$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/004c94ec-a64d-4097-910e-831e2f73cc5b.roa File: 004c94ec-a64d-4097-910e-831e2f73cc5b.roa (raw, json) Hash identifier: r+/hRO/GYoj0cQa+PXHzM94FYRI8e47d/OFHxWQlMLk= Subject key identifier: 62:27:45:88:4B:87:CA:13:51:39:A5:FF:E8:09:4F:9E:18:E9:EF:0A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 754F6C9DC8ACEDE8BD330D04A413FF2B06B0ED15 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/004c94ec-a64d-4097-910e-831e2f73cc5b.roa Signing time: Tue 23 Apr 2024 00:00:00 +0000 ROA not before: Tue 23 Apr 2024 00:00:00 +0000 ROA not after: Tue 28 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf9:c800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 09 May 2024 00:01:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:4f:6c:9d:c8:ac:ed:e8:bd:33:0d:04:a4:13:ff:2b:06:b0:ed:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 23 00:00:00 2024 GMT Not After : May 28 23:59:59 2024 GMT Subject: serialNumber=8c510d461ea3c7e74cba028d10da5477fd8256df8bd9732c969fb89debb16ff5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:bf:d7:04:b2:e1:5a:14:da:80:98:82:a9:57: 34:e4:dd:17:5f:fd:f9:fb:59:d1:24:1e:50:f5:93: e1:3a:69:37:04:26:a7:51:88:a3:a2:bb:27:33:0f: f8:23:8e:c6:b5:75:5d:fb:bb:cb:4a:93:d5:fe:3d: d9:01:dc:bd:3a:1b:06:01:30:e7:a9:61:0f:01:7c: 98:ca:37:3e:66:e8:3f:39:04:9c:be:fa:d0:40:53: 6f:fe:32:0c:0b:56:f6:30:f0:c5:63:18:72:67:d1: 91:8b:33:3b:03:d9:ce:eb:c6:1d:80:55:5b:1c:b6: 29:ca:e6:cd:fe:df:12:7a:3b:2a:e7:3d:d3:13:22: 50:bf:14:d2:a9:bb:1a:3f:6a:44:7d:75:2e:9e:36: ad:19:b2:64:41:33:47:f1:9d:60:fc:c8:12:04:7e: 76:ab:6a:7e:b7:d0:e7:23:18:03:7a:74:8e:20:56: 19:33:dc:05:25:5d:f0:7b:00:25:71:81:2b:90:91: e9:81:e9:f0:49:90:9c:cc:08:13:45:49:71:55:24: 58:9d:33:37:e5:3c:40:2a:42:76:c0:9a:48:ba:c5: 17:b7:02:10:60:44:a8:0e:a9:f8:d1:c1:4d:1a:1a: fa:03:89:c0:5e:92:2b:11:aa:1d:04:e6:0a:23:20: e7:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:27:45:88:4B:87:CA:13:51:39:A5:FF:E8:09:4F:9E:18:E9:EF:0A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/004c94ec-a64d-4097-910e-831e2f73cc5b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf9:c800::/40 Signature Algorithm: sha256WithRSAEncryption 6d:cd:5a:85:e5:1b:38:72:62:79:7a:ba:0c:b6:74:a4:91:6a: 47:ca:30:8b:af:09:99:0d:a0:7b:5b:11:96:05:14:ec:1f:0a: 95:27:89:70:f7:64:00:bf:80:55:62:0b:ac:35:1a:74:27:e3: 2b:3b:0a:7c:7b:7a:6d:86:44:66:62:cf:36:53:08:7d:35:2b: fa:0d:9c:3d:b6:f9:d2:b4:de:57:2c:23:c9:f2:21:f2:2b:1f: bb:e2:22:bd:ec:21:91:18:df:b8:9d:61:34:0f:6f:18:3e:92: d5:d7:b7:61:aa:f0:5e:bb:24:5b:75:0e:13:d3:fe:c3:2e:44: 32:a0:77:a6:ab:64:98:51:2a:2a:d0:cb:fe:e6:b8:2c:e5:6d: a7:35:87:4e:a4:a1:c4:e2:36:5a:6a:85:f6:23:83:5f:70:c4: 16:dd:69:8a:b6:03:f0:80:60:4e:66:b1:3d:5c:79:bc:63:25: fe:77:08:0e:75:dc:08:e2:09:79:e4:49:15:20:1e:b3:f6:49: 3a:89:dc:b8:37:49:ad:2d:8c:ec:58:8c:90:f0:f9:df:02:30: 59:8a:4d:cf:22:e2:65:a2:ec:e2:7e:e3:0d:b9:b9:02:b6:00: b6:08:b0:68:4d:86:1b:85:ea:52:15:dc:2b:14:d9:88:4f:fc: ab:99:1b:8a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUdU9sncis7ei9Mw0EpBP/Kwaw7RUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQyMzAwMDAwMFoX DTI0MDUyODIzNTk1OVowejFJMEcGA1UEBRNAOGM1MTBkNDYxZWEzYzdlNzRjYmEw MjhkMTBkYTU0NzdmZDgyNTZkZjhiZDk3MzJjOTY5ZmI4OWRlYmIxNmZmNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5b/XBLLhWhTagJiCqVc05N0XX/35 +1nRJB5Q9ZPhOmk3BCanUYijorsnMw/4I47GtXVd+7vLSpPV/j3ZAdy9OhsGATDn qWEPAXyYyjc+Zug/OQScvvrQQFNv/jIMC1b2MPDFYxhyZ9GRizM7A9nO68YdgFVb HLYpyubN/t8Sejsq5z3TEyJQvxTSqbsaP2pEfXUunjatGbJkQTNH8Z1g/MgSBH52 q2p+t9DnIxgDenSOIFYZM9wFJV3wewAlcYErkJHpgenwSZCczAgTRUlxVSRYnTM3 5TxAKkJ2wJpIusUXtwIQYESoDqn40cFNGhr6A4nAXpIrEaodBOYKIyDnDwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGInRYhLh8oTUTml/+gJT54Y6e8KMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzAwNGM5NGVjLWE2NGQtNDA5Ny05MTBlLTgzMWUyZjczY2M1Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+cgwDQYJKoZIhvcNAQELBQADggEBAG3NWoXlGzhyYnl6ugy2 dKSRakfKMIuvCZkNoHtbEZYFFOwfCpUniXD3ZAC/gFViC6w1GnQn4ys7Cnx7em2G RGZizzZTCH01K/oNnD22+dK03lcsI8nyIfIrH7viIr3sIZEY37idYTQPbxg+ktXX t2Gq8F67JFt1DhPT/sMuRDKgd6arZJhRKirQy/7muCzlbac1h06kocTiNlpqhfYj g19wxBbdaYq2A/CAYE5msT1cebxjJf53CA513AjiCXnkSRUgHrP2STqJ3Lg3Sa0t jOxYjJDw+d8CMFmKTc8i4mWi7OJ+4w25uQK2ALYIsGhNhhuF6lIV3CsU2YhP/KuZ G4o= -----END CERTIFICATE-----Generated at Sun May 5 01:11:58 2024 by rpki-client on console-ams.rpki-client.org