$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ff7841c4-1ada-4347-bba8-314c574d398d.roa File: ff7841c4-1ada-4347-bba8-314c574d398d.roa (raw, json) Hash identifier: j69r83pPMznlVU9k4KQyrz//e81PdLc7l8nLxD2JgyA= Subject key identifier: 87:60:02:60:A0:83:AD:0F:18:7E:4D:8C:28:73:26:33:12:A6:9D:65 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6246660E570C6CFA3B2BCB3E03308F7FE0493BF8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ff7841c4-1ada-4347-bba8-314c574d398d.roa Signing time: Mon 27 May 2024 00:00:00 +0000 ROA not before: Mon 27 May 2024 00:00:00 +0000 ROA not after: Mon 01 Jul 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab8:4800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Jun 2024 00:21:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:46:66:0e:57:0c:6c:fa:3b:2b:cb:3e:03:30:8f:7f:e0:49:3b:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 27 00:00:00 2024 GMT Not After : Jul 1 23:59:59 2024 GMT Subject: serialNumber=5f679fe9cbb5de3f26100269dc24cbf23fce0f3ed8e58c9caf9fd45eb732cbe5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:af:25:01:8e:b6:cc:f1:5c:ff:51:7b:87:7d: fa:20:03:80:66:6a:0b:b2:24:5a:26:e8:21:7b:45: 9f:df:42:3e:69:49:96:cf:29:5e:cf:aa:8f:3f:a8: b2:d5:69:a7:70:cf:90:96:5b:8c:68:66:44:32:93: f3:db:3d:3a:89:68:aa:0b:aa:d8:21:bd:27:8d:e1: 2f:eb:aa:c3:55:0e:83:27:e6:64:e0:ad:0c:8f:a7: 2d:dc:8d:d2:e9:56:19:0d:5a:9e:eb:4b:8e:58:6a: 18:f3:a8:e2:7d:55:83:07:15:20:49:ef:7c:36:27: c3:ba:58:2a:20:42:73:84:6d:b5:3b:47:f9:d5:44: ff:21:74:f5:2d:4b:7b:36:e9:97:fc:18:c8:1d:f9: db:c9:53:89:e2:d4:44:69:62:a6:b5:ae:58:d6:58: 9c:81:dc:70:a7:93:b6:04:40:76:6e:b2:1c:00:de: 45:9a:35:2c:48:67:db:d3:b6:93:cb:c9:f6:11:a0: 28:e8:3a:5f:ae:6a:64:44:82:5c:f4:67:ab:54:45: f7:e6:5a:09:9c:03:68:d5:36:f8:58:1a:38:5d:bf: 5c:7b:5f:03:5e:f1:98:0e:6d:6e:56:e6:fc:64:51: 0c:dc:2e:ba:dc:20:c6:80:46:5c:0b:43:87:f4:91: 8b:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:60:02:60:A0:83:AD:0F:18:7E:4D:8C:28:73:26:33:12:A6:9D:65 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ff7841c4-1ada-4347-bba8-314c574d398d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab8:4800::/40 Signature Algorithm: sha256WithRSAEncryption c3:be:55:dc:04:da:f9:a9:84:5e:50:0d:08:0d:c7:d8:f2:93: 30:2e:af:09:e3:3b:35:92:34:93:f3:4a:18:0a:ac:05:5c:5c: fe:35:23:e1:82:1f:4f:a9:99:28:c6:56:8f:d7:76:4d:69:98: 80:b7:61:fc:77:db:a7:f0:c1:e1:c6:d8:1f:92:9d:89:46:2b: 21:bf:fd:47:94:ea:39:fd:2a:76:e5:51:81:0f:e6:22:d1:16: 05:ad:78:17:81:49:d1:84:95:5b:73:18:61:e9:6c:76:69:3b: ce:0a:52:d0:59:43:a0:3e:94:41:41:ec:72:70:f0:5c:c4:2b: 51:0f:5e:5e:ff:3b:9f:dc:92:75:5d:aa:fd:53:54:d7:3f:db: 52:ab:70:4d:de:90:94:54:21:92:a7:44:92:56:aa:52:59:3e: dc:20:23:e5:87:f8:a5:12:98:a6:2f:1a:a1:9e:56:98:47:5c: 05:da:1f:6e:79:60:7a:7e:29:0d:87:9b:d4:ef:5f:ed:a4:c8: 62:51:d1:7b:3a:59:4d:92:6f:16:36:bd:19:bb:81:a9:71:90: 85:ca:59:ba:82:00:e5:a4:f3:49:f5:fc:1e:04:ae:07:52:25: 21:46:c4:de:fb:62:da:a1:62:86:0e:cd:be:ab:30:b8:9e:6e: f6:9e:c0:ad -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUYkZmDlcMbPo7K8s+AzCPf+BJO/gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUyNzAwMDAwMFoX DTI0MDcwMTIzNTk1OVowejFJMEcGA1UEBRNANWY2NzlmZTljYmI1ZGUzZjI2MTAw MjY5ZGMyNGNiZjIzZmNlMGYzZWQ4ZTU4YzljYWY5ZmQ0NWViNzMyY2JlNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp68lAY62zPFc/1F7h336IAOAZmoL siRaJughe0Wf30I+aUmWzylez6qPP6iy1WmncM+QlluMaGZEMpPz2z06iWiqC6rY Ib0njeEv66rDVQ6DJ+Zk4K0Mj6ct3I3S6VYZDVqe60uOWGoY86jifVWDBxUgSe98 NifDulgqIEJzhG21O0f51UT/IXT1LUt7NumX/BjIHfnbyVOJ4tREaWKmta5Y1lic gdxwp5O2BEB2brIcAN5FmjUsSGfb07aTy8n2EaAo6DpfrmpkRIJc9GerVEX35loJ nANo1Tb4WBo4Xb9ce18DXvGYDm1uVub8ZFEM3C663CDGgEZcC0OH9JGL1wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIdgAmCgg60PGH5NjChzJjMSpp1lMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZmNzg0MWM0LTFhZGEtNDM0Ny1iYmE4LTMxNGM1NzRkMzk4ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauEgwDQYJKoZIhvcNAQELBQADggEBAMO+VdwE2vmphF5QDQgN x9jykzAurwnjOzWSNJPzShgKrAVcXP41I+GCH0+pmSjGVo/Xdk1pmIC3Yfx326fw weHG2B+SnYlGKyG//UeU6jn9KnblUYEP5iLRFgWteBeBSdGElVtzGGHpbHZpO84K UtBZQ6A+lEFB7HJw8FzEK1EPXl7/O5/cknVdqv1TVNc/21KrcE3ekJRUIZKnRJJW qlJZPtwgI+WH+KUSmKYvGqGeVphHXAXaH255YHp+KQ2Hm9TvX+2kyGJR0Xs6WU2S bxY2vRm7galxkIXKWbqCAOWk80n1/B4ErgdSJSFGxN77YtqhYoYOzb6rMLiebvae wK0= -----END CERTIFICATE-----Generated at Sun Jun 2 01:00:43 2024 by rpki-client on console-fra.rpki-client.org