$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25baa77a-b09f-47d1-b869-2a366621789a.roa File: 25baa77a-b09f-47d1-b869-2a366621789a.roa (raw, json) Hash identifier: ascrXB8flDXoihDCbi1BT74UJvApl18tkj3sHZfrPMs= Subject key identifier: F6:30:68:76:5C:34:CC:8E:EF:F5:05:F4:38:13:C8:26:DE:61:C3:F1 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 69041AE95E4414CDEC60159277F609C57B86E304 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25baa77a-b09f-47d1-b869-2a366621789a.roa Signing time: Tue 16 Jul 2024 00:00:00 +0000 ROA not before: Tue 16 Jul 2024 00:00:00 +0000 ROA not after: Tue 20 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafc:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:04:1a:e9:5e:44:14:cd:ec:60:15:92:77:f6:09:c5:7b:86:e3:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 16 00:00:00 2024 GMT Not After : Aug 20 23:59:59 2024 GMT Subject: serialNumber=5d192663af75e8262c9620771763acc2f66468b8212dedcd466110ad73324ce8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:66:71:b2:02:80:7d:e8:a2:c0:f0:4a:ec:ec: ea:c9:5a:e6:8a:62:99:2c:41:75:0a:3c:5e:be:95: 12:d3:1f:ab:62:60:10:73:2e:69:94:ad:6c:4c:5d: 65:32:cf:42:91:be:a8:a0:45:74:a8:a0:aa:76:67: 54:ff:34:84:a2:1d:a8:3d:db:9d:b1:7a:c5:fa:09: 6e:65:00:8c:26:f1:36:9a:49:e4:51:5d:95:17:28: 77:38:b3:1d:81:58:d7:ec:2d:aa:3b:46:07:b9:b8: b8:7b:0a:ab:6f:74:9c:11:5a:5c:99:0c:3f:22:94: 7c:75:ba:ea:9e:6c:e2:6f:02:fa:57:b8:0c:b3:7f: 81:97:41:3b:88:27:9f:ec:4e:33:63:d1:e3:2b:58: 3e:e0:bf:db:04:8c:9b:74:e0:10:c7:2d:99:ae:76: dd:51:57:73:17:ce:9a:4e:da:70:1a:36:aa:6f:38: 18:cc:d2:81:ba:e1:c9:29:a4:53:36:f7:c0:39:cd: d6:c1:08:7f:6c:06:d0:f0:65:7e:59:bf:25:f9:16: 8e:a6:06:15:2a:44:77:cd:80:a2:7c:f1:c5:23:30: 48:75:57:c8:22:6a:1e:93:7b:30:df:73:95:23:ad: a3:bf:d4:63:a0:64:c9:0f:02:8f:7b:0b:4d:9d:25: f1:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:30:68:76:5C:34:CC:8E:EF:F5:05:F4:38:13:C8:26:DE:61:C3:F1 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25baa77a-b09f-47d1-b869-2a366621789a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafc:4000::/40 Signature Algorithm: sha256WithRSAEncryption 49:ea:0b:c8:72:df:7d:76:53:9f:24:c5:57:cc:76:80:f7:eb: 0b:ee:77:1f:2f:ad:e4:d9:65:cb:f8:a2:e9:74:c5:9d:32:76: 7d:34:21:f2:06:ff:fa:62:67:b0:f9:7e:5c:14:95:90:18:ec: 96:fa:36:66:7e:d7:52:bf:e0:5e:66:ab:e6:61:a1:a2:73:33: 04:89:3a:5f:3c:a9:be:37:a9:75:46:f4:c8:4f:50:a1:38:1b: e8:7c:d6:17:8f:ab:ee:eb:46:aa:dd:04:71:71:b3:bc:97:a2: 0d:b4:ac:b7:ac:d6:27:c0:ea:5d:c3:61:2c:9a:67:a9:1e:58: 97:80:7b:d3:31:02:6d:4e:45:2d:d8:7e:f5:fe:d1:36:67:58: 59:01:48:2f:38:94:a3:11:7f:8f:5d:6f:95:c7:5d:25:a4:5e: fb:09:97:bc:fb:f3:cc:d1:72:8a:23:fa:ec:e1:4f:05:6e:0b: 56:d9:77:0d:4f:0c:4a:39:a4:d4:73:7a:f4:7f:db:37:51:ca: cc:66:7f:30:56:6d:50:53:a0:bc:16:43:dc:dd:84:48:a7:c8: 66:4f:25:21:19:68:bf:ca:f9:4b:21:11:34:e7:2c:a8:55:3a: dc:4b:7a:7b:f0:bb:d4:4b:74:e4:c2:00:d3:6a:b5:7a:b3:82: 6f:bb:03:41 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUaQQa6V5EFM3sYBWSd/YJxXuG4wQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcxNjAwMDAwMFoX DTI0MDgyMDIzNTk1OVowejFJMEcGA1UEBRNANWQxOTI2NjNhZjc1ZTgyNjJjOTYy MDc3MTc2M2FjYzJmNjY0NjhiODIxMmRlZGNkNDY2MTEwYWQ3MzMyNGNlODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmZxsgKAfeiiwPBK7OzqyVrmimKZ LEF1CjxevpUS0x+rYmAQcy5plK1sTF1lMs9Ckb6ooEV0qKCqdmdU/zSEoh2oPdud sXrF+gluZQCMJvE2mknkUV2VFyh3OLMdgVjX7C2qO0YHubi4ewqrb3ScEVpcmQw/ IpR8dbrqnmzibwL6V7gMs3+Bl0E7iCef7E4zY9HjK1g+4L/bBIybdOAQxy2Zrnbd UVdzF86aTtpwGjaqbzgYzNKBuuHJKaRTNvfAOc3WwQh/bAbQ8GV+Wb8l+RaOpgYV KkR3zYCifPHFIzBIdVfIImoek3sw33OVI62jv9RjoGTJDwKPewtNnSXxUwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPYwaHZcNMyO7/UF9DgTyCbeYcPxMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI1YmFhNzdhLWIwOWYtNDdkMS1iODY5LTJhMzY2NjIxNzg5YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/EAwDQYJKoZIhvcNAQELBQADggEBAEnqC8hy3312U58kxVfM doD36wvudx8vreTZZcv4oul0xZ0ydn00IfIG//piZ7D5flwUlZAY7Jb6NmZ+11K/ 4F5mq+ZhoaJzMwSJOl88qb43qXVG9MhPUKE4G+h81hePq+7rRqrdBHFxs7yXog20 rLes1ifA6l3DYSyaZ6keWJeAe9MxAm1ORS3YfvX+0TZnWFkBSC84lKMRf49db5XH XSWkXvsJl7z788zRcooj+uzhTwVuC1bZdw1PDEo5pNRzevR/2zdRysxmfzBWbVBT oLwWQ9zdhEinyGZPJSEZaL/K+UshETTnLKhVOtxLenvwu9RLdOTCANNqtXqzgm+7 A0E= -----END CERTIFICATE-----Generated at Fri Jul 26 01:58:40 2024 by rpki-client on console-ams.rpki-client.org