$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25baa77a-b09f-47d1-b869-2a366621789a.roa File: 25baa77a-b09f-47d1-b869-2a366621789a.roa (raw, json) Hash identifier: YjXd7G+Mq+eIE2ozVJeKJYmS7NpWE0kwgQFjCH348Qk= Subject key identifier: 9A:D5:BF:7B:F8:04:92:3F:F4:6E:8C:BE:FB:9E:96:2C:84:C8:E9:3C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 43C95D4F0E2C30BFF50420FD8C9644D5A0DBE927 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25baa77a-b09f-47d1-b869-2a366621789a.roa Signing time: Sat 06 Apr 2024 00:00:00 +0000 ROA not before: Sat 06 Apr 2024 00:00:00 +0000 ROA not after: Sat 11 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafc:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Apr 2024 00:02:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:c9:5d:4f:0e:2c:30:bf:f5:04:20:fd:8c:96:44:d5:a0:db:e9:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 6 00:00:00 2024 GMT Not After : May 11 23:59:59 2024 GMT Subject: serialNumber=4f175fdd854c4b9aff79e3a563855428ee904d4f71c9e3063c217d508d1f84cf, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:d9:20:a8:df:4d:85:1b:92:b0:35:c6:74:6c: a2:cb:2d:e3:3a:73:92:e1:ff:88:49:f0:b4:b7:07: 21:bf:62:9d:55:b2:29:b6:aa:76:cf:a6:00:ad:de: 1d:df:26:fe:7c:2c:ce:a8:9c:b9:a8:57:fc:7c:fe: ef:8d:7e:32:85:38:95:5d:1d:cc:35:a9:bd:d8:6a: e3:83:98:1f:81:99:78:b0:6c:e8:d2:11:a4:c5:56: 1d:e9:cb:d1:e5:59:16:db:ad:d9:b6:11:21:30:1b: 81:db:b5:60:10:3b:0b:5d:4f:3e:6c:bf:da:d7:92: ee:f6:2a:8e:19:1e:9e:00:67:d8:ba:38:a1:ed:ac: 48:13:08:ae:85:4c:2a:fe:ca:ce:95:46:92:d1:dd: bd:98:cf:84:68:a2:2c:b1:42:57:83:66:4e:28:82: 9e:ef:5a:f7:50:eb:69:d2:5c:31:32:20:c3:45:40: 3f:89:49:31:48:b4:e7:39:cf:0e:5f:ad:94:3a:4c: e8:02:fd:1e:84:9e:6c:e8:cd:46:83:b4:d9:a3:e4: 8f:16:02:c9:0d:1f:f5:19:c6:53:a1:e4:ab:39:bd: 6f:f0:4e:70:4e:66:f0:32:63:0a:36:59:9a:ee:e5: ee:91:e4:64:62:10:64:11:96:1c:1d:c8:4b:a8:4e: 63:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:D5:BF:7B:F8:04:92:3F:F4:6E:8C:BE:FB:9E:96:2C:84:C8:E9:3C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25baa77a-b09f-47d1-b869-2a366621789a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafc:4000::/40 Signature Algorithm: sha256WithRSAEncryption 38:90:55:a6:6f:89:67:e0:e3:8d:1c:9b:f0:4e:a1:4d:50:51: 66:bf:17:65:c5:1d:8b:77:b3:26:21:f0:c0:08:85:58:8e:bd: 76:c7:38:e9:7d:e2:63:8e:f4:88:72:08:12:9e:9a:13:fb:7d: 7b:5e:e2:3e:5f:58:56:91:32:d2:c7:ff:63:63:d0:91:26:b2: 4b:42:66:52:74:2b:2b:7d:11:39:82:49:0a:e7:4d:93:fe:24: a1:6e:bb:e9:e6:e1:62:53:e5:9a:38:fa:11:64:00:4b:03:51: f3:58:6b:de:3b:c5:ec:83:98:d1:31:46:39:e2:ad:83:13:a4: a7:51:29:22:2f:5e:46:35:9b:be:03:1b:65:51:7f:9e:2b:6d: c2:2a:76:0c:44:22:f9:20:5a:92:3f:53:97:1c:08:f8:90:35: 92:d5:83:b6:2f:e1:b5:73:cb:98:90:76:09:eb:7f:7e:e9:72: 37:80:7f:ad:5b:cd:26:17:2c:e9:a6:71:24:d2:34:30:1f:79: 6d:13:f7:d0:d4:3a:32:7f:f2:50:b1:5c:eb:70:68:f5:f9:d4: d1:fa:3a:3c:9c:04:3f:ee:31:a9:90:34:e8:49:1f:f3:cf:83: f7:71:0b:cb:3d:9c:e7:28:6b:20:74:a0:54:a6:20:e1:b2:50: 19:c4:0a:ad -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQ8ldTw4sML/1BCD9jJZE1aDb6ScwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQwNjAwMDAwMFoX DTI0MDUxMTIzNTk1OVowejFJMEcGA1UEBRNANGYxNzVmZGQ4NTRjNGI5YWZmNzll M2E1NjM4NTU0MjhlZTkwNGQ0ZjcxYzllMzA2M2MyMTdkNTA4ZDFmODRjZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodkgqN9NhRuSsDXGdGyiyy3jOnOS 4f+ISfC0twchv2KdVbIptqp2z6YArd4d3yb+fCzOqJy5qFf8fP7vjX4yhTiVXR3M Nam92Grjg5gfgZl4sGzo0hGkxVYd6cvR5VkW263ZthEhMBuB27VgEDsLXU8+bL/a 15Lu9iqOGR6eAGfYujih7axIEwiuhUwq/srOlUaS0d29mM+EaKIssUJXg2ZOKIKe 71r3UOtp0lwxMiDDRUA/iUkxSLTnOc8OX62UOkzoAv0ehJ5s6M1Gg7TZo+SPFgLJ DR/1GcZToeSrOb1v8E5wTmbwMmMKNlma7uXukeRkYhBkEZYcHchLqE5jsQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJrVv3v4BJI/9G6MvvueliyEyOk8MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI1YmFhNzdhLWIwOWYtNDdkMS1iODY5LTJhMzY2NjIxNzg5YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/EAwDQYJKoZIhvcNAQELBQADggEBADiQVaZviWfg440cm/BO oU1QUWa/F2XFHYt3syYh8MAIhViOvXbHOOl94mOO9IhyCBKemhP7fXte4j5fWFaR MtLH/2Nj0JEmsktCZlJ0Kyt9ETmCSQrnTZP+JKFuu+nm4WJT5Zo4+hFkAEsDUfNY a947xeyDmNExRjnirYMTpKdRKSIvXkY1m74DG2VRf54rbcIqdgxEIvkgWpI/U5cc CPiQNZLVg7Yv4bVzy5iQdgnrf37pcjeAf61bzSYXLOmmcSTSNDAfeW0T99DUOjJ/ 8lCxXOtwaPX51NH6OjycBD/uMamQNOhJH/PPg/dxC8s9nOcoayB0oFSmIOGyUBnE Cq0= -----END CERTIFICATE-----Generated at Fri Apr 26 11:00:08 2024 by rpki-client on console-ams.rpki-client.org