Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fef3abf6-f2e0-44e8-a7b3-1c87c9c1d26f.roa
File:                     fef3abf6-f2e0-44e8-a7b3-1c87c9c1d26f.roa (raw, json)
Hash identifier:          kcfiVlRM/MtfOMH2+Ab6S4NsnchsIDakj/L7TJ1Akxo=
Subject key identifier:   EF:AF:17:43:43:00:2E:6C:AB:D8:16:E8:B7:79:77:D2:D9:DE:DD:79
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       446F0E64CA230DCC085A4D32D64230BAD6952BF2
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fef3abf6-f2e0-44e8-a7b3-1c87c9c1d26f.roa
Signing time:             Mon 27 May 2024 00:00:00 +0000
ROA not before:           Mon 27 May 2024 00:00:00 +0000
ROA not after:            Mon 01 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da38:f000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 19 Jun 2024 00:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:6f:0e:64:ca:23:0d:cc:08:5a:4d:32:d6:42:30:ba:d6:95:2b:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: May 27 00:00:00 2024 GMT
            Not After : Jul  1 23:59:59 2024 GMT
        Subject: serialNumber=48b0895a45189606e32b9f07e0deb3c7c2a7e020aea65e04dc5a7a8c6a6fa97b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:34:b1:24:a6:4f:e8:0c:d0:b6:2b:9f:c2:04:
                    c9:94:36:95:f0:f9:95:b4:fb:43:6a:b6:f2:51:2e:
                    3f:fe:ba:9e:80:96:3b:f6:40:c7:c1:c9:d3:c6:46:
                    b0:23:57:87:ec:d7:6c:81:3e:3b:95:a6:93:89:07:
                    cb:eb:ae:95:e8:e7:fd:95:a0:c7:fc:f2:18:59:99:
                    38:72:97:2f:e0:59:ba:c6:50:93:28:6a:1a:af:e0:
                    78:4f:07:f9:a0:cb:e3:ef:c4:a9:92:e6:48:25:ba:
                    de:75:a0:0b:f0:df:0d:24:df:32:ee:f6:3d:12:7c:
                    d8:65:73:42:35:6e:0e:d9:33:df:14:e4:68:d4:97:
                    58:6f:d9:00:31:52:41:09:ff:d3:f9:dc:4a:53:56:
                    8c:c5:09:ad:96:3f:9f:5c:bd:86:30:d6:3e:b9:8c:
                    3e:2b:89:be:28:f9:48:97:17:ac:04:d0:fb:c2:57:
                    5d:87:8e:83:85:22:34:29:fc:05:6e:8f:5e:ee:3c:
                    84:71:42:4f:0a:c1:64:8e:d6:69:4d:92:ff:2f:f9:
                    11:e3:fb:c1:06:1d:66:4a:78:b8:f1:75:bd:e7:40:
                    cf:a6:22:bb:f5:14:49:19:dd:47:61:74:f9:17:76:
                    37:bc:8c:6a:6b:56:53:a3:b6:93:38:76:ce:5d:50:
                    06:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:AF:17:43:43:00:2E:6C:AB:D8:16:E8:B7:79:77:D2:D9:DE:DD:79
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fef3abf6-f2e0-44e8-a7b3-1c87c9c1d26f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da38:f000::/40

    Signature Algorithm: sha256WithRSAEncryption
         06:db:c7:6d:cb:33:91:aa:0b:f3:c2:93:9e:21:4d:77:48:60:
         a3:ee:28:3b:ff:72:70:32:ee:f6:2f:ca:2d:79:41:a8:59:13:
         e8:8b:8e:0d:78:f7:45:df:4c:75:0c:7d:16:74:39:9f:fe:87:
         88:dc:ce:18:6b:f7:b7:1d:39:c0:fd:f4:ea:af:b1:40:d2:c8:
         7f:7e:18:ee:38:ba:de:09:0a:cf:17:f7:2d:eb:f8:20:1a:d8:
         4e:29:2b:48:13:e4:ff:70:c2:e0:ed:ad:d0:7c:0f:c9:0a:46:
         5b:de:4c:28:90:1e:5f:40:80:0f:39:87:42:4b:bd:b4:80:c3:
         e1:66:84:f1:9e:c8:43:0c:65:cf:ee:e6:92:25:46:0e:11:13:
         f4:8b:87:07:8e:7c:88:6f:61:fe:28:0a:3c:67:45:8a:db:d9:
         ec:25:7e:ce:c4:3d:d3:54:61:9f:10:0c:b3:fd:4f:4c:9b:c7:
         8e:bd:8c:5c:a0:b0:e9:d4:0d:8a:d7:c2:4d:f5:c5:c8:93:ac:
         58:0a:24:03:f7:7c:94:c1:ed:f4:43:8f:17:c5:fc:c2:b2:93:
         a4:ca:17:fd:3c:37:44:b1:65:d6:b4:7a:ce:37:8f:38:72:5f:
         22:ae:07:fa:38:f3:d9:16:d9:48:d6:c4:6e:53:37:10:7c:40:
         cd:83:6d:77
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIURG8OZMojDcwIWk0y1kIwutaVK/IwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUyNzAwMDAwMFoX
DTI0MDcwMTIzNTk1OVowejFJMEcGA1UEBRNANDhiMDg5NWE0NTE4OTYwNmUzMmI5
ZjA3ZTBkZWIzYzdjMmE3ZTAyMGFlYTY1ZTA0ZGM1YTdhOGM2YTZmYTk3YjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3zSxJKZP6AzQtiufwgTJlDaV8PmV
tPtDarbyUS4//rqegJY79kDHwcnTxkawI1eH7NdsgT47laaTiQfL666V6Of9laDH
/PIYWZk4cpcv4Fm6xlCTKGoar+B4Twf5oMvj78SpkuZIJbredaAL8N8NJN8y7vY9
EnzYZXNCNW4O2TPfFORo1JdYb9kAMVJBCf/T+dxKU1aMxQmtlj+fXL2GMNY+uYw+
K4m+KPlIlxesBND7wlddh46DhSI0KfwFbo9e7jyEcUJPCsFkjtZpTZL/L/kR4/vB
Bh1mSni48XW950DPpiK79RRJGd1HYXT5F3Y3vIxqa1ZTo7aTOHbOXVAGBwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFO+vF0NDAC5sq9gW6Ld5d9LZ3t15MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2ZlZjNhYmY2LWYyZTAtNDRlOC1hN2IzLTFjODdjOWMxZDI2Zi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaOPAwDQYJKoZIhvcNAQELBQADggEBAAbbx23LM5GqC/PCk54h
TXdIYKPuKDv/cnAy7vYvyi15QahZE+iLjg1490XfTHUMfRZ0OZ/+h4jczhhr97cd
OcD99OqvsUDSyH9+GO44ut4JCs8X9y3r+CAa2E4pK0gT5P9wwuDtrdB8D8kKRlve
TCiQHl9AgA85h0JLvbSAw+FmhPGeyEMMZc/u5pIlRg4RE/SLhweOfIhvYf4oCjxn
RYrb2ewlfs7EPdNUYZ8QDLP9T0ybx469jFygsOnUDYrXwk31xciTrFgKJAP3fJTB
7fRDjxfF/MKyk6TKF/08N0SxZda0es43jzhyXyKuB/o489kW2UjWxG5TNxB8QM2D
bXc=
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:42:07 2024 by rpki-client on console-ams.rpki-client.org