$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4bdd1ef3-7214-4d8c-8829-8df3621a8099.roa File: 4bdd1ef3-7214-4d8c-8829-8df3621a8099.roa (raw, json) Hash identifier: nTRNb8aKZcDqoUYM8twpUm7wJjicIQdmBxDb5WIflxY= Subject key identifier: B2:64:0B:49:7A:E2:21:6A:48:6A:98:6E:2E:FD:BC:1C:A7:C0:AB:83 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3D422154B1D9CA41AEA0A37943DF8BEF07C0BA6F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4bdd1ef3-7214-4d8c-8829-8df3621a8099.roa Signing time: Fri 31 May 2024 00:00:00 +0000 ROA not before: Fri 31 May 2024 00:00:00 +0000 ROA not after: Fri 05 Jul 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf9:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Jun 2024 00:21:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:42:21:54:b1:d9:ca:41:ae:a0:a3:79:43:df:8b:ef:07:c0:ba:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 31 00:00:00 2024 GMT Not After : Jul 5 23:59:59 2024 GMT Subject: serialNumber=d5f2de4dfae861adbdbb89a6400ad3414d55b081a7a924becc3f24658ce35489, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:84:dc:fd:4f:29:70:a4:05:e0:11:30:4d:30:d7: ea:5f:c5:99:9a:3e:2a:1a:06:f0:ac:14:57:13:be: 53:bf:32:48:17:0d:0e:8f:28:39:a0:63:a2:10:4b: 41:64:a7:5f:6f:b4:5a:8a:78:31:61:3f:a4:50:50: f4:93:b8:b4:5e:e6:5b:8a:7d:34:00:83:67:46:0d: 9d:12:39:41:65:e7:a5:79:d6:b3:bf:ec:1d:52:57: 6a:31:ac:64:12:59:5c:2a:86:b8:b0:8e:7f:a5:c6: ac:35:9b:5a:75:6d:54:2c:99:54:10:cd:6f:04:4c: 54:ea:48:cc:eb:66:65:77:bd:53:2e:12:bd:49:26: e7:b3:1f:66:7b:dd:b6:62:6e:21:12:a2:e9:cc:ff: 61:37:7e:49:64:c3:a9:5c:4e:21:15:9d:00:42:a6: 99:7b:6a:c7:f7:be:cb:77:32:6d:76:c2:5b:6c:71: f0:64:44:76:b2:53:eb:84:97:96:04:f6:d5:15:8f: e1:a2:3f:ff:02:b9:e2:89:4f:62:22:5e:6a:6f:13: e1:0e:5f:48:58:5d:28:22:a0:dd:fd:fc:48:bd:d8: c0:60:81:d4:56:51:0e:a6:63:bb:8d:bb:8b:52:4e: 82:c3:24:c3:6c:2e:2c:e1:34:cd:5c:b8:b3:b1:c5: 57:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:64:0B:49:7A:E2:21:6A:48:6A:98:6E:2E:FD:BC:1C:A7:C0:AB:83 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4bdd1ef3-7214-4d8c-8829-8df3621a8099.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf9:8000::/40 Signature Algorithm: sha256WithRSAEncryption cc:0f:17:cc:a3:03:61:ab:cd:c1:83:fa:4e:5f:3b:30:33:84: ea:42:c2:c9:ec:61:62:2f:fa:8a:62:61:10:28:ac:cf:9c:b1: 8c:05:2f:a7:38:ca:dd:2d:86:6d:d5:d2:47:64:2e:e8:16:54: e3:75:45:1d:d5:59:cc:5b:e4:85:72:5b:42:be:78:4f:36:a5: 69:83:96:96:72:2e:68:8c:77:b1:47:5b:fa:d3:eb:0d:4e:64: 1e:64:35:60:58:b9:ff:a4:af:36:35:05:ce:5b:32:10:cf:91: 55:ef:49:fe:27:9d:b2:ba:ba:f9:5d:7a:d2:c0:f8:a9:44:38: 3b:5b:8c:9d:0e:b3:ba:2e:a1:6b:31:8f:a0:98:ac:21:e0:c1: 22:b2:2c:9f:d5:0d:92:ce:d9:99:c8:d5:bb:a9:29:0e:98:90: b7:19:16:ca:c5:f1:55:24:06:45:43:44:56:cb:42:a6:73:27: 0e:c5:03:b4:97:d0:32:ae:27:8b:7a:91:d6:87:39:dc:89:f1: 8f:25:a3:06:44:06:41:6b:ea:50:72:dd:62:76:43:9f:09:5d: 22:ad:b5:78:75:d9:be:d1:03:31:82:e7:2c:1b:db:52:d1:72: 42:0a:1e:ab:98:86:05:01:bc:58:30:82:00:6e:52:90:30:b8: ea:e2:70:54 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPUIhVLHZykGuoKN5Q9+L7wfAum8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUzMTAwMDAwMFoX DTI0MDcwNTIzNTk1OVowejFJMEcGA1UEBRNAZDVmMmRlNGRmYWU4NjFhZGJkYmI4 OWE2NDAwYWQzNDE0ZDU1YjA4MWE3YTkyNGJlY2MzZjI0NjU4Y2UzNTQ4OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNz9TylwpAXgETBNMNfqX8WZmj4q GgbwrBRXE75TvzJIFw0Ojyg5oGOiEEtBZKdfb7RaingxYT+kUFD0k7i0XuZbin00 AINnRg2dEjlBZeeledazv+wdUldqMaxkEllcKoa4sI5/pcasNZtadW1ULJlUEM1v BExU6kjM62Zld71TLhK9SSbnsx9me922Ym4hEqLpzP9hN35JZMOpXE4hFZ0AQqaZ e2rH977LdzJtdsJbbHHwZER2slPrhJeWBPbVFY/hoj//ArniiU9iIl5qbxPhDl9I WF0oIqDd/fxIvdjAYIHUVlEOpmO7jbuLUk6CwyTDbC4s4TTNXLizscVXDQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLJkC0l64iFqSGqYbi79vBynwKuDMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRiZGQxZWYzLTcyMTQtNGQ4Yy04ODI5LThkZjM2MjFhODA5OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+YAwDQYJKoZIhvcNAQELBQADggEBAMwPF8yjA2GrzcGD+k5f OzAzhOpCwsnsYWIv+opiYRAorM+csYwFL6c4yt0thm3V0kdkLugWVON1RR3VWcxb 5IVyW0K+eE82pWmDlpZyLmiMd7FHW/rT6w1OZB5kNWBYuf+krzY1Bc5bMhDPkVXv Sf4nnbK6uvldetLA+KlEODtbjJ0Os7ouoWsxj6CYrCHgwSKyLJ/VDZLO2ZnI1bup KQ6YkLcZFsrF8VUkBkVDRFbLQqZzJw7FA7SX0DKuJ4t6kdaHOdyJ8Y8lowZEBkFr 6lBy3WJ2Q58JXSKttXh12b7RAzGC5ywb21LRckIKHquYhgUBvFgwggBuUpAwuOri cFQ= -----END CERTIFICATE-----Generated at Sun Jun 2 01:37:00 2024 by rpki-client on console-ams.rpki-client.org