$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/19de68e3-844e-4e33-81b6-5c5926e46f23.roa File: 19de68e3-844e-4e33-81b6-5c5926e46f23.roa (raw, json) Hash identifier: gumrzrabRbgPyX2iDf06fPdKn8o1hBhcRGgKCDHF4bE= Subject key identifier: 20:C9:67:57:6C:7C:F0:A9:3C:BA:30:44:8D:66:61:15:C4:9D:0C:34 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 34F2CE99AD6083E3931827D72637E304B602A75D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/19de68e3-844e-4e33-81b6-5c5926e46f23.roa Signing time: Tue 16 Jul 2024 00:00:00 +0000 ROA not before: Tue 16 Jul 2024 00:00:00 +0000 ROA not after: Tue 20 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:f2:ce:99:ad:60:83:e3:93:18:27:d7:26:37:e3:04:b6:02:a7:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 16 00:00:00 2024 GMT Not After : Aug 20 23:59:59 2024 GMT Subject: serialNumber=e057af843fc67952ded26928c727191ed1f7efcef2e8c8d8394e8fd9281d54dc, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:b5:c1:6d:36:31:45:64:8a:41:94:a6:5f:42: 91:3e:c4:96:ab:35:51:fb:70:4b:3d:3c:d9:81:6c: 49:35:67:57:09:00:04:1a:c2:7e:cc:2d:2e:eb:7e: 84:96:95:8a:ec:98:e5:81:41:45:51:1f:36:e9:24: 01:48:5b:03:10:dd:cc:fa:17:cb:1d:cb:9c:e5:f1: b1:db:53:15:e4:fe:ee:96:2a:41:f5:4b:8d:27:1b: 98:2c:a3:73:46:9f:80:e6:d9:c8:3c:42:70:e6:ab: 50:7b:63:73:db:30:8a:c0:8b:76:15:ff:29:40:f3: d8:3f:ed:ec:ea:5e:ef:29:c7:f7:34:14:6b:98:ca: 4e:de:b2:e6:fb:73:81:74:75:08:a4:c8:fb:9a:b0: f3:dd:bb:5d:20:42:c6:f1:3b:f8:5e:a2:8e:41:15: 66:9a:ce:5b:1e:4d:66:6e:4c:24:e6:67:aa:7c:bd: b6:be:d6:30:79:ce:20:2f:83:45:af:26:e0:31:a0: ae:47:a8:82:db:39:28:b8:7f:af:6d:cc:7f:e4:80: 2b:84:c9:26:1e:4b:33:02:09:4c:d6:76:90:64:05: e6:b9:00:de:5e:a4:e9:87:49:20:16:43:c4:0d:42: 5a:12:59:81:08:7d:14:be:01:d8:93:2d:a8:4a:7d: c0:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:C9:67:57:6C:7C:F0:A9:3C:BA:30:44:8D:66:61:15:C4:9D:0C:34 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/19de68e3-844e-4e33-81b6-5c5926e46f23.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:b000::/40 Signature Algorithm: sha256WithRSAEncryption 1e:cd:61:21:94:9e:27:53:93:96:19:98:9d:9f:c9:40:5c:3c: 1d:c6:92:f6:44:3f:59:66:57:84:73:d6:d9:fb:44:33:c1:8a: 8a:f3:c1:2a:f4:82:38:97:31:bb:49:98:a5:08:41:ec:00:93: ae:72:c0:71:9b:8c:e3:ed:11:1e:87:b2:6b:3c:ea:be:df:91: 5e:ba:d4:61:20:9b:37:5a:34:d4:f7:e0:d7:7e:18:a4:7b:ec: 92:29:7b:04:76:24:01:d0:91:95:e7:1d:dc:db:17:ea:57:96: 45:fc:87:0b:59:b8:25:5c:46:ea:ee:87:42:e0:f2:31:59:f6: 69:b8:0a:a7:6d:db:8c:a5:ab:e0:1d:78:d0:67:46:60:9c:5f: fb:43:35:f1:5b:be:f8:6f:b4:21:e1:e0:19:c4:ed:bc:46:a6: ed:03:cd:a9:c1:31:fb:2f:eb:81:cb:25:e0:8c:7a:cf:b3:64: de:d7:09:6f:65:4c:36:f2:9b:b7:54:43:1e:96:90:1d:a0:08: 78:cc:b7:bf:9d:ad:71:09:b6:40:d4:55:f0:33:e2:4b:15:81: c0:5c:74:8b:3a:73:0d:13:34:c9:a6:3e:cf:d9:63:a3:04:43: 63:85:9c:8c:cd:bc:64:d5:9f:a3:33:67:0d:cd:6c:80:d2:b9: 1c:53:b9:2f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUNPLOma1gg+OTGCfXJjfjBLYCp10wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcxNjAwMDAwMFoX DTI0MDgyMDIzNTk1OVowejFJMEcGA1UEBRNAZTA1N2FmODQzZmM2Nzk1MmRlZDI2 OTI4YzcyNzE5MWVkMWY3ZWZjZWYyZThjOGQ4Mzk0ZThmZDkyODFkNTRkYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLXBbTYxRWSKQZSmX0KRPsSWqzVR +3BLPTzZgWxJNWdXCQAEGsJ+zC0u636ElpWK7JjlgUFFUR826SQBSFsDEN3M+hfL Hcuc5fGx21MV5P7ulipB9UuNJxuYLKNzRp+A5tnIPEJw5qtQe2Nz2zCKwIt2Ff8p QPPYP+3s6l7vKcf3NBRrmMpO3rLm+3OBdHUIpMj7mrDz3btdIELG8Tv4XqKOQRVm ms5bHk1mbkwk5meqfL22vtYwec4gL4NFrybgMaCuR6iC2zkouH+vbcx/5IArhMkm HkszAglM1naQZAXmuQDeXqTph0kgFkPEDUJaElmBCH0UvgHYky2oSn3AvQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCDJZ1dsfPCpPLowRI1mYRXEnQw0MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzE5ZGU2OGUzLTg0NGUtNGUzMy04MWI2LTVjNTkyNmU0NmYyMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9LAwDQYJKoZIhvcNAQELBQADggEBAB7NYSGUnidTk5YZmJ2f yUBcPB3GkvZEP1lmV4Rz1tn7RDPBiorzwSr0gjiXMbtJmKUIQewAk65ywHGbjOPt ER6Hsms86r7fkV661GEgmzdaNNT34Nd+GKR77JIpewR2JAHQkZXnHdzbF+pXlkX8 hwtZuCVcRuruh0Lg8jFZ9mm4Cqdt24ylq+AdeNBnRmCcX/tDNfFbvvhvtCHh4BnE 7bxGpu0DzanBMfsv64HLJeCMes+zZN7XCW9lTDbym7dUQx6WkB2gCHjMt7+drXEJ tkDUVfAz4ksVgcBcdIs6cw0TNMmmPs/ZY6MEQ2OFnIzNvGTVn6MzZw3NbIDSuRxT uS8= -----END CERTIFICATE-----Generated at Fri Jul 26 02:06:14 2024 by rpki-client on console-fra.rpki-client.org