$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/004c94ec-a64d-4097-910e-831e2f73cc5b.roa File: 004c94ec-a64d-4097-910e-831e2f73cc5b.roa (raw, json) Hash identifier: x8Jbg/TIJsLp7dNYzXaCLL3F1UwVYw2pnrqYmGB4Xs0= Subject key identifier: 8D:C0:B3:75:0B:39:1B:65:7C:1A:20:3A:0A:DB:22:0B:3E:CC:77:40 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2545430FB59227A111F947AE94164CA3EAB337B7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/004c94ec-a64d-4097-910e-831e2f73cc5b.roa Signing time: Mon 08 Jul 2024 00:00:00 +0000 ROA not before: Mon 08 Jul 2024 00:00:00 +0000 ROA not after: Mon 12 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf9:c800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:45:43:0f:b5:92:27:a1:11:f9:47:ae:94:16:4c:a3:ea:b3:37:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 8 00:00:00 2024 GMT Not After : Aug 12 23:59:59 2024 GMT Subject: serialNumber=5d2bb4565a05306bfbf02a5a87ecd37ad903609d4ed912056d2e76d28c87009d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:ed:0e:ba:c5:bd:4b:af:1e:c1:69:b5:78:57: 97:1d:48:3e:84:78:d7:db:1a:a8:9c:d0:08:7b:00: d0:59:91:ba:07:d5:2f:4e:f2:bb:34:76:32:cd:88: c2:70:2a:df:db:ca:cf:e9:89:f9:e4:d7:66:84:81: 3e:57:38:77:5e:51:71:03:57:93:14:6c:9d:3e:a9: b4:d1:57:48:7d:7d:3c:55:e9:04:83:88:38:31:f7: 2d:e7:f7:ea:c7:94:a5:d5:e7:7b:e2:91:1d:1e:1f: 4c:e0:25:3f:53:a8:54:7e:09:3e:e9:88:f3:19:a7: 3e:2f:10:b4:23:02:c4:0a:a9:97:77:c3:1b:90:05: 86:42:0d:a0:c4:dc:f8:67:64:bc:cd:11:57:42:f4: 77:3e:5e:c2:f7:c0:90:62:d7:a2:0e:a5:24:ce:1c: fc:9f:b9:b5:05:82:d5:f6:a3:f2:62:79:07:9e:ce: 4c:50:9c:8d:57:a2:6a:be:f5:fa:3b:16:6f:32:ad: a3:3d:46:d7:06:e4:a9:0f:f8:50:29:e5:0c:df:82: 76:fc:33:9b:fc:f9:33:93:12:8f:b3:15:cb:14:c2: f5:d1:ba:9c:4b:da:5f:6f:e1:6a:f1:fe:98:ac:88: 44:73:f0:fe:1e:37:6f:3a:cd:06:cd:b7:9a:1f:06: b9:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:C0:B3:75:0B:39:1B:65:7C:1A:20:3A:0A:DB:22:0B:3E:CC:77:40 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/004c94ec-a64d-4097-910e-831e2f73cc5b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf9:c800::/40 Signature Algorithm: sha256WithRSAEncryption c0:12:03:75:92:9e:57:50:c5:2f:ca:0c:c2:19:30:ea:31:7d: 21:70:a8:fc:57:fa:08:d9:0a:01:37:03:9e:f5:96:b2:7d:d6: 02:67:b8:21:6e:9b:fd:ac:0a:d0:f8:39:6e:e5:a1:db:0d:f2: cb:fc:06:19:53:08:ea:42:67:1d:d9:64:88:ca:22:d2:c5:3b: 72:c5:0a:35:be:6e:eb:4c:3f:6a:e3:61:a1:6e:85:c3:be:0a: 0b:25:57:d1:8c:fb:70:a5:84:82:5e:06:d0:34:9e:14:1c:66: 98:b2:d3:68:91:6c:e8:e6:b7:19:13:48:44:68:79:dd:16:ca: bf:e8:ac:f5:2e:ce:df:6b:e2:ec:cd:e7:44:33:d9:db:27:d0: 3c:3a:c8:b7:c5:41:18:a4:7f:a8:e2:81:fc:50:d2:fc:10:42: cd:43:92:2c:c9:9e:2e:8f:6d:a1:00:4c:c7:c0:4e:d5:f4:03: 80:79:a8:12:fc:d0:99:ca:26:11:94:16:f1:02:1b:04:8c:d6: b2:c4:8d:c3:e3:4e:62:2a:60:c0:50:e2:81:82:b9:60:84:3b: 11:f9:79:78:6e:26:14:30:b9:e8:f2:b9:b4:44:3a:0e:30:70: 6e:d8:7e:8f:9a:db:f6:48:9f:3f:c1:f3:2f:a0:e6:37:74:c9: bc:1e:49:cd -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJUVDD7WSJ6ER+UeulBZMo+qzN7cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcwODAwMDAwMFoX DTI0MDgxMjIzNTk1OVowejFJMEcGA1UEBRNANWQyYmI0NTY1YTA1MzA2YmZiZjAy YTVhODdlY2QzN2FkOTAzNjA5ZDRlZDkxMjA1NmQyZTc2ZDI4Yzg3MDA5ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+0OusW9S68ewWm1eFeXHUg+hHjX 2xqonNAIewDQWZG6B9UvTvK7NHYyzYjCcCrf28rP6Yn55NdmhIE+Vzh3XlFxA1eT FGydPqm00VdIfX08VekEg4g4Mfct5/fqx5Sl1ed74pEdHh9M4CU/U6hUfgk+6Yjz Gac+LxC0IwLECqmXd8MbkAWGQg2gxNz4Z2S8zRFXQvR3Pl7C98CQYteiDqUkzhz8 n7m1BYLV9qPyYnkHns5MUJyNV6JqvvX6OxZvMq2jPUbXBuSpD/hQKeUM34J2/DOb /PkzkxKPsxXLFML10bqcS9pfb+Fq8f6YrIhEc/D+HjdvOs0GzbeaHwa5kwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFI3As3ULORtlfBogOgrbIgs+zHdAMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzAwNGM5NGVjLWE2NGQtNDA5Ny05MTBlLTgzMWUyZjczY2M1Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+cgwDQYJKoZIhvcNAQELBQADggEBAMASA3WSnldQxS/KDMIZ MOoxfSFwqPxX+gjZCgE3A571lrJ91gJnuCFum/2sCtD4OW7lodsN8sv8BhlTCOpC Zx3ZZIjKItLFO3LFCjW+butMP2rjYaFuhcO+CgslV9GM+3ClhIJeBtA0nhQcZpiy 02iRbOjmtxkTSERoed0Wyr/orPUuzt9r4uzN50Qz2dsn0Dw6yLfFQRikf6jigfxQ 0vwQQs1DkizJni6PbaEATMfATtX0A4B5qBL80JnKJhGUFvECGwSM1rLEjcPjTmIq YMBQ4oGCuWCEOxH5eXhuJhQwuejyubREOg4wcG7Yfo+a2/ZInz/B8y+g5jd0ybwe Sc0= -----END CERTIFICATE-----Generated at Fri Jul 26 01:58:39 2024 by rpki-client on console-ams.rpki-client.org