$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/704de810-db59-4d07-8173-227510fa6dcf.roa File: 704de810-db59-4d07-8173-227510fa6dcf.roa (raw, json) Hash identifier: +sBTpZYhqBnHae68bepJOzGn50J9ajdKbn2/CfYoDcA= Subject key identifier: 2F:AA:F1:96:38:A3:BA:BC:16:64:19:5A:85:A6:82:01:29:19:76:53 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3D79947423D67C24AFC2C0A56D0F6363C9652B1B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/704de810-db59-4d07-8173-227510fa6dcf.roa Signing time: Mon 13 May 2024 00:00:00 +0000 ROA not before: Mon 13 May 2024 00:00:00 +0000 ROA not after: Mon 17 Jun 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:8800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Jun 2024 00:21:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:79:94:74:23:d6:7c:24:af:c2:c0:a5:6d:0f:63:63:c9:65:2b:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 13 00:00:00 2024 GMT Not After : Jun 17 23:59:59 2024 GMT Subject: serialNumber=8067580fe82fefe5083b0e54d5018c21486f7fd81342a8fcd26d58e444ea18a7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:d6:1c:0d:a2:ef:ec:0a:75:9c:e3:1f:51:c5: 4e:67:7b:6a:65:58:37:2e:fe:78:5e:c0:ee:fa:f7: 49:29:81:32:4c:9d:9b:53:ce:85:b2:b3:09:48:77: 9b:de:79:bb:46:93:70:96:7c:73:6e:35:d3:41:ec: 50:fd:50:c1:41:ee:07:e1:82:ba:f3:42:f8:24:e6: a0:f2:47:4f:f8:36:87:1c:0a:ff:2a:6b:89:3b:84: 6a:91:81:cc:2e:ff:53:73:cd:de:ef:03:f0:78:3f: d2:bb:ec:37:fb:09:7b:a2:f8:29:a7:b8:65:5c:c1: 2c:89:fb:8d:bb:bc:6b:05:32:14:cd:32:f3:79:7d: ec:70:96:6e:99:fb:9e:ab:d0:ad:da:c5:14:67:96: f0:31:08:eb:ed:01:99:25:4b:30:f2:66:c8:ee:88: 9b:fd:35:5a:a9:1f:1d:54:1a:06:78:b6:33:1b:d3: ac:98:06:2b:7d:01:4e:5b:e4:ad:b4:be:63:ec:a3: 7e:10:7f:48:fb:64:b9:af:aa:ea:03:7c:40:8a:82: 9e:57:71:98:31:a0:e7:02:65:16:77:26:c8:ac:18: 63:33:99:2b:61:2a:ef:19:c5:70:ab:db:97:f8:f7: 8f:c9:4a:49:f1:9f:69:a8:24:fe:92:16:ff:48:4d: 80:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:AA:F1:96:38:A3:BA:BC:16:64:19:5A:85:A6:82:01:29:19:76:53 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/704de810-db59-4d07-8173-227510fa6dcf.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:8800::/40 Signature Algorithm: sha256WithRSAEncryption 90:d8:f1:38:52:14:17:75:15:6a:cb:d0:2a:ba:d4:6c:20:cc: b8:88:8a:81:c3:96:a2:f8:79:87:d7:6f:7f:5c:88:f5:09:d5: eb:6b:08:0b:b3:97:66:75:8c:32:ac:c0:cd:5a:01:63:4b:ad: e8:4d:37:e8:35:92:4f:40:e8:7a:cb:7c:f7:ca:ed:6e:c2:4a: ec:68:dc:83:59:4e:1b:b2:29:6b:7b:fd:85:3f:82:68:4f:be: 44:63:32:8e:0e:e2:95:6a:97:de:9b:5a:7f:4e:f7:e3:4c:b9: 02:f6:64:7d:bd:02:82:d1:59:31:6c:18:56:ea:ce:f5:89:86: 6d:ef:33:5b:ca:a9:42:44:41:5a:5e:06:32:67:94:85:69:f0: ae:ae:ad:29:eb:4a:79:ae:00:70:82:5f:01:ff:bd:b2:cf:5f: 97:8f:b0:55:57:2c:31:b7:76:a4:c0:78:86:b4:b8:12:29:70: fd:74:35:53:97:a1:6c:70:e6:85:fd:53:f2:b7:d0:0b:27:fc: 9e:d4:46:a3:0b:5b:8b:db:bf:b7:84:3c:df:a1:e5:0d:ab:34: f3:23:7a:8e:88:7f:40:f6:71:ec:19:51:55:c8:a1:35:bc:8a: 83:13:c3:09:d9:db:68:58:0a:76:f7:04:56:8d:c7:d1:8b:98: 9a:9c:bc:e6 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPXmUdCPWfCSvwsClbQ9jY8llKxswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUxMzAwMDAwMFoX DTI0MDYxNzIzNTk1OVowejFJMEcGA1UEBRNAODA2NzU4MGZlODJmZWZlNTA4M2Iw ZTU0ZDUwMThjMjE0ODZmN2ZkODEzNDJhOGZjZDI2ZDU4ZTQ0NGVhMThhNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNYcDaLv7Ap1nOMfUcVOZ3tqZVg3 Lv54XsDu+vdJKYEyTJ2bU86FsrMJSHeb3nm7RpNwlnxzbjXTQexQ/VDBQe4H4YK6 80L4JOag8kdP+DaHHAr/KmuJO4RqkYHMLv9Tc83e7wPweD/Su+w3+wl7ovgpp7hl XMEsifuNu7xrBTIUzTLzeX3scJZumfueq9Ct2sUUZ5bwMQjr7QGZJUsw8mbI7oib /TVaqR8dVBoGeLYzG9OsmAYrfQFOW+SttL5j7KN+EH9I+2S5r6rqA3xAioKeV3GY MaDnAmUWdybIrBhjM5krYSrvGcVwq9uX+PePyUpJ8Z9pqCT+khb/SE2AWwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFC+q8ZY4o7q8FmQZWoWmggEpGXZTMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzcwNGRlODEwLWRiNTktNGQwNy04MTczLTIyNzUxMGZhNmRjZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9ogwDQYJKoZIhvcNAQELBQADggEBAJDY8ThSFBd1FWrL0Cq6 1GwgzLiIioHDlqL4eYfXb39ciPUJ1etrCAuzl2Z1jDKswM1aAWNLrehNN+g1kk9A 6HrLfPfK7W7CSuxo3INZThuyKWt7/YU/gmhPvkRjMo4O4pVql96bWn9O9+NMuQL2 ZH29AoLRWTFsGFbqzvWJhm3vM1vKqUJEQVpeBjJnlIVp8K6urSnrSnmuAHCCXwH/ vbLPX5ePsFVXLDG3dqTAeIa0uBIpcP10NVOXoWxw5oX9U/K30Asn/J7URqMLW4vb v7eEPN+h5Q2rNPMjeo6If0D2cewZUVXIoTW8ioMTwwnZ22hYCnb3BFaNx9GLmJqc vOY= -----END CERTIFICATE-----Generated at Sun Jun 2 01:00:42 2024 by rpki-client on console-fra.rpki-client.org