$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/41d48512-3b44-4b3e-ba21-6171938cc43c.roa File: 41d48512-3b44-4b3e-ba21-6171938cc43c.roa (raw, json) Hash identifier: NVziOantzlKNZ1/vae2INWhb7Z/I2oKzJOKhxxQdyHE= Subject key identifier: B4:86:E8:D2:43:7D:34:C9:A5:CF:8C:9D:BC:57:46:3E:AF:1A:E3:E6 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 6A6F1426FE80809DD30FE27A80AAA22CCB2AAE71 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/41d48512-3b44-4b3e-ba21-6171938cc43c.roa Signing time: Tue 16 Apr 2024 00:00:00 +0000 ROA not before: Tue 16 Apr 2024 00:00:00 +0000 ROA not after: Tue 21 May 2024 23:59:59 +0000 asID: 14618 IP address blocks: 2400:6500::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 09 May 2024 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:6f:14:26:fe:80:80:9d:d3:0f:e2:7a:80:aa:a2:2c:cb:2a:ae:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Apr 16 00:00:00 2024 GMT Not After : May 21 23:59:59 2024 GMT Subject: serialNumber=f32ea67da92f12838b1b1daa07b1e41b76b2f9a07ffaf61724e0efe83a2f97b6, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:bb:20:bd:c3:26:25:9b:62:25:5f:f5:cb:36: fd:be:70:dd:22:ba:1a:a7:68:2c:51:3b:4d:32:27: 13:34:c0:74:28:bb:9a:c9:27:eb:d7:19:0f:d8:9c: ae:4c:22:25:7d:81:b7:ab:65:81:0d:c6:46:1e:e5: eb:ca:6a:ff:8e:97:b8:ca:f1:2b:bc:a9:71:a3:10: 8c:52:ec:53:06:b4:39:a7:2d:a5:ca:1d:f2:8f:cc: 3a:ca:f8:28:ff:7e:2b:59:2c:41:93:29:e5:64:53: 67:2c:1b:7f:14:d2:63:ad:bf:29:c2:e4:af:83:98: dd:4c:c8:93:05:65:f5:1c:71:28:2c:07:4f:e2:b7: 44:b6:15:d6:a3:6c:cc:a2:83:e8:77:16:72:56:1d: d8:a8:78:94:04:c0:5e:24:13:76:f9:b5:6b:28:6c: c9:c3:a8:35:9d:aa:37:32:b8:5d:7b:05:ca:f5:0f: 40:e3:dc:1b:90:38:43:7e:cc:70:0e:c9:04:ac:49: 49:3e:bd:e5:bf:83:a9:c9:27:2e:94:7a:31:ba:51: d5:21:cf:3c:88:5d:49:28:6c:f4:fb:bc:3a:bc:ab: 3e:ad:ae:97:fe:ba:f3:4e:88:aa:89:0c:6d:d1:7b: 57:82:8d:8f:68:29:37:5c:6c:2f:43:a6:15:64:0c: be:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:86:E8:D2:43:7D:34:C9:A5:CF:8C:9D:BC:57:46:3E:AF:1A:E3:E6 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/41d48512-3b44-4b3e-ba21-6171938cc43c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500::/32 Signature Algorithm: sha256WithRSAEncryption 4e:8f:39:df:45:df:4d:d3:40:f0:2e:57:a5:db:cc:11:ce:64: 73:56:76:22:df:ee:df:75:c9:72:a7:27:ed:2a:8f:e7:a0:6a: dd:db:5e:20:b8:5b:b4:80:50:89:21:1f:62:77:13:ed:0d:11: eb:0a:d8:41:10:3e:cf:50:fe:05:d2:2c:49:9c:6e:0f:b8:95: 84:b7:91:36:2a:24:cb:fd:a7:d7:05:30:bf:0c:d8:71:3d:dd: 4b:ae:be:25:ae:81:96:57:c1:0c:74:de:1d:0c:22:f4:6b:e0: d9:30:5a:c1:48:9b:f8:d8:7b:e2:49:e5:6d:3c:1e:56:b2:7c: 0b:ae:0a:c2:fd:e8:ea:9c:a3:f2:99:81:78:86:42:46:83:a1: e3:5e:58:87:4f:38:7b:36:c7:7a:a8:67:3d:72:06:20:54:30: 00:18:c6:55:7b:02:35:59:dd:c3:d0:44:27:20:66:3b:31:0d: 08:c6:03:95:90:e1:b5:0b:60:54:b2:f4:c2:67:44:0f:69:20: 1a:a0:00:d4:d4:83:d4:0b:18:76:38:01:c3:f7:dd:bb:ee:9f: be:9b:30:05:8c:57:3b:a3:d1:40:32:f2:fc:d1:1d:30:b5:b9: a1:7a:43:0a:41:a9:4d:65:b3:a7:5d:b8:53:f1:0d:7e:f1:25: 11:e8:64:c5 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUam8UJv6AgJ3TD+J6gKqiLMsqrnEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI0MDQxNjAwMDAwMFoX DTI0MDUyMTIzNTk1OVowejFJMEcGA1UEBRNAZjMyZWE2N2RhOTJmMTI4MzhiMWIx ZGFhMDdiMWU0MWI3NmIyZjlhMDdmZmFmNjE3MjRlMGVmZTgzYTJmOTdiNjEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrsgvcMmJZtiJV/1yzb9vnDdIroa p2gsUTtNMicTNMB0KLuaySfr1xkP2JyuTCIlfYG3q2WBDcZGHuXrymr/jpe4yvEr vKlxoxCMUuxTBrQ5py2lyh3yj8w6yvgo/34rWSxBkynlZFNnLBt/FNJjrb8pwuSv g5jdTMiTBWX1HHEoLAdP4rdEthXWo2zMooPodxZyVh3YqHiUBMBeJBN2+bVrKGzJ w6g1nao3MrhdewXK9Q9A49wbkDhDfsxwDskErElJPr3lv4OpySculHoxulHVIc88 iF1JKGz0+7w6vKs+ra6X/rrzToiqiQxt0XtXgo2PaCk3XGwvQ6YVZAy+twIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFLSG6NJDfTTJpc+MnbxXRj6vGuPmMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzQxZDQ4NTEyLTNiNDQtNGIzZS1iYTIxLTYxNzE5MzhjYzQzYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJABlADANBgkqhkiG9w0BAQsFAAOCAQEATo8530XfTdNA8C5XpdvM Ec5kc1Z2It/u33XJcqcn7SqP56Bq3dteILhbtIBQiSEfYncT7Q0R6wrYQRA+z1D+ BdIsSZxuD7iVhLeRNioky/2n1wUwvwzYcT3dS66+Ja6BllfBDHTeHQwi9Gvg2TBa wUib+Nh74knlbTweVrJ8C64Kwv3o6pyj8pmBeIZCRoOh415Yh084ezbHeqhnPXIG IFQwABjGVXsCNVndw9BEJyBmOzENCMYDlZDhtQtgVLL0wmdED2kgGqAA1NSD1AsY djgBw/fdu+6fvpswBYxXO6PRQDLy/NEdMLW5oXpDCkGpTWWzp124U/ENfvElEehk xQ== -----END CERTIFICATE-----Generated at Sun May 5 01:21:31 2024 by rpki-client on console-fra.rpki-client.org