$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6966423c-fa27-4cd5-898f-a147e75cdcb6.roa File: 6966423c-fa27-4cd5-898f-a147e75cdcb6.roa (raw, json) Hash identifier: SXPvkgjXzy93hmGQSL2ta4Qt0H9o95gu6kgeC2rvMd8= Subject key identifier: 1B:D2:4B:D9:74:95:9A:A6:FD:45:B1:90:0A:F2:9D:F6:8A:86:38:92 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5FCFE4D1537634E7047C43D46F9926BEB3606300 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6966423c-fa27-4cd5-898f-a147e75cdcb6.roa Signing time: Mon 27 May 2024 00:00:00 +0000 ROA not before: Mon 27 May 2024 00:00:00 +0000 ROA not after: Mon 01 Jul 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Jun 2024 00:21:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:cf:e4:d1:53:76:34:e7:04:7c:43:d4:6f:99:26:be:b3:60:63:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 27 00:00:00 2024 GMT Not After : Jul 1 23:59:59 2024 GMT Subject: serialNumber=65891e6e43bf290778fa0c10864e7d16808d89a6eeca2bf74054e9d79f3e3d7a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:98:5a:81:e9:3f:26:75:7d:99:87:4c:23:13: d5:c0:9d:c9:64:e6:55:c2:b6:ee:cf:ca:61:28:1b: e7:73:cf:53:c4:52:9e:83:7a:11:10:03:8c:c4:21: 5a:c7:1b:99:2d:93:f1:b7:d4:00:b1:9b:d7:e1:e1: f1:f0:bc:de:64:bc:22:3c:30:b5:92:01:46:91:3d: cd:71:4e:cb:76:d5:40:bc:da:00:6b:ae:d9:ea:7b: a4:7d:ac:a0:a5:04:57:4f:e3:83:21:11:8d:bc:b0: 6c:6b:fb:b1:ba:c0:54:33:7d:0e:d4:a6:b0:62:4b: 89:e5:43:33:a3:b1:01:e2:b9:20:56:0d:23:82:89: d0:09:e3:ce:c3:60:55:85:83:3c:e0:72:a6:46:3b: 54:9c:98:51:fe:de:04:f3:b8:ec:b3:3c:05:61:bd: 9a:86:2e:67:d1:53:b4:7e:50:20:b6:8d:5e:79:5e: c9:07:62:fc:c7:b5:10:5f:01:7d:8b:3e:fd:47:6b: c6:97:c1:11:91:90:90:3b:71:dd:c3:a1:54:58:f3: 3a:99:7a:4e:9d:d9:e1:a7:30:f9:29:9d:f5:93:e4: 08:b9:e8:fd:8b:c3:1b:c3:98:b1:23:77:87:63:1d: 00:67:33:58:10:d1:e0:ea:4b:ab:34:72:e5:33:2c: a5:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:D2:4B:D9:74:95:9A:A6:FD:45:B1:90:0A:F2:9D:F6:8A:86:38:92 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6966423c-fa27-4cd5-898f-a147e75cdcb6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:a000::/40 Signature Algorithm: sha256WithRSAEncryption a4:8b:f5:ac:06:03:f2:d8:05:12:64:e9:7a:e2:59:9b:08:bb: 64:4c:16:87:de:db:0b:03:52:27:1b:8f:88:3e:f2:fb:52:6b: de:cb:f6:b4:5d:c8:af:cf:a9:39:17:4f:93:56:22:17:17:b0: f6:9d:d2:67:fd:ff:c0:b8:de:29:a6:a7:7e:5c:28:96:9c:e6: 67:db:68:35:db:a2:73:4c:0f:b0:2f:7d:2f:5c:05:d7:aa:a0: 04:d1:c9:c2:37:a9:d1:c4:bf:dd:73:9f:4c:e4:6f:08:57:d3: 1f:57:3a:f0:16:51:6a:bd:de:2f:c6:b1:3e:a7:9b:30:a4:db: b5:43:8a:66:eb:50:66:5b:33:40:eb:94:34:f0:35:b6:01:8d: ec:d9:d0:d2:10:46:3c:22:f2:f7:af:9a:70:f5:c0:04:ca:c5: 21:fb:34:40:ef:81:61:d0:9a:dc:04:3d:9e:86:46:68:e2:61: 27:d1:f4:e9:d9:28:f4:b0:db:39:45:42:bd:04:9a:94:28:0b: f5:57:18:04:89:44:5f:8a:1b:71:67:5a:22:29:7c:99:77:c9: a9:57:fb:25:65:de:b2:5d:9d:6d:f2:40:4c:63:a0:03:97:5b: d4:d2:fb:c6:00:b6:04:9f:ec:db:e7:c8:b5:92:c5:8f:a3:43: f1:dc:c9:9f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUX8/k0VN2NOcEfEPUb5kmvrNgYwAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUyNzAwMDAwMFoX DTI0MDcwMTIzNTk1OVowejFJMEcGA1UEBRNANjU4OTFlNmU0M2JmMjkwNzc4ZmEw YzEwODY0ZTdkMTY4MDhkODlhNmVlY2EyYmY3NDA1NGU5ZDc5ZjNlM2Q3YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZhagek/JnV9mYdMIxPVwJ3JZOZV wrbuz8phKBvnc89TxFKeg3oREAOMxCFaxxuZLZPxt9QAsZvX4eHx8LzeZLwiPDC1 kgFGkT3NcU7LdtVAvNoAa67Z6nukfaygpQRXT+ODIRGNvLBsa/uxusBUM30O1Kaw YkuJ5UMzo7EB4rkgVg0jgonQCePOw2BVhYM84HKmRjtUnJhR/t4E87jsszwFYb2a hi5n0VO0flAgto1eeV7JB2L8x7UQXwF9iz79R2vGl8ERkZCQO3Hdw6FUWPM6mXpO ndnhpzD5KZ31k+QIuej9i8Mbw5ixI3eHYx0AZzNYENHg6kurNHLlMyylwQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBvSS9l0lZqm/UWxkArynfaKhjiSMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY5NjY0MjNjLWZhMjctNGNkNS04OThmLWExNDdlNzVjZGNiNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauaAwDQYJKoZIhvcNAQELBQADggEBAKSL9awGA/LYBRJk6Xri WZsIu2RMFofe2wsDUicbj4g+8vtSa97L9rRdyK/PqTkXT5NWIhcXsPad0mf9/8C4 3immp35cKJac5mfbaDXbonNMD7AvfS9cBdeqoATRycI3qdHEv91zn0zkbwhX0x9X OvAWUWq93i/GsT6nmzCk27VDimbrUGZbM0DrlDTwNbYBjezZ0NIQRjwi8vevmnD1 wATKxSH7NEDvgWHQmtwEPZ6GRmjiYSfR9OnZKPSw2zlFQr0EmpQoC/VXGASJRF+K G3FnWiIpfJl3yalX+yVl3rJdnW3yQExjoAOXW9TS+8YAtgSf7NvnyLWSxY+jQ/Hc yZ8= -----END CERTIFICATE-----Generated at Sun Jun 2 01:37:01 2024 by rpki-client on console-ams.rpki-client.org