$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0dc98304-78d8-4dbf-8f2f-a600d8e71301.roa File: 0dc98304-78d8-4dbf-8f2f-a600d8e71301.roa (raw, json) Hash identifier: f9b8Ya48p44zS4B5IudoQvbsrKu//2i3/uqQqT9HMhA= Subject key identifier: 73:6F:5A:49:C2:57:B6:3A:3F:A9:2B:40:85:49:E1:22:D2:47:03:8B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3D601143E413A676FE253D4E04B443F3E1F9DBD0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0dc98304-78d8-4dbf-8f2f-a600d8e71301.roa Signing time: Tue 09 Apr 2024 00:00:00 +0000 ROA not before: Tue 09 Apr 2024 00:00:00 +0000 ROA not after: Tue 14 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 06 May 2024 15:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:60:11:43:e4:13:a6:76:fe:25:3d:4e:04:b4:43:f3:e1:f9:db:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 9 00:00:00 2024 GMT Not After : May 14 23:59:59 2024 GMT Subject: serialNumber=b7440eab4a26dd2b0fefd136185a9498f179e3961fbba389a84a5315d395590a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:1f:38:55:d2:90:73:11:e8:9e:ba:db:2f:57: a3:5e:06:f5:c3:62:a0:69:34:07:a4:a1:9c:0c:6a: c3:f9:a9:ee:bd:0b:f9:20:b3:ca:a3:e0:19:d8:cb: 23:ec:ec:04:53:77:7e:72:ba:60:67:6e:1a:d0:de: 42:8e:f7:2d:cc:59:d5:fc:35:19:57:10:aa:cc:fb: 9c:c1:44:c2:d4:59:48:32:40:00:50:30:99:95:55: c6:22:25:46:87:57:0b:6f:ac:b7:c5:23:a2:e8:c2: d6:fa:11:fa:71:ad:88:f8:8c:2e:64:2a:ae:18:6d: 6f:5e:34:79:da:d7:7b:24:76:64:97:14:fb:e4:0b: 7a:85:73:01:0e:96:9c:52:2d:ae:05:89:5c:45:30: d9:79:c8:93:66:e4:ed:fe:68:18:5b:a2:4d:9c:4b: 0d:b9:2c:6e:51:e8:71:5e:6f:58:ad:26:f6:cf:5e: 22:91:8d:b6:3a:a4:59:4e:e8:f8:75:2a:e6:b2:9c: b7:d2:10:27:80:53:c7:8d:ec:68:00:7a:c6:50:b1: b7:fd:e0:45:83:05:9a:ca:fc:0b:8f:64:df:1a:c6: 7d:34:40:1e:a1:c3:ea:f6:23:87:03:bd:40:73:8f: 1a:b7:14:02:d4:d0:31:bc:d0:bc:cf:2d:b0:54:84: dd:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:6F:5A:49:C2:57:B6:3A:3F:A9:2B:40:85:49:E1:22:D2:47:03:8B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0dc98304-78d8-4dbf-8f2f-a600d8e71301.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:6000::/40 Signature Algorithm: sha256WithRSAEncryption 55:d1:64:11:74:23:13:fe:a0:25:e9:5a:9a:7c:92:34:f2:2d: da:32:5d:43:78:7d:13:3a:b8:c0:22:52:c5:1a:15:4c:12:b9: a2:ba:da:c7:1e:22:fe:38:c3:b3:6a:d0:e0:96:89:f3:a5:eb: 20:fa:c6:4f:1c:72:2e:80:0e:ce:1a:d1:e2:33:b3:13:9b:eb: 0a:3a:9f:8d:f5:d9:25:0f:f1:66:d7:e2:c5:b1:47:d5:07:c7: e6:4a:14:24:13:ed:14:62:71:b0:69:da:54:27:bf:28:00:63: af:76:13:86:37:d1:95:df:98:e9:4f:f0:9d:6a:56:d4:93:e0: fc:f5:cc:c4:d2:8a:c3:f3:4f:3e:c0:bd:48:3e:5d:0d:28:21: 0f:54:d7:f8:1a:d0:09:d9:a1:e4:f0:76:30:1d:4f:ed:26:f5: 7e:26:e3:d8:3e:cd:fc:02:d1:89:54:ba:91:03:75:3f:2f:05: bc:18:ee:a0:6f:31:ac:9d:c6:56:65:66:41:0e:05:0c:d2:24: a1:20:f0:85:31:ca:87:26:23:08:83:7c:4b:6d:77:ca:e2:c1: 99:e8:ac:3f:26:f5:ef:06:72:f1:2b:ca:01:29:5d:55:bc:9f: 86:36:14:0b:44:22:ac:79:95:bf:ca:60:9f:2a:66:0e:42:01: c6:1a:60:b1 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPWARQ+QTpnb+JT1OBLRD8+H529AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQwOTAwMDAwMFoX DTI0MDUxNDIzNTk1OVowejFJMEcGA1UEBRNAYjc0NDBlYWI0YTI2ZGQyYjBmZWZk MTM2MTg1YTk0OThmMTc5ZTM5NjFmYmJhMzg5YTg0YTUzMTVkMzk1NTkwYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuh84VdKQcxHonrrbL1ejXgb1w2Kg aTQHpKGcDGrD+anuvQv5ILPKo+AZ2Msj7OwEU3d+crpgZ24a0N5CjvctzFnV/DUZ VxCqzPucwUTC1FlIMkAAUDCZlVXGIiVGh1cLb6y3xSOi6MLW+hH6ca2I+IwuZCqu GG1vXjR52td7JHZklxT75At6hXMBDpacUi2uBYlcRTDZeciTZuTt/mgYW6JNnEsN uSxuUehxXm9YrSb2z14ikY22OqRZTuj4dSrmspy30hAngFPHjexoAHrGULG3/eBF gwWayvwLj2TfGsZ9NEAeocPq9iOHA71Ac48atxQC1NAxvNC8zy2wVITdpwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHNvWknCV7Y6P6krQIVJ4SLSRwOLMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBkYzk4MzA0LTc4ZDgtNGRiZi04ZjJmLWE2MDBkOGU3MTMwMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9mAwDQYJKoZIhvcNAQELBQADggEBAFXRZBF0IxP+oCXpWpp8 kjTyLdoyXUN4fRM6uMAiUsUaFUwSuaK62sceIv44w7Nq0OCWifOl6yD6xk8cci6A Ds4a0eIzsxOb6wo6n4312SUP8WbX4sWxR9UHx+ZKFCQT7RRicbBp2lQnvygAY692 E4Y30ZXfmOlP8J1qVtST4Pz1zMTSisPzTz7AvUg+XQ0oIQ9U1/ga0AnZoeTwdjAd T+0m9X4m49g+zfwC0YlUupEDdT8vBbwY7qBvMaydxlZlZkEOBQzSJKEg8IUxyocm IwiDfEttd8riwZnorD8m9e8GcvErygEpXVW8n4Y2FAtEIqx5lb/KYJ8qZg5CAcYa YLE= -----END CERTIFICATE-----Generated at Thu May 2 23:47:51 2024 by rpki-client on console-fra.rpki-client.org