$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/27412ae8-c8fe-41ee-a660-f1790d3806e7.roa File: 27412ae8-c8fe-41ee-a660-f1790d3806e7.roa (raw, json) Hash identifier: ldDRUF81gR/DTNZplgL0ibzXnEtucEps21rJcn1jWCo= Subject key identifier: 8A:3D:91:38:3F:96:35:A8:02:85:57:F1:49:8F:A9:49:02:35:B2:23 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1BC20088E31FEB1914A18855620CAB55B5E85539 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/27412ae8-c8fe-41ee-a660-f1790d3806e7.roa Signing time: Mon 27 May 2024 00:00:00 +0000 ROA not before: Mon 27 May 2024 00:00:00 +0000 ROA not after: Mon 01 Jul 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Jun 2024 00:21:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:c2:00:88:e3:1f:eb:19:14:a1:88:55:62:0c:ab:55:b5:e8:55:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 27 00:00:00 2024 GMT Not After : Jul 1 23:59:59 2024 GMT Subject: serialNumber=65da6a5cbcda5be120df2c2337541ed80f0f39f5b5030ae4e3a1bdf14c955ed6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:ca:eb:10:67:0d:6b:36:b6:69:55:a1:0a:d1: 9f:cd:8c:2a:eb:87:03:bd:ee:e6:c3:a5:26:70:26: c2:8e:9b:50:81:47:cd:ba:5b:3b:4c:d9:6a:e4:4f: 22:2c:76:6b:ff:f9:8f:42:be:64:e8:c2:62:8b:86: 1b:3f:cb:75:eb:f2:94:ae:60:c3:11:1c:be:4c:76: ab:aa:c3:f7:0b:5d:8f:6c:84:7f:22:fe:16:2b:39: 8a:b8:01:28:f9:09:ed:fd:76:9a:75:33:eb:32:f8: 1c:01:46:ee:7d:61:be:f3:00:81:c8:d0:84:06:a4: 7f:e9:55:0a:18:2a:34:45:83:2a:ca:68:ac:a9:b9: 73:e4:c4:13:ee:9b:49:03:06:06:ab:2b:b7:86:14: a1:c9:52:ab:87:a5:ef:d3:ff:18:90:99:a3:c6:a1: e4:86:1f:3a:f9:9d:3f:ec:84:a2:ba:b5:5a:d7:2a: 18:e9:21:13:4d:c0:45:89:d4:49:ba:7c:78:92:ef: 23:0e:ce:1f:43:6e:11:b5:86:ec:cb:b1:db:2b:be: d6:3f:70:72:35:2b:0a:46:b1:5a:06:5f:de:bc:40: 86:a6:d3:eb:1b:2b:f9:ba:90:b4:bb:3b:bf:ec:59: 8c:bd:bb:af:cb:fb:aa:d5:d8:22:db:9e:94:86:c4: 81:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:3D:91:38:3F:96:35:A8:02:85:57:F1:49:8F:A9:49:02:35:B2:23 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/27412ae8-c8fe-41ee-a660-f1790d3806e7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:f000::/40 Signature Algorithm: sha256WithRSAEncryption 5c:ac:50:7f:bc:aa:a5:c4:14:6c:d4:ef:9b:8d:13:59:4a:d2: 84:00:83:68:99:32:42:fe:be:fe:8e:7a:72:8c:1b:47:dd:1a: 41:b4:55:61:ca:9d:0a:cc:67:fa:7d:e3:71:c5:99:ee:eb:f2: de:00:4e:f1:29:83:73:e7:c2:99:14:fd:2c:61:1c:77:57:2e: 32:96:4d:6d:cd:f5:50:b5:58:86:5a:46:e1:90:62:e0:a0:48: 75:c4:3b:15:5d:7e:fe:4a:ec:dd:fb:ba:96:e6:04:70:66:51: a9:52:4e:a7:f0:bd:e7:68:36:13:07:52:59:98:05:38:88:2b: 5f:8d:00:88:1e:07:d9:a3:e4:b5:24:b2:65:6b:5b:b7:c9:20: 96:1c:bb:bb:45:c6:a4:96:fd:1e:e7:10:48:f4:a2:da:18:ac: 1c:f6:12:d9:6a:ee:d6:21:5d:f7:1c:5e:72:6a:70:fa:c5:ca: 85:8d:e2:c0:19:b6:02:97:1a:99:ad:a7:86:77:57:4c:e2:4a: 4d:35:58:99:13:12:e2:53:95:2d:38:8b:5b:2b:b7:b9:bc:2e: 31:2b:36:e4:c4:a3:ac:96:37:fb:c9:da:c4:65:97:b0:cb:68: f1:f7:5b:ef:11:d2:63:b2:90:62:d9:b7:4a:19:4b:5a:11:ac: e2:0f:8a:52 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUG8IAiOMf6xkUoYhVYgyrVbXoVTkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUyNzAwMDAwMFoX DTI0MDcwMTIzNTk1OVowejFJMEcGA1UEBRNANjVkYTZhNWNiY2RhNWJlMTIwZGYy YzIzMzc1NDFlZDgwZjBmMzlmNWI1MDMwYWU0ZTNhMWJkZjE0Yzk1NWVkNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosrrEGcNaza2aVWhCtGfzYwq64cD ve7mw6UmcCbCjptQgUfNuls7TNlq5E8iLHZr//mPQr5k6MJii4YbP8t16/KUrmDD ERy+THarqsP3C12PbIR/Iv4WKzmKuAEo+Qnt/XaadTPrMvgcAUbufWG+8wCByNCE BqR/6VUKGCo0RYMqymisqblz5MQT7ptJAwYGqyu3hhShyVKrh6Xv0/8YkJmjxqHk hh86+Z0/7ISiurVa1yoY6SETTcBFidRJunx4ku8jDs4fQ24RtYbsy7HbK77WP3By NSsKRrFaBl/evECGptPrGyv5upC0uzu/7FmMvbuvy/uq1dgi256UhsSB3QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIo9kTg/ljWoAoVX8UmPqUkCNbIjMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI3NDEyYWU4LWM4ZmUtNDFlZS1hNjYwLWYxNzkwZDM4MDZlNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYfAwDQYJKoZIhvcNAQELBQADggEBAFysUH+8qqXEFGzU75uN E1lK0oQAg2iZMkL+vv6OenKMG0fdGkG0VWHKnQrMZ/p943HFme7r8t4ATvEpg3Pn wpkU/SxhHHdXLjKWTW3N9VC1WIZaRuGQYuCgSHXEOxVdfv5K7N37upbmBHBmUalS TqfwvedoNhMHUlmYBTiIK1+NAIgeB9mj5LUksmVrW7fJIJYcu7tFxqSW/R7nEEj0 otoYrBz2Etlq7tYhXfccXnJqcPrFyoWN4sAZtgKXGpmtp4Z3V0ziSk01WJkTEuJT lS04i1srt7m8LjErNuTEo6yWN/vJ2sRll7DLaPH3W+8R0mOykGLZt0oZS1oRrOIP ilI= -----END CERTIFICATE-----Generated at Sun Jun 2 01:00:41 2024 by rpki-client on console-fra.rpki-client.org