$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/02a51e54-6bb5-43e7-94d0-a8e95771f2a3.roa File: 02a51e54-6bb5-43e7-94d0-a8e95771f2a3.roa (raw, json) Hash identifier: DQN1yZ/er0c0LVsu/akBxXd3IwiSg9GT4GaC2MYGh4I= Subject key identifier: 96:4E:59:EF:B5:12:6D:C4:48:C7:6E:43:2B:02:B6:A3:28:EA:B9:57 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3DA9891C713D2B1ABA033B9A540E3E3243A73902 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/02a51e54-6bb5-43e7-94d0-a8e95771f2a3.roa Signing time: Sat 06 Apr 2024 00:00:00 +0000 ROA not before: Sat 06 Apr 2024 00:00:00 +0000 ROA not after: Sat 11 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 23 Apr 2024 00:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:a9:89:1c:71:3d:2b:1a:ba:03:3b:9a:54:0e:3e:32:43:a7:39:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 6 00:00:00 2024 GMT Not After : May 11 23:59:59 2024 GMT Subject: serialNumber=386183dea21652fdabe93a677870e6386eeb4db88e6f39f0d9610a625459c39e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:44:bd:a4:95:a0:4a:d1:92:5f:94:9a:3e:64: b6:ed:f4:cc:20:df:72:93:7e:7d:59:6a:c6:ab:28: 44:7f:ae:e7:dc:48:62:4a:99:fc:3a:4f:99:84:03: cd:18:a3:06:fe:91:7d:ab:67:0b:4d:3a:d2:6a:14: f8:8c:e2:45:3b:29:4e:56:19:61:2e:93:0e:d5:d8: 50:23:8b:f3:90:a6:4a:35:09:60:7d:0f:fd:74:a5: 06:b7:fe:44:99:11:73:d2:ad:5d:e0:3b:77:56:ef: b1:43:08:c3:17:26:76:27:30:fb:f7:2f:33:40:50: 86:f1:34:8c:62:78:fe:63:21:9f:b4:93:f9:c1:0d: c8:70:f8:74:c5:04:08:68:0e:63:53:e9:dd:99:0e: df:d9:5a:a2:a4:7f:5c:92:be:be:3d:26:aa:31:9a: f7:cc:e9:b1:25:ac:a4:15:90:df:1c:76:a9:44:57: 68:78:7a:e2:bc:1b:e4:30:44:06:af:d4:10:af:71: 78:9f:82:bc:d0:d2:99:40:c9:f0:11:5f:51:88:30: 8b:51:e4:b4:97:60:71:d4:49:ba:5b:28:01:f2:4e: 3e:e4:f4:90:bf:03:08:f4:fc:41:45:3a:34:ff:50: 90:cd:8f:6c:2c:42:01:b5:69:70:ff:cc:c7:c8:f2: f3:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:4E:59:EF:B5:12:6D:C4:48:C7:6E:43:2B:02:B6:A3:28:EA:B9:57 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/02a51e54-6bb5-43e7-94d0-a8e95771f2a3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:2000::/40 Signature Algorithm: sha256WithRSAEncryption bb:4d:db:77:74:67:42:f6:dc:c7:b7:5e:bd:16:6d:83:e4:48: 9e:7d:25:77:b1:33:e8:dc:ab:c0:45:fb:5b:de:77:fd:bc:2d: 59:07:cd:95:1d:03:af:93:05:03:f5:dd:4c:23:15:24:ac:7a: e4:65:71:f4:dd:71:cc:ca:e2:a5:12:5b:ba:05:9a:ed:08:11: 49:a7:33:2a:a7:a1:ad:19:dd:56:8e:ad:70:3b:d7:31:07:56: fa:b2:68:0d:6b:bf:90:bb:d9:55:bd:75:b8:43:9c:d5:78:82: 14:33:63:57:54:a1:a5:eb:7a:e2:50:a6:d5:c0:c7:65:53:7e: 87:e0:b6:f9:76:6a:22:af:90:40:bf:0d:a1:79:b1:bb:76:20: de:65:15:28:79:c0:ae:f3:2a:63:1e:60:8c:23:72:8b:cd:45: 83:55:bd:fe:f8:7c:fe:8b:7e:08:80:bd:79:c0:2a:4a:fc:31: 99:35:c5:25:f2:b1:ea:80:0d:2c:14:39:e9:b3:4b:b2:6d:d8: 9e:08:c5:e2:14:2f:1d:d3:51:1a:9c:05:57:9b:f1:db:17:76: 5a:d5:44:71:c7:43:7a:e7:50:31:4b:f5:29:86:6c:4a:77:d6: 6e:d5:2f:08:45:53:5d:af:1b:ba:ac:ea:8e:de:8c:17:a6:1d: 31:21:b5:9f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPamJHHE9Kxq6AzuaVA4+MkOnOQIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQwNjAwMDAwMFoX DTI0MDUxMTIzNTk1OVowejFJMEcGA1UEBRNAMzg2MTgzZGVhMjE2NTJmZGFiZTkz YTY3Nzg3MGU2Mzg2ZWViNGRiODhlNmYzOWYwZDk2MTBhNjI1NDU5YzM5ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkS9pJWgStGSX5SaPmS27fTMIN9y k359WWrGqyhEf67n3EhiSpn8Ok+ZhAPNGKMG/pF9q2cLTTrSahT4jOJFOylOVhlh LpMO1dhQI4vzkKZKNQlgfQ/9dKUGt/5EmRFz0q1d4Dt3Vu+xQwjDFyZ2JzD79y8z QFCG8TSMYnj+YyGftJP5wQ3IcPh0xQQIaA5jU+ndmQ7f2VqipH9ckr6+PSaqMZr3 zOmxJaykFZDfHHapRFdoeHrivBvkMEQGr9QQr3F4n4K80NKZQMnwEV9RiDCLUeS0 l2Bx1Em6WygB8k4+5PSQvwMI9PxBRTo0/1CQzY9sLEIBtWlw/8zHyPLzHwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJZOWe+1Em3ESMduQysCtqMo6rlXMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzAyYTUxZTU0LTZiYjUtNDNlNy05NGQwLWE4ZTk1NzcxZjJhMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8SAwDQYJKoZIhvcNAQELBQADggEBALtN23d0Z0L23Me3Xr0W bYPkSJ59JXexM+jcq8BF+1ved/28LVkHzZUdA6+TBQP13UwjFSSseuRlcfTdcczK 4qUSW7oFmu0IEUmnMyqnoa0Z3VaOrXA71zEHVvqyaA1rv5C72VW9dbhDnNV4ghQz Y1dUoaXreuJQptXAx2VTfofgtvl2aiKvkEC/DaF5sbt2IN5lFSh5wK7zKmMeYIwj covNRYNVvf74fP6LfgiAvXnAKkr8MZk1xSXyseqADSwUOemzS7Jt2J4IxeIULx3T URqcBVeb8dsXdlrVRHHHQ3rnUDFL9SmGbEp31m7VLwhFU12vG7qs6o7ejBemHTEh tZ8= -----END CERTIFICATE-----Generated at Fri Apr 19 00:30:57 2024 by rpki-client on console-fra.rpki-client.org