$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/11f2fdee-b71b-465c-aafa-18e96081ee2e.roa File: 11f2fdee-b71b-465c-aafa-18e96081ee2e.roa (raw, json) Hash identifier: ARiZwDxl7YPq5AZRR9OZ4DqNEzPSExpj2TfTin1m1aE= Subject key identifier: 08:E8:22:AB:27:06:4F:E5:93:A9:F7:69:DD:31:FA:6E:8D:D7:6D:3F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3AA6EF68C6E854ADFB59A233D1753EE13C1A6EC1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/11f2fdee-b71b-465c-aafa-18e96081ee2e.roa Signing time: Mon 27 May 2024 00:00:00 +0000 ROA not before: Mon 27 May 2024 00:00:00 +0000 ROA not after: Mon 01 Jul 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Jun 2024 00:21:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:a6:ef:68:c6:e8:54:ad:fb:59:a2:33:d1:75:3e:e1:3c:1a:6e:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 27 00:00:00 2024 GMT Not After : Jul 1 23:59:59 2024 GMT Subject: serialNumber=7e7cc0424a7e265d461ae04b914158b8b0d1586f3763ce34989b6762fd4192bc, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:c8:91:aa:38:89:ee:ab:ed:c0:dd:91:7b:16: 7a:53:dc:ae:6a:68:8a:11:99:ff:a5:ca:00:01:10: 13:cc:40:a3:61:3c:ff:cf:cd:47:b8:01:b0:43:0b: 2d:5b:f0:c1:be:c1:3d:f8:2e:8a:2d:0f:f4:8c:21: 43:3a:24:ec:00:8b:58:4f:3c:4c:b4:5a:a4:77:79: 96:f7:20:4a:ec:d3:b8:50:a1:c4:a8:e9:dc:5f:c6: 79:5c:e2:68:2f:13:a3:a3:bc:cd:2e:fa:c7:f9:3f: bf:72:e1:3f:89:58:f7:b0:7e:b4:6c:d8:6f:af:89: 16:f5:2c:8b:e5:64:22:5b:c3:56:0e:e0:00:46:00: f6:48:e2:44:58:03:9b:c1:93:ab:b9:95:08:5f:2c: 1b:2f:07:b6:20:58:47:6f:c2:58:b7:dc:f3:87:a7: 6c:d2:51:5b:29:3c:cb:44:d6:ed:3b:9a:f4:94:ce: b3:75:fa:6d:58:3f:81:f6:a5:b1:96:c5:dd:93:e1: 93:c1:4f:b2:6a:8a:df:7d:79:c1:ea:42:87:93:2f: 31:c6:18:2f:d5:ee:e5:9f:ab:4a:4c:4e:e0:88:8e: ed:22:fc:ee:e9:51:4c:1c:61:e4:a6:be:ef:1e:6c: 7a:d8:d7:49:cb:f8:cf:37:a8:cd:11:31:53:d9:98: a2:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:E8:22:AB:27:06:4F:E5:93:A9:F7:69:DD:31:FA:6E:8D:D7:6D:3F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/11f2fdee-b71b-465c-aafa-18e96081ee2e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:a000::/40 Signature Algorithm: sha256WithRSAEncryption b4:fa:9d:15:0b:32:ad:8d:55:e0:93:87:5f:2b:18:2f:b3:75: 29:ac:5a:ba:a5:89:e4:29:0f:97:8d:46:03:c9:aa:e4:c5:65: 92:b9:47:c4:cd:d5:d0:1a:b4:6f:ae:db:19:85:26:8e:87:f8: 3b:23:02:db:1c:e4:6a:b2:aa:2b:21:3a:50:01:71:8a:b2:b7: fa:37:f2:76:8d:3b:e2:81:8e:51:f6:37:1f:4d:50:25:28:4f: 27:88:54:5d:dd:36:ba:8b:d2:53:07:b4:38:6f:8a:26:40:c7: 37:9b:0d:77:b5:9f:34:bf:14:02:31:ab:f1:6b:0f:5d:ce:1d: cf:4b:67:bf:ca:24:d0:b6:83:8d:0e:fc:64:dd:13:45:ce:b1: 26:ed:ee:87:2e:03:54:08:84:da:ab:17:61:a9:b7:d7:9f:d2: 71:2f:4c:4b:a1:ac:ab:40:72:e8:ac:8d:21:0a:f5:ff:a1:9a: 0a:57:d9:3b:c5:47:0e:4f:a2:1d:99:79:2e:e8:f3:41:b6:84: 85:ea:d7:e5:0e:06:e3:24:31:61:e1:cc:90:3b:80:70:fe:0c: db:df:24:93:73:fa:d2:cd:20:b1:84:02:18:65:02:e7:31:5c: d8:8d:8f:bc:01:b1:b7:45:76:41:65:12:7f:91:f8:3d:f2:aa: 57:4f:0c:e0 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUOqbvaMboVK37WaIz0XU+4TwabsEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUyNzAwMDAwMFoX DTI0MDcwMTIzNTk1OVowejFJMEcGA1UEBRNAN2U3Y2MwNDI0YTdlMjY1ZDQ2MWFl MDRiOTE0MTU4YjhiMGQxNTg2ZjM3NjNjZTM0OTg5YjY3NjJmZDQxOTJiYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8iRqjiJ7qvtwN2RexZ6U9yuamiK EZn/pcoAARATzECjYTz/z81HuAGwQwstW/DBvsE9+C6KLQ/0jCFDOiTsAItYTzxM tFqkd3mW9yBK7NO4UKHEqOncX8Z5XOJoLxOjo7zNLvrH+T+/cuE/iVj3sH60bNhv r4kW9SyL5WQiW8NWDuAARgD2SOJEWAObwZOruZUIXywbLwe2IFhHb8JYt9zzh6ds 0lFbKTzLRNbtO5r0lM6zdfptWD+B9qWxlsXdk+GTwU+yaorffXnB6kKHky8xxhgv 1e7ln6tKTE7giI7tIvzu6VFMHGHkpr7vHmx62NdJy/jPN6jNETFT2ZiiBQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAjoIqsnBk/lk6n3ad0x+m6N120/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzExZjJmZGVlLWI3MWItNDY1Yy1hYWZhLTE4ZTk2MDgxZWUyZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+6AwDQYJKoZIhvcNAQELBQADggEBALT6nRULMq2NVeCTh18r GC+zdSmsWrqlieQpD5eNRgPJquTFZZK5R8TN1dAatG+u2xmFJo6H+DsjAtsc5Gqy qishOlABcYqyt/o38naNO+KBjlH2Nx9NUCUoTyeIVF3dNrqL0lMHtDhviiZAxzeb DXe1nzS/FAIxq/FrD13OHc9LZ7/KJNC2g40O/GTdE0XOsSbt7ocuA1QIhNqrF2Gp t9ef0nEvTEuhrKtAcuisjSEK9f+hmgpX2TvFRw5Poh2ZeS7o80G2hIXq1+UOBuMk MWHhzJA7gHD+DNvfJJNz+tLNILGEAhhlAucxXNiNj7wBsbdFdkFlEn+R+D3yqldP DOA= -----END CERTIFICATE-----Generated at Sun Jun 2 01:00:41 2024 by rpki-client on console-fra.rpki-client.org