Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0276322-5c62-450c-9379-22ba77895050.roa
File:                     c0276322-5c62-450c-9379-22ba77895050.roa (raw, json)
Hash identifier:          zKS0hXcK7/lutf14SlBR5FmWxH0xRcG8wQ36Nc95tq0=
Subject key identifier:   23:C0:21:D9:7D:F5:F8:BC:CF:01:7C:C9:72:CF:89:A5:AE:3B:15:62
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       55F3DF22451696CDBBC58DD1A8E7C95720593026
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0276322-5c62-450c-9379-22ba77895050.roa
Signing time:             Wed 15 Oct 2025 00:38:23 +0000
ROA not before:           Wed 15 Oct 2025 00:38:23 +0000
ROA not after:            Wed 19 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da1f::/38 maxlen: 38
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 24 Oct 2025 00:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:f3:df:22:45:16:96:cd:bb:c5:8d:d1:a8:e7:c9:57:20:59:30:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Oct 15 00:38:23 2025 GMT
            Not After : Nov 19 23:59:59 2025 GMT
        Subject: serialNumber=6c977b7aa65ceb18aa63ac374f76596588f9cfb7128d29a2852acca946351168, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:dc:81:8f:bb:c1:21:36:b1:ef:12:76:84:fc:
                    a3:e9:ea:4a:78:5a:07:27:64:9c:02:e3:e5:ff:27:
                    17:68:82:7e:8d:79:ff:8a:7a:bd:aa:8b:9d:15:2f:
                    38:64:58:3f:ae:c1:50:0a:87:b7:0d:d9:d8:56:f1:
                    1c:c9:d7:87:2d:00:31:6e:3d:7a:c9:d9:1f:23:17:
                    7c:6c:63:de:63:3e:75:05:90:c4:a7:5d:0f:55:ae:
                    49:2e:1f:bd:66:dc:10:41:95:54:7c:45:df:19:8f:
                    fb:87:41:80:bf:91:ef:6f:ca:07:f1:f6:04:f6:84:
                    de:9e:9b:90:53:a5:e4:af:2e:2c:e5:e4:06:97:f1:
                    9d:d5:8d:79:c5:65:7c:2a:b6:e3:94:18:34:9c:fe:
                    f2:4b:fe:bd:75:75:1c:ac:3f:c7:1c:43:ca:6a:6d:
                    06:4a:f9:de:ef:8f:c6:b4:77:57:5e:fb:c5:23:e9:
                    b6:f2:9e:d2:f6:d5:49:9c:88:13:48:d0:3b:96:2e:
                    d5:22:ae:59:91:a2:07:67:95:ac:bb:a7:c9:0f:d4:
                    fc:ad:de:cd:a7:5d:f4:de:86:67:11:2a:66:29:58:
                    67:64:dc:40:17:fa:1b:bc:01:a9:31:6d:c3:6b:0e:
                    27:ab:3c:cc:d1:29:e6:25:02:0c:eb:fc:da:a2:88:
                    84:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:C0:21:D9:7D:F5:F8:BC:CF:01:7C:C9:72:CF:89:A5:AE:3B:15:62
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0276322-5c62-450c-9379-22ba77895050.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da1f::/38

    Signature Algorithm: sha256WithRSAEncryption
         12:a3:ac:0a:b5:e1:82:59:12:f3:44:45:b9:e5:62:a0:65:f3:
         64:69:b7:27:c7:30:1a:30:79:21:d6:16:bd:ea:96:ed:d2:9a:
         18:b2:b3:9a:5a:90:7e:26:8a:6d:e9:b5:87:b4:24:1f:7b:63:
         50:93:21:ec:cb:8a:fb:b1:7c:d2:39:d8:80:48:bc:73:04:6d:
         64:87:ab:86:d5:93:7c:d9:14:1f:a3:a1:2f:33:c2:a6:81:81:
         6f:e6:5c:ac:83:68:88:75:fc:c4:a2:d2:90:09:be:72:6f:d7:
         f8:87:dd:14:ef:ae:54:5d:83:41:fe:c4:63:3c:97:f3:4d:e4:
         1a:cc:c1:a3:da:ba:56:df:75:35:25:08:02:fc:cd:94:9a:1e:
         01:1f:59:d3:ee:df:76:7f:bc:5d:28:56:6e:f7:79:60:ba:c3:
         ec:f1:74:56:1b:85:26:b3:ea:b8:66:c9:e5:8d:3a:2c:98:51:
         22:6f:11:9f:a7:74:a3:56:bd:fe:0d:50:76:bd:75:01:0b:b6:
         0b:7a:4a:51:e8:f4:56:19:ab:4c:07:d7:e6:52:4e:a9:bc:e0:
         50:b4:d9:51:53:e9:b5:5b:84:8d:51:db:b1:98:b8:71:fa:10:
         2d:8a:aa:80:7e:e6:c9:6c:80:e5:08:33:00:b7:cc:14:ce:85:
         15:db:7f:b6
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUVfPfIkUWls27xY3RqOfJVyBZMCYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNTAwMzgyM1oX
DTI1MTExOTIzNTk1OVowejFJMEcGA1UEBRNANmM5NzdiN2FhNjVjZWIxOGFhNjNh
YzM3NGY3NjU5NjU4OGY5Y2ZiNzEyOGQyOWEyODUyYWNjYTk0NjM1MTE2ODEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltyBj7vBITax7xJ2hPyj6epKeFoH
J2ScAuPl/ycXaIJ+jXn/inq9qoudFS84ZFg/rsFQCoe3DdnYVvEcydeHLQAxbj16
ydkfIxd8bGPeYz51BZDEp10PVa5JLh+9ZtwQQZVUfEXfGY/7h0GAv5Hvb8oH8fYE
9oTenpuQU6Xkry4s5eQGl/Gd1Y15xWV8KrbjlBg0nP7yS/69dXUcrD/HHEPKam0G
Svne74/GtHdXXvvFI+m28p7S9tVJnIgTSNA7li7VIq5ZkaIHZ5Wsu6fJD9T8rd7N
p1303oZnESpmKVhnZNxAF/obvAGpMW3Daw4nqzzM0SnmJQIM6/zaooiEZwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFCPAIdl99fi8zwF8yXLPiaWuOxViMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2MwMjc2MzIyLTVjNjItNDUwYy05Mzc5LTIyYmE3Nzg5NTA1MC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYCJAbaHwAwDQYJKoZIhvcNAQELBQADggEBABKjrAq14YJZEvNERbnl
YqBl82RptyfHMBoweSHWFr3qlu3Smhiys5pakH4mim3ptYe0JB97Y1CTIezLivux
fNI52IBIvHMEbWSHq4bVk3zZFB+joS8zwqaBgW/mXKyDaIh1/MSi0pAJvnJv1/iH
3RTvrlRdg0H+xGM8l/NN5BrMwaPaulbfdTUlCAL8zZSaHgEfWdPu33Z/vF0oVm73
eWC6w+zxdFYbhSaz6rhmyeWNOiyYUSJvEZ+ndKNWvf4NUHa9dQELtgt6SlHo9FYZ
q0wH1+ZSTqm84FC02VFT6bVbhI1R27GYuHH6EC2KqoB+5slsgOUIMwC3zBTOhRXb
f7Y=
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:59:12 2025 by rpki-client