$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/032b0799-1c5e-4782-8d2f-81c63132c7d2.roa File: 032b0799-1c5e-4782-8d2f-81c63132c7d2.roa (raw, json) Hash identifier: sghcQ5F/hAUQBo7CJb2luI9zyj2bYArV/ZtKaNJ/ous= Subject key identifier: 62:A9:DC:07:7A:02:7B:64:AF:A2:D5:E1:2F:C2:81:6D:B6:F0:15:7C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4C6431569E217BDC2472C062EF69DB724C3DB709 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/032b0799-1c5e-4782-8d2f-81c63132c7d2.roa Signing time: Tue 23 Apr 2024 00:00:00 +0000 ROA not before: Tue 23 Apr 2024 00:00:00 +0000 ROA not after: Tue 28 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da2c:8000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 09 May 2024 00:01:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:64:31:56:9e:21:7b:dc:24:72:c0:62:ef:69:db:72:4c:3d:b7:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 23 00:00:00 2024 GMT Not After : May 28 23:59:59 2024 GMT Subject: serialNumber=b024826732a0723a447b97bf046e00e08441f094e7f8e367448a069222230171, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:87:04:df:fb:bf:a8:2a:6c:af:43:aa:bb:60: 48:09:0e:52:f7:c8:ea:63:1c:19:f1:ac:a0:29:10: 34:17:fd:78:91:32:b2:a4:d8:f0:a2:a1:ba:03:44: d2:1e:13:b6:c6:32:62:bc:9f:06:53:07:27:2b:e2: df:ee:3b:02:65:21:30:b9:8a:8c:8d:09:85:a6:ef: a6:17:02:ad:76:56:91:14:ed:7d:45:68:e2:3b:dd: 2c:c9:23:ed:8e:e1:40:29:34:05:75:96:3b:57:a7: 8d:b3:00:e4:06:a7:d9:05:67:49:27:6b:6c:52:dc: 5d:ec:3f:94:86:10:11:ea:0b:99:c1:84:a8:c2:bf: a8:18:16:de:f9:2c:db:61:16:bb:5a:a1:d6:ab:e1: e0:69:b2:f2:1f:36:48:55:d9:bb:79:66:15:a5:07: 18:73:40:e5:bc:ca:47:b9:e6:3f:a3:2c:99:ad:49: fb:14:8d:66:4b:d5:0e:98:cc:03:4a:2d:ad:4a:77: 23:16:64:0b:0d:f9:3f:cc:8d:a0:68:ff:7c:f2:cf: 91:bb:9e:1a:fd:8d:9f:bb:0d:62:94:6e:88:38:5b: f4:88:5b:f4:0b:d2:45:b8:1f:3a:5f:aa:a2:e1:65: df:93:1c:eb:1e:f0:cc:0f:9f:aa:6d:6e:e1:af:e0: 18:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:A9:DC:07:7A:02:7B:64:AF:A2:D5:E1:2F:C2:81:6D:B6:F0:15:7C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/032b0799-1c5e-4782-8d2f-81c63132c7d2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da2c:8000::/36 Signature Algorithm: sha256WithRSAEncryption 3c:ce:e5:49:54:c7:2a:f9:ab:1f:24:2b:2a:25:d2:52:c8:83: 13:5d:3c:58:9a:37:86:72:95:29:73:06:14:4e:90:51:8f:c5: 3f:3a:21:30:56:e5:3d:25:2b:26:ab:8a:5d:3e:ed:ff:31:b4: 6f:31:bb:71:4c:90:80:6f:84:11:2c:cb:d8:1b:25:b1:42:65: b2:be:62:ac:de:d7:33:53:79:66:a7:a6:f5:bb:bc:ad:aa:a2: 26:a9:14:f1:78:16:80:09:b3:af:e2:94:d1:2c:3e:3d:35:46: c6:5a:b0:ee:41:96:55:0d:f7:83:38:44:5e:f2:5b:f6:23:8a: 9b:4e:c5:16:a4:7b:18:4a:b1:21:3b:ca:99:bc:28:7c:9a:2f: 75:ec:c6:37:b3:3d:0d:73:8d:07:3e:77:67:94:9b:a8:5f:b2: d0:46:02:64:ae:ea:74:0f:ce:0b:a4:6f:27:c7:9a:87:8d:c9: 6d:71:4e:6f:7a:01:15:5c:fa:00:e5:ac:ae:45:48:26:00:ef: b3:15:68:2d:a2:e2:93:c9:08:88:a4:a5:fa:5b:96:99:7f:be: b4:f7:a1:e2:44:3f:a1:a3:a5:71:05:ea:e0:ac:e7:ea:4c:80: aa:73:ca:32:45:48:10:67:2f:55:59:a1:99:fb:df:16:1b:02: 99:2f:f3:d3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUTGQxVp4he9wkcsBi72nbckw9twkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQyMzAwMDAwMFoX DTI0MDUyODIzNTk1OVowejFJMEcGA1UEBRNAYjAyNDgyNjczMmEwNzIzYTQ0N2I5 N2JmMDQ2ZTAwZTA4NDQxZjA5NGU3ZjhlMzY3NDQ4YTA2OTIyMjIzMDE3MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYcE3/u/qCpsr0Oqu2BICQ5S98jq YxwZ8aygKRA0F/14kTKypNjwoqG6A0TSHhO2xjJivJ8GUwcnK+Lf7jsCZSEwuYqM jQmFpu+mFwKtdlaRFO19RWjiO90sySPtjuFAKTQFdZY7V6eNswDkBqfZBWdJJ2ts Utxd7D+UhhAR6guZwYSowr+oGBbe+SzbYRa7WqHWq+HgabLyHzZIVdm7eWYVpQcY c0DlvMpHueY/oyyZrUn7FI1mS9UOmMwDSi2tSncjFmQLDfk/zI2gaP988s+Ru54a /Y2fuw1ilG6IOFv0iFv0C9JFuB86X6qi4WXfkxzrHvDMD5+qbW7hr+AY3QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGKp3Ad6Antkr6LV4S/CgW228BV8MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzAzMmIwNzk5LTFjNWUtNDc4Mi04ZDJmLTgxYzYzMTMyYzdkMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaLIAwDQYJKoZIhvcNAQELBQADggEBADzO5UlUxyr5qx8kKyol 0lLIgxNdPFiaN4ZylSlzBhROkFGPxT86ITBW5T0lKyaril0+7f8xtG8xu3FMkIBv hBEsy9gbJbFCZbK+Yqze1zNTeWanpvW7vK2qoiapFPF4FoAJs6/ilNEsPj01RsZa sO5BllUN94M4RF7yW/YjiptOxRakexhKsSE7ypm8KHyaL3XsxjezPQ1zjQc+d2eU m6hfstBGAmSu6nQPzgukbyfHmoeNyW1xTm96ARVc+gDlrK5FSCYA77MVaC2i4pPJ CIikpfpblpl/vrT3oeJEP6GjpXEF6uCs5+pMgKpzyjJFSBBnL1VZoZn73xYbApkv 89M= -----END CERTIFICATE-----Generated at Sun May 5 01:11:58 2024 by rpki-client on console-ams.rpki-client.org