$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0928ea81-291a-4314-85f0-1c171599b137.roa File: 0928ea81-291a-4314-85f0-1c171599b137.roa (raw, json) Hash identifier: WzHWXbiX1gCwLIGuGyHdar+0ITlYQ/I+oEUrz4rRtiQ= Subject key identifier: DF:5D:9A:E2:C2:BE:4E:E5:A5:58:66:3A:40:64:13:43:FA:AC:E4:C6 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0E9962029E31D2FBE0D2B563883580F6115ED17E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0928ea81-291a-4314-85f0-1c171599b137.roa Signing time: Tue 16 Jul 2024 00:00:00 +0000 ROA not before: Tue 16 Jul 2024 00:00:00 +0000 ROA not after: Tue 20 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:99:62:02:9e:31:d2:fb:e0:d2:b5:63:88:35:80:f6:11:5e:d1:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 16 00:00:00 2024 GMT Not After : Aug 20 23:59:59 2024 GMT Subject: serialNumber=5abbefc22bb2734053069a6ab3b365ab6a905a147c9a7b58668b9b80ae102d5b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:6f:ed:c6:2e:34:d4:7a:7b:b6:86:cd:d8:ae: ce:11:dd:19:5a:68:7b:0c:2b:d5:4c:a1:6b:9e:b6: ca:de:e5:b1:89:5d:ee:31:af:98:5e:ae:59:42:58: 6a:0b:f7:c4:39:44:f1:5c:67:47:95:c4:b3:90:ad: 61:b6:66:da:46:38:b6:3b:2e:4e:0e:59:42:fa:0d: f4:46:00:ea:94:6c:36:22:47:95:b2:9d:df:c5:f3: 83:8c:c0:55:12:30:1c:cb:f7:4c:2e:a7:9e:fd:f0: 06:a6:f5:99:49:cc:55:f6:5b:b1:96:5d:53:12:10: 0a:8a:5b:96:e9:9a:cd:ed:91:a9:7b:bb:98:76:ac: cf:a3:40:ac:fd:39:01:ff:47:91:35:91:14:5e:9a: d2:fc:96:ba:1a:a1:cf:1c:8e:ab:c2:81:dd:c7:42: 50:b9:f8:af:7e:23:f9:00:1b:f1:4a:88:f9:c2:8e: b4:8a:6a:7b:8c:19:ce:b0:92:16:d5:fc:ae:8b:5e: 81:5e:ef:03:e0:32:e1:36:29:78:3a:63:1d:db:f6: d3:73:4e:b6:3f:4d:69:ae:1c:fd:37:01:7c:4c:7c: 7f:d7:9e:67:3e:fc:3f:44:a5:33:24:69:99:c0:26: 79:5e:6c:a7:17:20:f2:01:f2:92:02:95:d5:f3:fc: 2a:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:5D:9A:E2:C2:BE:4E:E5:A5:58:66:3A:40:64:13:43:FA:AC:E4:C6 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0928ea81-291a-4314-85f0-1c171599b137.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:4000::/40 Signature Algorithm: sha256WithRSAEncryption 8e:d8:76:45:30:bb:e5:14:dd:48:79:4d:6d:8f:6e:0c:a0:a7: cb:7a:14:fc:e1:ea:1f:6d:33:94:17:f8:9f:53:2f:00:70:9e: 00:66:f5:d4:2a:af:50:8b:27:bd:33:ed:22:31:0a:0e:19:5c: 77:1f:a2:18:36:44:45:1b:bf:9f:42:a3:8a:4e:7b:1d:60:db: b9:92:4b:f5:77:ea:64:30:81:92:dc:78:3d:fd:0a:af:9f:f5: b0:17:73:bf:1b:e0:a1:03:a8:68:f6:5b:5d:f2:9f:75:a0:c1: 93:e3:af:1f:d5:5b:c8:c2:40:77:23:5a:91:08:d1:de:99:ba: e8:cf:c0:2b:ab:3c:fe:03:44:24:59:df:33:bc:4e:09:fb:1e: 8f:0e:e7:6e:10:99:d1:59:0d:5e:e6:04:9e:43:dd:0c:f0:7d: 95:47:8c:97:57:27:34:dd:ea:c3:78:6e:a3:2b:93:41:75:f1: 46:7e:ec:c2:55:3a:a0:65:fd:47:6b:81:0f:b7:47:03:da:9a: bf:de:2b:30:7c:8f:a4:27:05:cc:43:c9:39:52:27:3b:25:98: 6c:52:f7:c9:5a:c9:b5:5d:7e:bf:e2:ec:62:be:5b:3c:9f:8a: 02:50:ee:a8:d3:68:b0:85:36:cb:57:c9:88:a4:9c:15:78:f5: 1e:17:96:53 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUDpliAp4x0vvg0rVjiDWA9hFe0X4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcxNjAwMDAwMFoX DTI0MDgyMDIzNTk1OVowejFJMEcGA1UEBRNANWFiYmVmYzIyYmIyNzM0MDUzMDY5 YTZhYjNiMzY1YWI2YTkwNWExNDdjOWE3YjU4NjY4YjliODBhZTEwMmQ1YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2G/txi401Hp7tobN2K7OEd0ZWmh7 DCvVTKFrnrbK3uWxiV3uMa+YXq5ZQlhqC/fEOUTxXGdHlcSzkK1htmbaRji2Oy5O DllC+g30RgDqlGw2IkeVsp3fxfODjMBVEjAcy/dMLqee/fAGpvWZScxV9luxll1T EhAKiluW6ZrN7ZGpe7uYdqzPo0Cs/TkB/0eRNZEUXprS/Ja6GqHPHI6rwoHdx0JQ ufivfiP5ABvxSoj5wo60imp7jBnOsJIW1fyui16BXu8D4DLhNil4OmMd2/bTc062 P01prhz9NwF8THx/155nPvw/RKUzJGmZwCZ5XmynFyDyAfKSApXV8/wqJwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFN9dmuLCvk7lpVhmOkBkE0P6rOTGMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA5MjhlYTgxLTI5MWEtNDMxNC04NWYwLTFjMTcxNTk5YjEzNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaAEAwDQYJKoZIhvcNAQELBQADggEBAI7YdkUwu+UU3Uh5TW2P bgygp8t6FPzh6h9tM5QX+J9TLwBwngBm9dQqr1CLJ70z7SIxCg4ZXHcfohg2REUb v59Co4pOex1g27mSS/V36mQwgZLceD39Cq+f9bAXc78b4KEDqGj2W13yn3WgwZPj rx/VW8jCQHcjWpEI0d6ZuujPwCurPP4DRCRZ3zO8Tgn7Ho8O524QmdFZDV7mBJ5D 3QzwfZVHjJdXJzTd6sN4bqMrk0F18UZ+7MJVOqBl/UdrgQ+3RwPamr/eKzB8j6Qn BcxDyTlSJzslmGxS98laybVdfr/i7GK+WzyfigJQ7qjTaLCFNstXyYiknBV49R4X llM= -----END CERTIFICATE-----Generated at Fri Jul 26 01:58:39 2024 by rpki-client on console-ams.rpki-client.org