Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/97e51edc-22c5-4cb0-846c-06d6751df3b4.roa
File:                     97e51edc-22c5-4cb0-846c-06d6751df3b4.roa (raw, json)
Hash identifier:          mIEQVk32t5K3vpR2WXUTCDbPkc4XN9RZSSCpDQx+cuk=
Subject key identifier:   A9:8B:A6:5D:46:2B:B5:5A:DB:A7:17:8E:45:A9:B4:C2:74:61:F7:8C
Certificate issuer:       /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial:       746A4EF84EB16A3BA7CE42C3136AFB97B46CBAF1
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/97e51edc-22c5-4cb0-846c-06d6751df3b4.roa
Signing time:             Tue 03 Sep 2024 00:00:00 +0000
ROA not before:           Tue 03 Sep 2024 00:00:00 +0000
ROA not after:            Tue 08 Oct 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        240f:80ff:8000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 18 Sep 2024 00:07:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:6a:4e:f8:4e:b1:6a:3b:a7:ce:42:c3:13:6a:fb:97:b4:6c:ba:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
        Validity
            Not Before: Sep  3 00:00:00 2024 GMT
            Not After : Oct  8 23:59:59 2024 GMT
        Subject: serialNumber=fe9aa055f37898acf5528c94eaa4815df72742df6f15871a649efb89978e07d4, CN=4257e925-715f-47a2-893e-0e3f97ec7e22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:7b:46:27:c1:3c:1e:19:7c:c3:96:0e:ed:bc:
                    97:93:37:3d:f7:ab:b9:7b:b6:52:33:92:ff:9c:74:
                    bc:3a:18:67:71:4c:9d:76:21:91:df:c4:db:5c:0b:
                    6c:ae:f3:26:58:58:86:4a:c5:0b:54:83:27:bb:c3:
                    f6:a7:8c:7c:a2:d9:1d:6c:77:aa:c0:84:b0:ad:84:
                    fc:7d:3d:ca:c8:38:85:18:31:06:15:65:96:01:f0:
                    83:e7:ea:42:f6:25:4a:28:c8:5d:7f:0a:7f:84:03:
                    69:50:37:81:65:7f:64:97:ae:9d:c2:3a:0b:c9:2c:
                    44:2f:c4:5f:f8:62:c6:ae:e4:a3:26:0d:a4:7d:d4:
                    bd:a1:53:cb:68:2c:1e:cc:a2:17:18:97:c2:5e:0b:
                    87:dd:b6:7a:a7:17:cb:0c:7f:93:9f:e9:34:c7:40:
                    fd:eb:b0:56:ff:6f:cc:e1:93:1b:77:49:12:c6:aa:
                    74:40:4f:e6:ce:55:75:9b:b2:5c:44:78:a5:1a:52:
                    f6:1a:3a:43:a7:a0:44:f6:99:5e:8c:e2:7d:1e:4e:
                    fb:30:c1:05:b1:2e:35:26:72:4f:12:3a:61:6e:6f:
                    4d:fa:a9:d0:07:fd:ed:e8:c9:51:3e:b4:36:62:bb:
                    7e:61:0a:a9:0f:33:0c:b6:03:42:1e:68:38:a8:66:
                    67:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:8B:A6:5D:46:2B:B5:5A:DB:A7:17:8E:45:A9:B4:C2:74:61:F7:8C
            X509v3 Authority Key Identifier:
                keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/97e51edc-22c5-4cb0-846c-06d6751df3b4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  240f:80ff:8000::/40

    Signature Algorithm: sha256WithRSAEncryption
         1b:cf:45:4c:d0:37:20:d7:39:72:9f:d6:3e:66:20:d8:83:12:
         49:e6:df:b8:ff:3e:31:ba:6b:eb:1f:d8:4b:d6:51:a0:55:55:
         be:ce:7d:51:93:5f:02:4c:59:bc:77:93:ce:b4:bc:7f:07:ca:
         b9:6f:bd:aa:7c:15:85:64:b1:83:2f:3e:3c:35:fc:c3:41:b1:
         c2:bd:aa:e0:b0:f6:6f:b5:26:78:3b:55:95:a1:62:98:c2:b3:
         f8:24:2c:1f:fe:0c:5b:0b:dc:ba:d1:5a:28:11:10:7c:89:0c:
         2d:42:b2:0b:5f:1c:a1:2a:ad:8a:3e:d9:25:98:b4:46:e7:64:
         92:31:e4:74:c7:59:bf:28:98:79:e5:bf:e0:13:77:3b:45:44:
         05:3a:5e:ce:85:3a:b4:8f:7d:8d:1a:88:45:80:6c:78:a1:41:
         91:4f:c4:0a:80:03:f3:ca:35:b8:9c:07:82:4c:eb:88:67:e5:
         8d:42:fc:ec:1d:0f:e6:29:ba:31:57:eb:f2:60:9c:6a:91:28:
         a3:2b:ef:20:9b:59:84:db:75:30:bc:dc:5e:20:df:7e:6c:63:
         0e:24:a8:3f:b8:5c:51:71:39:ad:24:80:b2:51:95:06:74:15:
         ce:3d:13:ff:fe:85:ba:35:9f:07:04:d9:97:e8:5d:eb:82:7f:
         1d:68:48:82
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUdGpO+E6xajunzkLDE2r7l7RsuvEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MDkwMzAwMDAwMFoX
DTI0MTAwODIzNTk1OVowejFJMEcGA1UEBRNAZmU5YWEwNTVmMzc4OThhY2Y1NTI4
Yzk0ZWFhNDgxNWRmNzI3NDJkZjZmMTU4NzFhNjQ5ZWZiODk5NzhlMDdkNDEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA03tGJ8E8Hhl8w5YO7byXkzc996u5
e7ZSM5L/nHS8OhhncUyddiGR38TbXAtsrvMmWFiGSsULVIMnu8P2p4x8otkdbHeq
wISwrYT8fT3KyDiFGDEGFWWWAfCD5+pC9iVKKMhdfwp/hANpUDeBZX9kl66dwjoL
ySxEL8Rf+GLGruSjJg2kfdS9oVPLaCwezKIXGJfCXguH3bZ6pxfLDH+Tn+k0x0D9
67BW/2/M4ZMbd0kSxqp0QE/mzlV1m7JcRHilGlL2GjpDp6BE9plejOJ9Hk77MMEF
sS41JnJPEjphbm9N+qnQB/3t6MlRPrQ2Yrt+YQqpDzMMtgNCHmg4qGZnrwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFKmLpl1GK7Va26cXjkWptMJ0YfeMMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
Lzk3ZTUxZWRjLTIyYzUtNGNiMC04NDZjLTA2ZDY3NTFkZjNiNC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJA+A/4AwDQYJKoZIhvcNAQELBQADggEBABvPRUzQNyDXOXKf1j5m
INiDEknm37j/PjG6a+sf2EvWUaBVVb7OfVGTXwJMWbx3k860vH8Hyrlvvap8FYVk
sYMvPjw1/MNBscK9quCw9m+1Jng7VZWhYpjCs/gkLB/+DFsL3LrRWigREHyJDC1C
sgtfHKEqrYo+2SWYtEbnZJIx5HTHWb8omHnlv+ATdztFRAU6Xs6FOrSPfY0aiEWA
bHihQZFPxAqAA/PKNbicB4JM64hn5Y1C/OwdD+YpujFX6/JgnGqRKKMr7yCbWYTb
dTC83F4g335sYw4kqD+4XFFxOa0kgLJRlQZ0Fc49E//+hbo1nwcE2ZfoXeuCfx1o
SII=
-----END CERTIFICATE-----
Generated at Sat Sep 14 00:38:58 2024 by rpki-client on console-fra.rpki-client.org