$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/168088ed-555e-4d13-9a8c-5dacdd77b796.roa File: 168088ed-555e-4d13-9a8c-5dacdd77b796.roa (raw, json) Hash identifier: tbFQ+IUPF99YZ6gs6fNYPp9cgwz+Hb4JGmbck94zONk= Subject key identifier: 01:D9:FF:51:41:59:95:59:21:63:B8:65:F0:B5:79:DA:28:9D:C0:FE Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7DBD20EF955AFB4526F667A1075EFDBAD0298424 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/168088ed-555e-4d13-9a8c-5dacdd77b796.roa Signing time: Wed 01 May 2024 00:00:00 +0000 ROA not before: Wed 01 May 2024 00:00:00 +0000 ROA not after: Wed 05 Jun 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafc:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 15:21:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:bd:20:ef:95:5a:fb:45:26:f6:67:a1:07:5e:fd:ba:d0:29:84:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 1 00:00:00 2024 GMT Not After : Jun 5 23:59:59 2024 GMT Subject: serialNumber=dca0484cf3d1a6377333e79e511e15c12d11963a6583740951c9973bd6807213, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:98:31:ec:1f:c6:f1:3c:d3:cf:6b:ae:1a:c2: cc:88:0f:13:f3:fa:7e:79:cb:82:ae:e1:50:31:25: af:12:61:c4:f3:a0:12:fa:80:05:98:40:c4:b8:2d: be:6a:ea:de:d6:c0:2b:1b:56:a4:7e:e3:b4:58:b3: 34:f0:97:79:39:db:ba:7d:fc:66:49:7e:f1:26:94: 43:35:f3:57:38:4f:56:99:8c:6a:c7:79:d7:c9:96: fe:89:0c:56:03:4e:eb:30:fd:77:49:96:2c:36:0c: e6:4b:3f:94:bd:02:8f:cd:52:97:47:fd:6a:2b:23: de:de:a3:05:b1:b3:19:c3:e3:d3:3c:0b:7a:a7:2b: f7:b7:cb:1c:7a:8b:21:c3:7b:3f:ae:b4:1b:e4:b5: d6:94:4c:17:13:b9:95:d3:78:45:c4:e4:b5:0c:68: 5b:96:d5:38:08:23:bd:ae:4f:af:f7:f4:b0:e1:20: bf:ec:c5:cc:93:90:d4:15:5a:12:20:e2:cc:3e:bb: 3c:f9:d1:ed:50:4d:ef:7c:b5:0c:2a:84:fb:0c:f0: 8d:37:51:28:6e:a9:11:34:ae:e9:cc:73:64:7b:ef: ba:58:6a:f2:93:55:50:e8:8e:c5:df:41:ac:09:5c: 25:bc:cf:71:3f:5f:b3:62:c0:df:75:8b:44:ab:16: 2c:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:D9:FF:51:41:59:95:59:21:63:B8:65:F0:B5:79:DA:28:9D:C0:FE X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/168088ed-555e-4d13-9a8c-5dacdd77b796.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafc:6000::/40 Signature Algorithm: sha256WithRSAEncryption c2:57:92:23:d0:5f:94:65:75:9d:9a:6c:4f:5e:2e:03:aa:65: b6:ab:97:13:01:b4:ae:2f:10:f5:e6:a9:f3:1f:e1:cd:68:65: 19:85:e6:b9:93:75:10:88:26:99:e8:a1:00:5c:10:ad:df:1a: 38:6a:e3:64:44:78:79:b2:0c:8c:16:4c:87:6a:8d:d8:58:2d: 76:69:69:95:0e:63:21:08:40:06:13:80:7c:bc:fe:76:a4:2b: e5:53:91:fa:99:bf:a4:a4:61:ca:70:92:36:5c:2b:06:0b:5e: 9a:61:5c:4d:c1:c2:19:5b:e6:4c:c5:08:af:af:47:cf:1a:c1: a8:2e:d0:97:72:8b:f2:4c:1c:74:15:09:92:41:e3:0e:97:94: d3:7d:7a:68:91:ed:1a:93:57:ee:f2:a6:7c:6e:f0:c3:54:04: 2f:c4:1d:b8:2e:7a:6f:44:bb:cf:69:7c:a7:54:ce:38:95:09: 10:13:32:1d:f0:83:f4:f1:55:08:25:7f:07:1e:22:b1:17:c5: 50:43:12:6a:f5:5d:3b:af:07:9f:9c:dd:9f:43:48:56:a9:94: 2c:68:b5:46:cf:83:f6:1a:14:56:16:e0:5c:ea:ba:9b:cd:e3: 44:0b:cc:b3:32:53:e0:03:0a:94:17:ce:7c:bd:ad:c6:db:3c: 45:13:cb:da -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUfb0g75Va+0Um9mehB179utAphCQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUwMTAwMDAwMFoX DTI0MDYwNTIzNTk1OVowejFJMEcGA1UEBRNAZGNhMDQ4NGNmM2QxYTYzNzczMzNl NzllNTExZTE1YzEyZDExOTYzYTY1ODM3NDA5NTFjOTk3M2JkNjgwNzIxMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5gx7B/G8TzTz2uuGsLMiA8T8/p+ ecuCruFQMSWvEmHE86AS+oAFmEDEuC2+aure1sArG1akfuO0WLM08Jd5Odu6ffxm SX7xJpRDNfNXOE9WmYxqx3nXyZb+iQxWA07rMP13SZYsNgzmSz+UvQKPzVKXR/1q KyPe3qMFsbMZw+PTPAt6pyv3t8sceoshw3s/rrQb5LXWlEwXE7mV03hFxOS1DGhb ltU4CCO9rk+v9/Sw4SC/7MXMk5DUFVoSIOLMPrs8+dHtUE3vfLUMKoT7DPCNN1Eo bqkRNK7pzHNke++6WGryk1VQ6I7F30GsCVwlvM9xP1+zYsDfdYtEqxYsowIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAHZ/1FBWZVZIWO4ZfC1edooncD+MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzE2ODA4OGVkLTU1NWUtNGQxMy05YThjLTVkYWNkZDc3Yjc5Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/GAwDQYJKoZIhvcNAQELBQADggEBAMJXkiPQX5RldZ2abE9e LgOqZbarlxMBtK4vEPXmqfMf4c1oZRmF5rmTdRCIJpnooQBcEK3fGjhq42REeHmy DIwWTIdqjdhYLXZpaZUOYyEIQAYTgHy8/nakK+VTkfqZv6SkYcpwkjZcKwYLXpph XE3Bwhlb5kzFCK+vR88awagu0Jdyi/JMHHQVCZJB4w6XlNN9emiR7RqTV+7ypnxu 8MNUBC/EHbguem9Eu89pfKdUzjiVCRATMh3wg/TxVQglfwceIrEXxVBDEmr1XTuv B5+c3Z9DSFaplCxotUbPg/YaFFYW4FzqupvN40QLzLMyU+ADCpQXzny9rcbbPEUT y9o= -----END CERTIFICATE-----Generated at Wed May 8 01:06:28 2024 by rpki-client on console-ams.rpki-client.org