$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/15b5f216-60e3-4b03-97f3-40e4b5d1e247.roa File: 15b5f216-60e3-4b03-97f3-40e4b5d1e247.roa (raw, json) Hash identifier: smE2ivzPGdrvCprZypAcoE0YuLz4NFRHKYBl8xsJlJY= Subject key identifier: 36:36:9F:D1:21:B6:29:28:C8:E0:7E:00:58:66:FC:0C:09:41:FC:5E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0F66DB7AE1F5C8F7BA4B03CBEDECADD5B8753063 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/15b5f216-60e3-4b03-97f3-40e4b5d1e247.roa Signing time: Tue 09 Apr 2024 00:00:00 +0000 ROA not before: Tue 09 Apr 2024 00:00:00 +0000 ROA not after: Tue 14 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 06 May 2024 15:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:66:db:7a:e1:f5:c8:f7:ba:4b:03:cb:ed:ec:ad:d5:b8:75:30:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 9 00:00:00 2024 GMT Not After : May 14 23:59:59 2024 GMT Subject: serialNumber=ca239496b39d36ad4d5ea23820aaf90e63358c428bcb23fcf2ad8187da4cc15a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:02:c1:2b:c2:3c:af:6c:b5:02:af:dc:4b:05: e6:03:0a:30:65:df:3f:30:e7:fb:8f:c5:4c:b3:05: 89:ee:a5:5f:cd:64:59:b2:9c:50:ea:5f:10:4a:ae: eb:9b:3c:a3:c6:31:d0:c0:d2:0b:b0:89:81:92:d9: 66:10:61:ae:31:db:22:18:1a:44:6d:b9:f8:d1:2d: e6:c5:ee:6e:90:e9:d0:dc:3d:68:19:61:5a:18:cd: cb:cf:a2:7b:61:f0:36:b2:5f:f1:99:f4:99:e2:01: be:04:10:09:ee:5a:05:89:b4:f3:58:6e:fe:d8:05: 97:dd:3d:cf:56:25:ce:bb:4c:28:db:ba:45:17:b0: b9:5d:4c:45:95:4c:7f:ab:28:6e:95:39:22:24:20: 72:16:56:ea:a4:de:f3:c7:2b:45:4a:22:11:1f:85: a2:62:6f:c7:82:d2:2c:a5:10:74:1c:35:e5:47:e2: 68:af:22:a7:45:57:27:b1:8f:02:33:f8:2f:1d:84: 1f:67:63:d4:14:71:05:6b:71:13:90:3e:fa:25:f3: ad:b4:1c:c0:cf:03:78:6d:88:e6:e8:34:67:95:16: 10:35:af:fa:0f:2c:3e:9d:5b:68:94:58:71:a2:d4: 0d:7d:23:4b:36:bd:ec:71:fa:c3:1b:cf:71:b5:e9: 1e:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:36:9F:D1:21:B6:29:28:C8:E0:7E:00:58:66:FC:0C:09:41:FC:5E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/15b5f216-60e3-4b03-97f3-40e4b5d1e247.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:8000::/40 Signature Algorithm: sha256WithRSAEncryption 35:63:6b:a0:cd:0f:eb:a1:42:0e:24:62:d3:ea:24:aa:af:4b: 59:2c:a3:e7:41:dc:a8:a1:e0:0d:cc:2f:ac:05:32:7c:2f:21: 0f:8b:d6:34:4b:43:69:20:00:7b:24:84:c3:9a:48:8c:e0:bf: c4:6d:65:fd:f3:f9:61:c7:a5:70:40:76:9b:59:fb:ea:f3:cd: 57:d4:6d:bf:c9:b6:db:30:6b:91:97:76:09:ae:ac:e2:60:9a: 6d:f6:6d:f6:50:1b:79:0f:24:47:b3:9b:53:c2:fd:94:fe:ad: e6:f7:b1:0f:8b:b0:81:87:20:79:9f:ae:35:cb:21:95:0a:52: c9:37:72:4f:a8:1c:82:42:6d:3e:1a:bb:ed:c0:1f:b2:fc:ae: 84:0d:c3:98:f2:04:07:c7:d5:ca:a4:11:6a:fd:85:e8:1a:49: 45:10:a1:4f:ba:b7:c1:62:51:35:c7:ba:36:b3:38:d4:d7:27: 1f:1e:9f:f7:4a:34:ff:f9:54:31:ee:be:cc:7c:26:81:c0:2f: 2b:02:f1:f3:e1:5a:04:06:e8:2f:7b:9e:21:73:f0:1a:d9:96: 99:ba:33:54:90:c0:4e:fd:f2:97:51:40:fe:c2:c9:26:d8:a9: f1:b6:84:85:81:dd:b1:57:e2:5a:84:f0:da:2c:5c:76:d2:fb: 1a:c5:2c:6c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUD2bbeuH1yPe6SwPL7eyt1bh1MGMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQwOTAwMDAwMFoX DTI0MDUxNDIzNTk1OVowejFJMEcGA1UEBRNAY2EyMzk0OTZiMzlkMzZhZDRkNWVh MjM4MjBhYWY5MGU2MzM1OGM0MjhiY2IyM2ZjZjJhZDgxODdkYTRjYzE1YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQLBK8I8r2y1Aq/cSwXmAwowZd8/ MOf7j8VMswWJ7qVfzWRZspxQ6l8QSq7rmzyjxjHQwNILsImBktlmEGGuMdsiGBpE bbn40S3mxe5ukOnQ3D1oGWFaGM3Lz6J7YfA2sl/xmfSZ4gG+BBAJ7loFibTzWG7+ 2AWX3T3PViXOu0wo27pFF7C5XUxFlUx/qyhulTkiJCByFlbqpN7zxytFSiIRH4Wi Ym/HgtIspRB0HDXlR+JoryKnRVcnsY8CM/gvHYQfZ2PUFHEFa3ETkD76JfOttBzA zwN4bYjm6DRnlRYQNa/6Dyw+nVtolFhxotQNfSNLNr3scfrDG89xtekewQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDY2n9EhtikoyOB+AFhm/AwJQfxeMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzE1YjVmMjE2LTYwZTMtNGIwMy05N2YzLTQwZTRiNWQxZTI0Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9oAwDQYJKoZIhvcNAQELBQADggEBADVja6DND+uhQg4kYtPq JKqvS1kso+dB3Kih4A3ML6wFMnwvIQ+L1jRLQ2kgAHskhMOaSIzgv8RtZf3z+WHH pXBAdptZ++rzzVfUbb/Jttswa5GXdgmurOJgmm32bfZQG3kPJEezm1PC/ZT+reb3 sQ+LsIGHIHmfrjXLIZUKUsk3ck+oHIJCbT4au+3AH7L8roQNw5jyBAfH1cqkEWr9 hegaSUUQoU+6t8FiUTXHujazONTXJx8en/dKNP/5VDHuvsx8JoHALysC8fPhWgQG 6C97niFz8BrZlpm6M1SQwE798pdRQP7CySbYqfG2hIWB3bFX4lqE8NosXHbS+xrF LGw= -----END CERTIFICATE-----Generated at Thu May 2 20:03:15 2024 by rpki-client on console-ams.rpki-client.org