$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/10ab3009-75b8-4f2b-94e2-d362eb6f508c.roa File: 10ab3009-75b8-4f2b-94e2-d362eb6f508c.roa (raw, json) Hash identifier: HUmhvP4Wmdk2QfleTuKOYSsyvms/C1GyBsRobXOFhkg= Subject key identifier: 7D:4A:9B:20:1B:8E:66:70:90:96:7C:B2:C4:D9:AC:46:E0:6E:17:D6 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3551E595FA88D7834ED04D336712DCE8FE4AEB52 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/10ab3009-75b8-4f2b-94e2-d362eb6f508c.roa Signing time: Fri 31 May 2024 00:00:00 +0000 ROA not before: Fri 31 May 2024 00:00:00 +0000 ROA not after: Fri 05 Jul 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Jun 2024 00:21:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:51:e5:95:fa:88:d7:83:4e:d0:4d:33:67:12:dc:e8:fe:4a:eb:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 31 00:00:00 2024 GMT Not After : Jul 5 23:59:59 2024 GMT Subject: serialNumber=4c1aa5a4e7689f7b77f0b0b1258555cdd8d3a8cc46d19a405bdeaf0c57e50992, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:1d:20:96:d1:0b:d0:1b:1c:28:a6:dc:5a:da: 02:02:d0:6e:ae:c8:4e:5f:96:b1:c6:bf:62:4b:82: 4c:34:fc:eb:e6:da:41:eb:32:57:85:e2:e6:e6:1e: 26:a0:11:3a:6f:a2:29:24:02:5b:27:e1:2b:71:f4: 4d:e1:82:66:08:d5:78:f8:e7:26:07:19:15:fa:aa: 13:25:a3:e9:4d:b2:25:45:72:12:99:03:f9:a0:1c: 66:94:73:df:77:57:03:49:a5:c3:71:e1:45:3a:4b: bc:01:a6:bf:60:23:6f:21:94:c2:1b:05:a5:33:e9: ea:a5:04:5a:93:6e:c2:8c:6b:a7:bb:1a:8d:c5:73: 05:f1:92:fd:1c:36:04:85:14:22:8a:56:0f:8f:f5: 4f:fa:58:a5:9a:64:57:04:a6:09:55:a6:70:47:2b: 70:57:66:5b:02:cf:45:86:bb:01:2b:a5:6a:89:2b: 48:30:25:3e:53:5c:50:4c:33:9f:fe:d4:d9:83:9e: 4f:0b:f8:e0:39:75:ce:fd:c6:12:4a:46:9a:00:0e: 51:c0:6e:60:79:ec:7c:31:bf:ed:26:9d:82:53:b0: 51:c9:c6:f7:e0:e5:ac:08:b5:0a:aa:03:4e:c8:44: d3:76:30:f6:f7:c3:ce:1d:5d:fb:fc:75:92:b2:7b: 68:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:4A:9B:20:1B:8E:66:70:90:96:7C:B2:C4:D9:AC:46:E0:6E:17:D6 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/10ab3009-75b8-4f2b-94e2-d362eb6f508c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:a000::/40 Signature Algorithm: sha256WithRSAEncryption b7:8c:92:60:ee:c0:5e:d7:c1:b6:cb:e8:62:a6:da:72:52:db: 59:1f:1a:6c:6f:42:0f:1b:70:3e:6e:81:95:fa:de:ed:be:56: 30:55:a8:48:4e:6c:d8:02:a5:9f:fa:bb:c1:52:e2:35:dc:89: 19:c8:ac:ca:24:15:f0:56:34:9d:07:6d:ed:bf:86:c5:c4:de: be:c6:a6:55:f8:98:39:14:f5:f0:fd:2f:28:b9:92:53:45:20: b5:c9:44:71:a5:cf:e4:16:21:96:15:84:32:f0:da:5c:61:63: 52:f6:98:bb:55:02:d4:68:11:3d:5f:5f:d4:e9:18:ea:36:79: 5a:f1:00:1a:55:f9:35:cf:e8:1c:7a:df:cc:fc:69:55:6d:95: 9f:33:c0:25:88:4a:aa:d1:3a:01:f1:ff:79:40:72:cf:86:2d: 55:99:27:31:f6:19:0b:ef:a3:6b:1c:6d:76:e4:97:54:4b:9b: 3b:94:a3:79:e1:ca:42:61:5c:0f:cb:b9:29:f7:25:62:5c:1a: fb:9e:87:59:bb:f9:b3:80:49:9f:25:eb:d2:83:d2:5e:92:0d: fb:18:31:49:69:ba:19:29:92:5d:a4:28:a0:a8:55:7b:96:f7: a0:10:33:73:d5:24:ea:dc:c3:da:c5:26:78:ab:9b:ff:9a:58: 2a:b6:23:75 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUNVHllfqI14NO0E0zZxLc6P5K61IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUzMTAwMDAwMFoX DTI0MDcwNTIzNTk1OVowejFJMEcGA1UEBRNANGMxYWE1YTRlNzY4OWY3Yjc3ZjBi MGIxMjU4NTU1Y2RkOGQzYThjYzQ2ZDE5YTQwNWJkZWFmMGM1N2U1MDk5MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArB0gltEL0BscKKbcWtoCAtBurshO X5axxr9iS4JMNPzr5tpB6zJXheLm5h4moBE6b6IpJAJbJ+ErcfRN4YJmCNV4+Ocm BxkV+qoTJaPpTbIlRXISmQP5oBxmlHPfd1cDSaXDceFFOku8Aaa/YCNvIZTCGwWl M+nqpQRak27CjGunuxqNxXMF8ZL9HDYEhRQiilYPj/VP+lilmmRXBKYJVaZwRytw V2ZbAs9FhrsBK6VqiStIMCU+U1xQTDOf/tTZg55PC/jgOXXO/cYSSkaaAA5RwG5g eex8Mb/tJp2CU7BRycb34OWsCLUKqgNOyETTdjD298POHV37/HWSsntoSQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFH1KmyAbjmZwkJZ8ssTZrEbgbhfWMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzEwYWIzMDA5LTc1YjgtNGYyYi05NGUyLWQzNjJlYjZmNTA4Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8qAwDQYJKoZIhvcNAQELBQADggEBALeMkmDuwF7XwbbL6GKm 2nJS21kfGmxvQg8bcD5ugZX63u2+VjBVqEhObNgCpZ/6u8FS4jXciRnIrMokFfBW NJ0Hbe2/hsXE3r7GplX4mDkU9fD9Lyi5klNFILXJRHGlz+QWIZYVhDLw2lxhY1L2 mLtVAtRoET1fX9TpGOo2eVrxABpV+TXP6Bx638z8aVVtlZ8zwCWISqrROgHx/3lA cs+GLVWZJzH2GQvvo2scbXbkl1RLmzuUo3nhykJhXA/LuSn3JWJcGvueh1m7+bOA SZ8l69KD0l6SDfsYMUlpuhkpkl2kKKCoVXuW96AQM3PVJOrcw9rFJnirm/+aWCq2 I3U= -----END CERTIFICATE-----Generated at Sun Jun 2 01:00:41 2024 by rpki-client on console-fra.rpki-client.org