Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c6c8c2c8-2610-4b46-9e55-67c12ceccbbe.roa
File:                     c6c8c2c8-2610-4b46-9e55-67c12ceccbbe.roa (raw, json)
Hash identifier:          UJVYMKqIf/5OyLSl30ALkzKG9EeGzTfuxFPgcmm7n6k=
Subject key identifier:   BC:C9:31:01:B4:AF:BB:3B:EF:A6:A9:34:1E:52:24:EE:1B:75:54:6E
Certificate issuer:       /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial:       6BDF8B4AE2B8D456530A02F4C578679B25BD36E8
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c6c8c2c8-2610-4b46-9e55-67c12ceccbbe.roa
Signing time:             Mon 18 Sep 2023 00:00:00 +0000
ROA not before:           Mon 18 Sep 2023 00:00:00 +0000
ROA not after:            Mon 23 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        240f:80fe:8000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 20 Sep 2023 03:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:df:8b:4a:e2:b8:d4:56:53:0a:02:f4:c5:78:67:9b:25:bd:36:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
        Validity
            Not Before: Sep 18 00:00:00 2023 GMT
            Not After : Oct 23 23:59:59 2023 GMT
        Subject: serialNumber=51a9c08fbdfbcc1ba58144451e730d1feec4eb5fbc22be50cd4e467c18e54005, CN=4257e925-715f-47a2-893e-0e3f97ec7e22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:11:ae:78:29:19:67:d9:d9:31:d1:ad:5c:d2:
                    a5:49:d5:75:0d:21:f8:1c:8a:cf:89:42:19:05:b1:
                    17:a7:7c:b6:c2:95:65:19:64:f4:ef:5f:86:61:ed:
                    d5:70:d5:66:87:b2:52:5b:af:9b:68:47:05:3b:0c:
                    44:7f:b5:b7:70:04:4b:72:b9:cd:38:05:b2:d8:bc:
                    45:4d:5e:2d:f4:d4:d3:e8:f6:b0:d5:de:51:7f:b3:
                    b3:7c:e2:2d:45:43:fb:65:9e:03:55:7c:62:3d:e9:
                    7c:ee:31:94:df:e6:d4:d0:b4:d5:a4:2f:a1:13:00:
                    ad:0b:05:03:3c:30:30:64:45:3f:71:33:29:00:f9:
                    e6:3c:f9:a3:32:9e:c9:bd:c2:18:4c:1a:32:d5:67:
                    ba:4a:7a:8d:6c:44:f3:c7:39:3b:51:00:6c:eb:f4:
                    ae:10:ab:d8:ea:4c:9d:fd:f5:47:23:d6:48:8f:27:
                    ef:fd:19:bd:a5:8a:bf:1b:16:33:f4:31:e7:36:4f:
                    06:f0:1d:7b:55:95:f1:be:e7:14:08:1a:43:48:50:
                    71:72:de:b6:1f:41:ea:5c:c4:f8:71:eb:ce:ad:fa:
                    c3:a6:15:1c:7d:c1:1f:4a:e6:de:4e:6f:4c:8c:66:
                    b5:d3:4a:74:46:13:58:3e:a4:4c:56:a9:37:2f:be:
                    ab:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:C9:31:01:B4:AF:BB:3B:EF:A6:A9:34:1E:52:24:EE:1B:75:54:6E
            X509v3 Authority Key Identifier:
                keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c6c8c2c8-2610-4b46-9e55-67c12ceccbbe.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  240f:80fe:8000::/40

    Signature Algorithm: sha256WithRSAEncryption
         12:50:9e:54:23:e9:1c:a4:3a:08:8e:07:b8:85:a4:fe:d5:72:
         c0:75:c8:0e:39:34:a4:bf:67:f5:b1:d1:71:e6:20:ba:7f:1e:
         5a:0d:ab:d2:0e:df:52:b3:d3:9f:08:e2:e3:17:e9:f4:06:df:
         16:36:61:3b:03:83:40:77:20:19:74:02:e2:67:ce:44:33:ed:
         78:55:d8:3a:f3:a1:73:e5:47:ca:d9:74:86:91:ac:05:63:49:
         11:58:5e:33:ed:04:84:ad:83:24:55:96:d0:e6:e4:87:7e:95:
         31:b5:af:6d:e1:8c:68:d3:37:e9:be:be:34:87:ad:4b:ec:32:
         cf:b3:93:4d:04:a1:04:12:64:e3:e4:eb:0a:0a:5d:35:5d:e4:
         bb:03:a1:c1:59:2a:bb:d9:6f:9b:9e:af:d0:ce:e0:26:b4:b3:
         36:5e:fe:cf:f4:64:81:18:7c:d0:16:f6:c3:74:77:98:61:c2:
         53:87:35:2f:82:0e:0d:07:0e:15:90:bc:49:7e:58:48:c9:31:
         f0:3e:57:87:a3:cf:96:29:90:19:1d:ad:d1:36:f0:5d:85:09:
         42:9b:22:30:a0:9e:41:6e:f9:3b:64:88:7c:e2:9a:e3:c6:09:
         3a:90:a4:5d:22:9c:eb:db:ec:f4:86:4a:72:e8:cc:60:66:d5:
         1b:f5:ed:e7
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUa9+LSuK41FZTCgL0xXhnmyW9NugwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTIzMDkxODAwMDAwMFoX
DTIzMTAyMzIzNTk1OVowejFJMEcGA1UEBRNANTFhOWMwOGZiZGZiY2MxYmE1ODE0
NDQ1MWU3MzBkMWZlZWM0ZWI1ZmJjMjJiZTUwY2Q0ZTQ2N2MxOGU1NDAwNTEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBGueCkZZ9nZMdGtXNKlSdV1DSH4
HIrPiUIZBbEXp3y2wpVlGWT071+GYe3VcNVmh7JSW6+baEcFOwxEf7W3cARLcrnN
OAWy2LxFTV4t9NTT6Paw1d5Rf7OzfOItRUP7ZZ4DVXxiPel87jGU3+bU0LTVpC+h
EwCtCwUDPDAwZEU/cTMpAPnmPPmjMp7JvcIYTBoy1We6SnqNbETzxzk7UQBs6/Su
EKvY6kyd/fVHI9ZIjyfv/Rm9pYq/GxYz9DHnNk8G8B17VZXxvucUCBpDSFBxct62
H0HqXMT4cevOrfrDphUcfcEfSubeTm9MjGa100p0RhNYPqRMVqk3L76rkwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFLzJMQG0r7s776apNB5SJO4bdVRuMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
L2M2YzhjMmM4LTI2MTAtNGI0Ni05ZTU1LTY3YzEyY2VjY2JiZS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJA+A/oAwDQYJKoZIhvcNAQELBQADggEBABJQnlQj6RykOgiOB7iF
pP7VcsB1yA45NKS/Z/Wx0XHmILp/HloNq9IO31Kz058I4uMX6fQG3xY2YTsDg0B3
IBl0AuJnzkQz7XhV2DrzoXPlR8rZdIaRrAVjSRFYXjPtBIStgyRVltDm5Id+lTG1
r23hjGjTN+m+vjSHrUvsMs+zk00EoQQSZOPk6woKXTVd5LsDocFZKrvZb5uer9DO
4Ca0szZe/s/0ZIEYfNAW9sN0d5hhwlOHNS+CDg0HDhWQvEl+WEjJMfA+V4ejz5Yp
kBkdrdE28F2FCUKbIjCgnkFu+TtkiHzimuPGCTqQpF0inOvb7PSGSnLozGBm1Rv1
7ec=
-----END CERTIFICATE-----
Generated at Mon Sep 18 15:40:40 2023 by rpki-client on console-ams.rpki-client.org