OswVhLQI7CLqm9ljznvJFitBdvrhBDdTzpNPIXDw6nzqJ+HGoVil3ORXJ
cCdSYd8Vkf/zmJgYdVG3KBhdweqSreFfdvegzrkX/Hclo5bYjSnnGm+4gLawvsrH
jJ+fbPz2bCDgYqgI7zbtiyN56GRpx18i8nYKKjK9Z1brX7ZgGLBWCEX3AMkr9UBv
9YK9KKb7HPgFZYFLvWq316uuCA974G+tlrOpmH7pjrEmtZQ2QNJJil3/CCGFa0Ea
+c2nhb7TsQ835YkB1hl8bVH1Zwh6mPAwxsOgCr2wGWlxFQf6MPXS4FNKjQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFDpdzUN1+WQN3QWHyUkdKysugSVqMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2ZiMTdmMjg2LWY3N2UtNDQ1Zi1hMDg0LTBmZWY4YjI5ZWY2ZS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbauAgwDQYJKoZIhvcNAQELBQADggEBAHoiACteCcQmmgkFNU4u
EPDHJhcQ5Vhwv/J7+TQ1oGqbpx+c5pXvy5YhLBY4FhbZkXSyi6S7AFmWBqdHME+c
hR2V8B2UVM5h5V1bVH6haYic1UiOXYGX/wTsW+HhZsY+LGTCz884jdO0RaL1Ag5l
Z11Dr+uojj6UGXex2w9OIjTGKY4BMHOdY9pEhf00Nh1j8sdDIBuFdwzTMfvhJkVa
R1JfDMDCQF7CYxAZddn1opMHAF5ogomt0dUfq9tWKu3IZpMPBAk4VWmpTKxqWYwD
Wg3f5ZYzibCPe771AfQyEiD5ps92dMvH2NtxmxM2xurEgTCYSWxujHXQuIUbcQ2C
6Yc=
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:01:51 2024 by rpki-client on console-fra.rpki-client.org