$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0dbf2a86-54aa-456e-9647-5bcff133ae51.roa File: 0dbf2a86-54aa-456e-9647-5bcff133ae51.roa (raw, json) Hash identifier: rNpB4tk4hJ3zrBgD/4cJfb6KK+rcy80zPHl8bNO3yr4= Subject key identifier: 9B:7C:58:84:99:74:C6:4C:16:8C:25:1C:B3:D9:D7:39:19:3A:A8:18 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 16ED5D1BB5620881E9DD54DD6D1D84B1177F10C4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0dbf2a86-54aa-456e-9647-5bcff133ae51.roa Signing time: Fri 03 May 2024 00:00:00 +0000 ROA not before: Fri 03 May 2024 00:00:00 +0000 ROA not after: Fri 07 Jun 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 May 2024 00:10:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:ed:5d:1b:b5:62:08:81:e9:dd:54:dd:6d:1d:84:b1:17:7f:10:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 3 00:00:00 2024 GMT Not After : Jun 7 23:59:59 2024 GMT Subject: serialNumber=f3e1c1b2f2d084d2b927ca3522a64dfd7c833c7f875653c978f8cd4d85898368, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:79:1d:c9:1a:60:5c:fd:2b:0c:cb:fb:41:20: 78:b7:c7:40:2c:af:a1:2b:0f:02:52:18:77:33:32: d2:19:ef:bc:14:b7:59:7a:2a:3a:6b:15:21:f0:4e: 10:66:96:9f:b7:0e:2b:df:9d:bb:c8:00:b3:c7:af: 2a:de:ec:8b:61:a7:e2:2a:9f:73:ba:0c:92:5f:38: 49:bc:9a:9e:82:da:1d:c5:95:02:52:b7:65:a4:9f: 98:f9:e0:75:08:c1:73:67:ee:45:a8:5a:58:1b:81: e7:e2:af:85:85:65:b1:55:f4:cf:b0:55:06:f2:6d: 76:b3:3c:85:bd:ab:17:c8:f2:4f:b6:01:0f:e1:94: f1:7a:c1:36:d6:82:ac:20:ff:85:6c:d0:bd:a6:70: 5d:4c:52:b6:56:59:a5:20:cc:8a:7f:55:c7:11:0c: b6:da:4e:37:14:66:af:b4:92:20:2c:91:f6:1e:45: f2:29:c1:a6:76:51:bb:82:4c:b3:92:2c:78:2f:8d: 5a:a2:69:7e:60:c5:52:83:6c:fc:1a:0c:08:59:ef: 9a:27:5e:3e:d4:4a:b0:fb:24:7c:7e:33:27:5a:55: f7:fa:e4:2c:ee:ab:c2:02:78:70:5e:68:42:46:48: a1:2b:0c:68:6b:64:ae:83:fa:94:72:17:bc:ed:8a: 0f:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:7C:58:84:99:74:C6:4C:16:8C:25:1C:B3:D9:D7:39:19:3A:A8:18 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0dbf2a86-54aa-456e-9647-5bcff133ae51.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:e000::/40 Signature Algorithm: sha256WithRSAEncryption 01:93:90:45:6f:8f:0b:ac:42:d8:1c:7d:e4:e3:95:94:37:bc: ef:63:85:34:0e:ca:44:ba:6e:97:fe:41:67:f2:ba:b1:5c:2e: ad:a4:35:12:85:65:55:c7:fc:99:f0:8b:6a:63:34:1b:8e:94: 77:d7:bd:5e:b7:09:18:ff:32:39:17:77:4c:be:93:27:4d:71: f5:93:a4:7f:b3:44:c2:c5:55:32:f5:7c:5b:b8:e6:70:3f:16: 28:78:17:03:e4:aa:08:11:21:10:80:be:d2:55:9b:e0:8e:82: fa:96:b4:da:5a:5b:89:c2:33:9d:6f:81:20:0e:92:38:d1:9c: e7:73:ef:c8:fc:87:25:11:1f:f4:c1:f6:c2:9d:5d:d9:c1:a8: 1a:27:ae:71:44:78:b5:bc:2a:e5:9e:1f:9c:9f:15:cc:74:63: d4:2a:5e:7a:ed:bb:44:46:f3:de:a5:59:e9:35:cd:10:c3:89: 20:56:be:cb:4b:d0:fa:26:fa:d9:7f:8c:45:8e:95:7f:0e:64: e2:8c:91:c0:55:92:31:61:92:9a:95:40:54:7e:c8:c2:15:1f: a1:2a:08:a3:9d:44:eb:e5:60:51:a5:cd:e1:2e:2b:0a:2c:18: ad:bf:40:cc:75:5f:62:8c:8b:ca:40:31:30:05:97:8b:2e:4c: d7:df:bc:61 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUFu1dG7ViCIHp3VTdbR2EsRd/EMQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUwMzAwMDAwMFoX DTI0MDYwNzIzNTk1OVowejFJMEcGA1UEBRNAZjNlMWMxYjJmMmQwODRkMmI5Mjdj YTM1MjJhNjRkZmQ3YzgzM2M3Zjg3NTY1M2M5NzhmOGNkNGQ4NTg5ODM2ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXkdyRpgXP0rDMv7QSB4t8dALK+h Kw8CUhh3MzLSGe+8FLdZeio6axUh8E4QZpaftw4r3527yACzx68q3uyLYafiKp9z ugySXzhJvJqegtodxZUCUrdlpJ+Y+eB1CMFzZ+5FqFpYG4Hn4q+FhWWxVfTPsFUG 8m12szyFvasXyPJPtgEP4ZTxesE21oKsIP+FbNC9pnBdTFK2VlmlIMyKf1XHEQy2 2k43FGavtJIgLJH2HkXyKcGmdlG7gkyzkix4L41aoml+YMVSg2z8GgwIWe+aJ14+ 1Eqw+yR8fjMnWlX3+uQs7qvCAnhwXmhCRkihKwxoa2Sug/qUche87YoP+QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJt8WISZdMZMFowlHLPZ1zkZOqgYMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBkYmYyYTg2LTU0YWEtNDU2ZS05NjQ3LTViY2ZmMTMzYWU1MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9OAwDQYJKoZIhvcNAQELBQADggEBAAGTkEVvjwusQtgcfeTj lZQ3vO9jhTQOykS6bpf+QWfyurFcLq2kNRKFZVXH/Jnwi2pjNBuOlHfXvV63CRj/ MjkXd0y+kydNcfWTpH+zRMLFVTL1fFu45nA/Fih4FwPkqggRIRCAvtJVm+COgvqW tNpaW4nCM51vgSAOkjjRnOdz78j8hyURH/TB9sKdXdnBqBonrnFEeLW8KuWeH5yf Fcx0Y9QqXnrtu0RG896lWek1zRDDiSBWvstL0Pom+tl/jEWOlX8OZOKMkcBVkjFh kpqVQFR+yMIVH6EqCKOdROvlYFGlzeEuKwosGK2/QMx1X2KMi8pAMTAFl4suTNff vGE= -----END CERTIFICATE-----Generated at Sat May 18 05:38:26 2024 by rpki-client on console-ams.rpki-client.org