$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/26852de8-0947-45cf-8a8d-dd2044b222d0.roa File: 26852de8-0947-45cf-8a8d-dd2044b222d0.roa (raw, json) Hash identifier: j7cZlMjO+4ZH1qiZ+Y4NYHnUg3Xszt5koSiJoGyIbL0= Subject key identifier: 18:18:D6:56:0B:90:3F:F7:73:1F:EB:03:45:98:67:66:35:46:18:67 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 77294B3565E90E7A44FA37EB466BD6A081AF5ACB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/26852de8-0947-45cf-8a8d-dd2044b222d0.roa Signing time: Sat 06 Apr 2024 00:00:00 +0000 ROA not before: Sat 06 Apr 2024 00:00:00 +0000 ROA not after: Sat 11 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf0:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Apr 2024 00:00:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:29:4b:35:65:e9:0e:7a:44:fa:37:eb:46:6b:d6:a0:81:af:5a:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 6 00:00:00 2024 GMT Not After : May 11 23:59:59 2024 GMT Subject: serialNumber=a3c70d2ee8a57351ec28d0474b20a1a9f98d7325f0eac6539201697fbfb0f481, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:98:ee:7a:41:de:39:fc:0f:ac:72:20:83:63: 59:94:0e:09:82:bc:7f:61:fa:75:39:ef:06:cb:b7: 30:82:ea:83:7a:53:36:8c:b4:5d:a9:c9:1f:d1:23: 59:5e:08:11:4d:dc:3a:51:1e:d6:29:76:3c:7d:72: 63:8a:89:36:b1:b9:8e:ad:be:bb:23:5b:23:e0:19: e0:87:7e:07:ff:35:27:6b:1e:50:5a:8d:e4:74:9c: ae:f9:1b:d2:c2:a5:e7:c0:e8:51:27:0b:a3:06:37: cc:53:fa:37:3e:16:30:e8:8e:f4:15:78:d1:61:5c: 6e:d5:bf:0b:b3:08:b7:3c:05:a1:f2:9e:42:78:11: e9:31:3a:5f:ab:91:2a:6a:9d:c0:4b:96:eb:dd:d9: 00:4b:1b:83:df:2f:52:86:d7:70:0e:0a:a0:11:f7: bc:a9:37:54:60:94:78:bb:0b:9c:ac:3e:95:8b:2d: d6:6d:31:98:e0:fa:53:65:b4:ac:84:b1:66:64:88: d4:a0:c6:99:d4:69:a3:4b:d9:e0:43:0c:54:5f:41: a0:84:f2:7a:c6:03:95:85:a7:13:3b:6d:b3:87:6c: 00:d7:c0:b1:d2:f4:5b:49:2f:e8:fe:38:d4:20:6c: a7:42:ff:02:d4:f4:cf:a1:23:5f:0d:76:48:4b:e8: 6c:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:18:D6:56:0B:90:3F:F7:73:1F:EB:03:45:98:67:66:35:46:18:67 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/26852de8-0947-45cf-8a8d-dd2044b222d0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf0:b000::/40 Signature Algorithm: sha256WithRSAEncryption 77:c1:8b:78:b0:a7:4c:40:40:62:6d:7e:3a:41:68:ea:30:64: 55:48:1a:12:9c:0d:a5:8b:eb:44:87:5f:51:d6:93:eb:29:2c: e3:9c:ef:24:c6:f4:93:cf:7f:fe:8f:09:06:10:57:fb:51:1b: 67:3f:f7:75:7e:87:89:c4:89:06:55:1f:29:4a:f2:9b:35:31: f0:4d:83:90:4e:0b:a0:89:17:d7:db:92:66:65:3b:52:8f:33: 88:88:72:09:17:34:32:02:a1:79:37:f8:40:d3:3b:89:04:39: 2f:16:5f:6d:97:cb:aa:d9:7d:04:52:d8:b2:e7:82:31:b7:02: 75:bb:53:a4:ee:70:38:cf:c7:5c:9d:a2:95:37:46:93:f2:49: 40:0b:88:bb:61:9f:6a:af:87:b2:e2:0d:ad:e0:58:3b:ca:d7: ce:5b:d3:44:62:a7:0b:bf:3b:3f:60:92:ee:b8:41:6b:fd:ff: a4:f3:99:d9:f1:5b:87:1c:da:3f:21:ca:32:95:4a:0b:9f:19: f5:9a:67:6c:bd:b5:61:b6:c6:2d:aa:98:71:cc:39:d3:82:9e: 77:33:ba:85:81:07:56:09:f9:e2:ed:ae:ab:44:24:b1:75:f2: d4:8b:19:12:c0:b7:b5:79:74:23:88:86:05:01:51:47:bd:06: c1:53:34:85 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUdylLNWXpDnpE+jfrRmvWoIGvWsswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQwNjAwMDAwMFoX DTI0MDUxMTIzNTk1OVowejFJMEcGA1UEBRNAYTNjNzBkMmVlOGE1NzM1MWVjMjhk MDQ3NGIyMGExYTlmOThkNzMyNWYwZWFjNjUzOTIwMTY5N2ZiZmIwZjQ4MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZjuekHeOfwPrHIgg2NZlA4Jgrx/ Yfp1Oe8Gy7cwguqDelM2jLRdqckf0SNZXggRTdw6UR7WKXY8fXJjiok2sbmOrb67 I1sj4Bngh34H/zUnax5QWo3kdJyu+RvSwqXnwOhRJwujBjfMU/o3PhYw6I70FXjR YVxu1b8Lswi3PAWh8p5CeBHpMTpfq5Eqap3AS5br3dkASxuD3y9ShtdwDgqgEfe8 qTdUYJR4uwucrD6Viy3WbTGY4PpTZbSshLFmZIjUoMaZ1GmjS9ngQwxUX0GghPJ6 xgOVhacTO22zh2wA18Cx0vRbSS/o/jjUIGynQv8C1PTPoSNfDXZIS+hsCQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBgY1lYLkD/3cx/rA0WYZ2Y1RhhnMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI2ODUyZGU4LTA5NDctNDVjZi04YThkLWRkMjA0NGIyMjJkMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8LAwDQYJKoZIhvcNAQELBQADggEBAHfBi3iwp0xAQGJtfjpB aOowZFVIGhKcDaWL60SHX1HWk+spLOOc7yTG9JPPf/6PCQYQV/tRG2c/93V+h4nE iQZVHylK8ps1MfBNg5BOC6CJF9fbkmZlO1KPM4iIcgkXNDICoXk3+EDTO4kEOS8W X22Xy6rZfQRS2LLngjG3AnW7U6TucDjPx1ydopU3RpPySUALiLthn2qvh7LiDa3g WDvK185b00Ripwu/Oz9gku64QWv9/6TzmdnxW4cc2j8hyjKVSgufGfWaZ2y9tWG2 xi2qmHHMOdOCnnczuoWBB1YJ+eLtrqtEJLF18tSLGRLAt7V5dCOIhgUBUUe9BsFT NIU= -----END CERTIFICATE-----Generated at Sat Apr 20 01:07:31 2024 by rpki-client on console-ams.rpki-client.org