$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/025e96a4-3d7c-410e-9052-27b26f5f569c.roa File: 025e96a4-3d7c-410e-9052-27b26f5f569c.roa (raw, json) Hash identifier: 4hmr100Y42UUpsDnrHfFQQS3i4OLdVoItblVXW2fAYQ= Subject key identifier: B6:EF:06:9A:7E:D8:D4:AC:CE:01:E7:E8:A5:CA:B2:EA:8A:80:05:56 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 375FF5AFD37EE8B96D2EBCC9FD2142C4B48F6609 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/025e96a4-3d7c-410e-9052-27b26f5f569c.roa Signing time: Mon 18 Sep 2023 00:00:00 +0000 ROA not before: Mon 18 Sep 2023 00:00:00 +0000 ROA not after: Mon 23 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 20 Sep 2023 03:07:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:5f:f5:af:d3:7e:e8:b9:6d:2e:bc:c9:fd:21:42:c4:b4:8f:66:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 18 00:00:00 2023 GMT Not After : Oct 23 23:59:59 2023 GMT Subject: serialNumber=ef8fe1dcf6e0a2c927de25535014aef53eb2c104b838d3f7d253c6be6cc9485c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:4c:3f:16:5f:0d:b3:0b:14:a5:78:7f:ed:25: ab:b8:c3:51:db:38:c8:d3:dd:61:ea:d1:43:41:d1: 18:d8:18:d4:f5:a5:29:7e:71:2b:76:d9:e0:5a:df: 4a:10:e5:a8:d6:63:45:f0:4a:5d:e2:7b:74:ec:e3: 5b:e0:a6:fa:12:f6:89:4f:f3:10:9c:67:ed:86:39: 2f:c4:4f:ab:d2:66:9a:9e:eb:e0:7f:03:7c:e4:d4: 17:aa:3b:e3:eb:e6:35:48:dd:59:3d:4c:95:e0:77: 44:c8:5d:ae:4b:09:6c:c2:de:42:c4:51:3d:40:83: d1:0a:8d:94:e5:ea:91:db:bb:a2:c9:b7:17:c5:b8: a9:5e:a3:f5:44:20:31:f4:8a:b5:18:43:ca:c8:60: 7b:5a:c6:0c:d0:dc:1d:8f:26:17:98:1b:db:35:5c: e8:64:5c:cc:49:e0:ce:df:97:c0:c4:f0:78:83:8c: 86:aa:55:3c:99:4b:e4:02:b9:fe:92:c3:fc:8e:43: 21:a5:4e:28:b8:49:00:b0:f6:7a:19:dc:ba:7a:b0: 31:61:97:69:45:f8:d0:97:8b:bd:27:b9:e9:41:b7: 9e:26:ee:92:ef:fb:62:41:ed:63:02:a9:68:68:34: a6:83:99:4e:24:4a:8e:e8:66:6e:d5:24:d3:94:4f: 1e:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:EF:06:9A:7E:D8:D4:AC:CE:01:E7:E8:A5:CA:B2:EA:8A:80:05:56 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/025e96a4-3d7c-410e-9052-27b26f5f569c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:6000::/40 Signature Algorithm: sha256WithRSAEncryption a8:7a:5d:4d:83:f6:a4:4e:6b:97:a1:e0:ec:f8:32:85:99:80: 8b:92:6e:54:79:1a:42:ee:a5:3c:dd:36:cc:ca:a2:f1:31:ad: bb:da:59:36:f5:17:5a:cc:3d:c4:a9:fc:d4:d6:58:f1:88:42: 23:f1:7e:f8:0f:ce:19:f7:bc:1e:8d:34:3b:89:10:06:e4:b2: a5:0c:2c:99:8b:f1:93:55:73:27:79:44:1f:c5:52:5d:03:1b: 83:62:e5:c5:24:e4:01:fb:e7:59:0d:4a:51:3e:73:9c:87:c8: b3:66:ea:48:c7:31:4e:30:01:4e:25:7c:d1:18:6d:d4:9a:c7: 12:ad:87:ee:bf:4a:e4:d4:6e:ac:73:76:72:d1:d1:41:f5:e8: d0:1b:13:5b:e5:35:8a:75:94:d1:e5:5d:53:7f:ab:b9:e8:6d: fe:75:49:7e:f0:a4:7d:b4:77:82:76:60:98:34:85:a0:68:75: ae:bb:6e:d9:e1:ec:aa:81:8d:4b:a0:1e:e7:13:57:72:f0:d1: 9e:1e:8d:9e:fb:c6:a8:25:99:43:2e:ef:d8:12:20:85:00:9c: 54:35:24:eb:8b:3e:d4:59:e3:50:43:b8:4d:6b:11:1f:c8:58: a7:e7:b4:c3:b9:e1:9f:c2:83:7f:76:12:18:65:5a:17:b1:bb: 5b:a0:a5:2b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUN1/1r9N+6LltLrzJ/SFCxLSPZgkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkxODAwMDAwMFoX DTIzMTAyMzIzNTk1OVowejFJMEcGA1UEBRNAZWY4ZmUxZGNmNmUwYTJjOTI3ZGUy NTUzNTAxNGFlZjUzZWIyYzEwNGI4MzhkM2Y3ZDI1M2M2YmU2Y2M5NDg1YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Ew/Fl8NswsUpXh/7SWruMNR2zjI 091h6tFDQdEY2BjU9aUpfnErdtngWt9KEOWo1mNF8Epd4nt07ONb4Kb6EvaJT/MQ nGfthjkvxE+r0maanuvgfwN85NQXqjvj6+Y1SN1ZPUyV4HdEyF2uSwlswt5CxFE9 QIPRCo2U5eqR27uiybcXxbipXqP1RCAx9Iq1GEPKyGB7WsYM0NwdjyYXmBvbNVzo ZFzMSeDO35fAxPB4g4yGqlU8mUvkArn+ksP8jkMhpU4ouEkAsPZ6Gdy6erAxYZdp RfjQl4u9J7npQbeeJu6S7/tiQe1jAqloaDSmg5lOJEqO6GZu1STTlE8ehwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLbvBpp+2NSszgHn6KXKsuqKgAVWMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzAyNWU5NmE0LTNkN2MtNDEwZS05MDUyLTI3YjI2ZjVmNTY5Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/2AwDQYJKoZIhvcNAQELBQADggEBAKh6XU2D9qROa5eh4Oz4 MoWZgIuSblR5GkLupTzdNszKovExrbvaWTb1F1rMPcSp/NTWWPGIQiPxfvgPzhn3 vB6NNDuJEAbksqUMLJmL8ZNVcyd5RB/FUl0DG4Ni5cUk5AH751kNSlE+c5yHyLNm 6kjHMU4wAU4lfNEYbdSaxxKth+6/SuTUbqxzdnLR0UH16NAbE1vlNYp1lNHlXVN/ q7nobf51SX7wpH20d4J2YJg0haBoda67btnh7KqBjUugHucTV3Lw0Z4ejZ77xqgl mUMu79gSIIUAnFQ1JOuLPtRZ41BDuE1rER/IWKfntMO54Z/Cg392EhhlWhexu1ug pSs= -----END CERTIFICATE-----Generated at Mon Sep 18 15:40:39 2023 by rpki-client on console-ams.rpki-client.org