Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/decc3cec-c2ef-4622-8ec2-e53bb7a3e257.roa
File:                     decc3cec-c2ef-4622-8ec2-e53bb7a3e257.roa (raw, json)
Hash identifier:          c0lbmkpHmG+VT2WHND7SInI0zexwSnofU5KwSDGKE2M=
Subject key identifier:   C9:AC:4F:B2:C2:CF:E1:AF:E2:3E:DE:CA:B0:B2:DA:EF:4E:39:E8:C9
Certificate issuer:       /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial:       7E9359F8AA41BC58DBA1680F821CB6FE42FABAE5
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/decc3cec-c2ef-4622-8ec2-e53bb7a3e257.roa
Signing time:             Sat 16 Sep 2023 00:00:00 +0000
ROA not before:           Sat 16 Sep 2023 00:00:00 +0000
ROA not after:            Sat 21 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        240f:80ff:4000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 17 Sep 2023 12:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:93:59:f8:aa:41:bc:58:db:a1:68:0f:82:1c:b6:fe:42:fa:ba:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
        Validity
            Not Before: Sep 16 00:00:00 2023 GMT
            Not After : Oct 21 23:59:59 2023 GMT
        Subject: serialNumber=0f84ca0ad8a78b48b1b1980aac8a6680b6101a0953daf587d97fd97e917139d4, CN=4257e925-715f-47a2-893e-0e3f97ec7e22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:89:fc:74:f5:f0:ed:a1:5d:53:51:16:32:cc:
                    bc:ac:f2:99:88:36:e3:77:44:5b:37:41:8a:19:18:
                    e5:6a:47:aa:5e:ac:1b:72:64:69:d7:f0:f1:10:92:
                    ef:b9:b0:4f:de:51:92:25:61:c1:f7:8c:a6:30:96:
                    6b:e3:b7:20:62:c7:34:d1:da:7d:d9:4d:96:81:3f:
                    4a:7a:15:ba:88:85:42:11:21:a2:f0:00:eb:a0:ce:
                    ea:73:b1:38:b9:18:20:94:ee:ec:16:c8:4e:5c:5e:
                    a0:0f:7c:57:37:0c:f8:da:ee:59:6a:b0:a7:07:09:
                    42:1a:64:88:28:39:c6:8c:b0:c9:79:ae:e5:b5:cc:
                    49:4e:15:15:8e:a5:45:21:58:5e:ba:83:d9:da:40:
                    43:32:f2:d1:c0:25:c9:04:e4:d7:e3:50:56:e3:93:
                    3b:6e:d9:71:c9:c1:88:19:53:32:e2:96:34:f6:94:
                    86:a3:b0:05:b4:bc:b5:79:ef:10:7b:b5:5c:98:ff:
                    72:c0:ee:3c:c9:46:bc:bc:5d:79:f5:76:e1:17:b0:
                    3b:1a:f3:8f:17:39:26:50:41:e5:af:bb:3f:b0:78:
                    f6:df:b9:20:31:7a:c3:8f:e0:fc:24:75:d2:7e:f7:
                    b9:df:0b:c5:43:83:c9:68:b9:d3:2c:02:3d:59:a3:
                    86:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:AC:4F:B2:C2:CF:E1:AF:E2:3E:DE:CA:B0:B2:DA:EF:4E:39:E8:C9
            X509v3 Authority Key Identifier:
                keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/decc3cec-c2ef-4622-8ec2-e53bb7a3e257.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  240f:80ff:4000::/40

    Signature Algorithm: sha256WithRSAEncryption
         53:bf:b1:19:cb:ae:85:07:2a:a5:a2:87:40:02:80:9d:f7:be:
         d1:be:0c:5a:89:d4:a7:5a:94:d7:68:5b:e4:07:5e:58:e8:ee:
         8a:97:27:f8:f5:99:2c:27:dd:3c:cb:a9:80:30:8e:6c:86:9f:
         8b:85:bf:3a:94:77:9e:3d:4f:f5:67:89:2c:63:f2:ad:ce:e4:
         6f:41:1d:9f:c1:5b:95:95:b3:a5:dd:24:e1:9c:9c:30:6e:07:
         c3:8a:8e:20:fa:6f:db:0e:b4:ed:df:ca:08:c1:6d:5e:ff:30:
         31:73:f7:52:9f:af:4c:8d:45:56:19:c1:5b:5f:b7:8e:42:f3:
         d2:0e:59:c3:b3:7d:23:6c:73:5d:fd:3b:99:98:41:99:24:84:
         b3:99:b2:9f:21:e4:ae:ee:96:22:86:f3:30:5c:44:9f:68:ec:
         3e:3c:b9:e9:13:3d:e5:8a:0a:a8:87:42:91:b7:dc:db:88:5b:
         74:78:cf:1d:0f:28:be:e8:8c:d3:1c:74:22:28:2c:16:00:03:
         ba:95:58:9e:28:ea:67:30:c1:5a:6b:e7:fc:9c:16:30:81:08:
         7b:f4:cd:8e:c7:9c:d2:02:9d:6c:58:95:9b:63:44:d8:74:ff:
         0b:fd:80:f2:17:e4:92:2d:bc:a8:32:23:b8:19:6f:21:67:d7:
         1a:dd:6a:7e
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUfpNZ+KpBvFjboWgPghy2/kL6uuUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTIzMDkxNjAwMDAwMFoX
DTIzMTAyMTIzNTk1OVowejFJMEcGA1UEBRNAMGY4NGNhMGFkOGE3OGI0OGIxYjE5
ODBhYWM4YTY2ODBiNjEwMWEwOTUzZGFmNTg3ZDk3ZmQ5N2U5MTcxMzlkNDEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYn8dPXw7aFdU1EWMsy8rPKZiDbj
d0RbN0GKGRjlakeqXqwbcmRp1/DxEJLvubBP3lGSJWHB94ymMJZr47cgYsc00dp9
2U2WgT9KehW6iIVCESGi8ADroM7qc7E4uRgglO7sFshOXF6gD3xXNwz42u5ZarCn
BwlCGmSIKDnGjLDJea7ltcxJThUVjqVFIVheuoPZ2kBDMvLRwCXJBOTX41BW45M7
btlxycGIGVMy4pY09pSGo7AFtLy1ee8Qe7VcmP9ywO48yUa8vF159XbhF7A7GvOP
FzkmUEHlr7s/sHj237kgMXrDj+D8JHXSfve53wvFQ4PJaLnTLAI9WaOGGQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFMmsT7LCz+Gv4j7eyrCy2u9OOejJMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
L2RlY2MzY2VjLWMyZWYtNDYyMi04ZWMyLWU1M2JiN2EzZTI1Ny5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJA+A/0AwDQYJKoZIhvcNAQELBQADggEBAFO/sRnLroUHKqWih0AC
gJ33vtG+DFqJ1KdalNdoW+QHXljo7oqXJ/j1mSwn3TzLqYAwjmyGn4uFvzqUd549
T/VniSxj8q3O5G9BHZ/BW5WVs6XdJOGcnDBuB8OKjiD6b9sOtO3fygjBbV7/MDFz
91Kfr0yNRVYZwVtft45C89IOWcOzfSNsc139O5mYQZkkhLOZsp8h5K7uliKG8zBc
RJ9o7D48uekTPeWKCqiHQpG33NuIW3R4zx0PKL7ojNMcdCIoLBYAA7qVWJ4o6mcw
wVpr5/ycFjCBCHv0zY7HnNICnWxYlZtjRNh0/wv9gPIX5JItvKgyI7gZbyFn1xrd
an4=
-----END CERTIFICATE-----
Generated at Sat Sep 16 00:16:47 2023 by rpki-client on console-fra.rpki-client.org