$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/26852de8-0947-45cf-8a8d-dd2044b222d0.roa File: 26852de8-0947-45cf-8a8d-dd2044b222d0.roa (raw, json) Hash identifier: SS75IVdSCwNI6oM86TEtMFvrUe7qeWWgyURZZkAEN8s= Subject key identifier: 6D:30:4D:87:45:8F:AB:4A:E1:81:6C:2E:1E:8D:9B:30:1A:E1:47:F8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1707EF2F40FE7380AEC1085D572C680151B03336 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/26852de8-0947-45cf-8a8d-dd2044b222d0.roa Signing time: Mon 18 Sep 2023 00:00:00 +0000 ROA not before: Mon 18 Sep 2023 00:00:00 +0000 ROA not after: Mon 23 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf0:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 20 Sep 2023 03:07:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:07:ef:2f:40:fe:73:80:ae:c1:08:5d:57:2c:68:01:51:b0:33:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 18 00:00:00 2023 GMT Not After : Oct 23 23:59:59 2023 GMT Subject: serialNumber=0ac72b133bab2594d186789b92a2eef81d610fe24ce836a61d677843b681a4f5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:3d:52:e3:6a:c7:5e:94:5b:61:59:cc:22:99: 92:81:9f:5a:d9:b0:9a:2f:9a:11:43:4a:1f:18:9e: 90:c4:e4:7a:ff:7b:40:5a:9d:9f:0f:26:52:bf:58: 5c:53:bc:f2:13:74:83:25:f5:1d:3f:1e:f8:b7:b8: 73:04:6b:53:82:9e:d6:48:fd:a4:71:0d:41:c7:c9: 0e:ee:d4:a4:c8:eb:81:fd:a5:30:1e:b1:1c:34:c6: 5d:a1:d6:4f:e7:45:6b:c1:b1:25:f2:da:f9:c9:8f: 50:74:1f:3f:bc:36:05:ec:62:d1:85:2e:8f:b6:74: e6:f7:03:aa:9a:90:01:13:f8:92:ab:b9:f1:db:48: 2f:57:bd:2c:1f:67:cb:53:53:5f:c3:f8:0a:74:35: 1e:fd:55:24:93:8d:ba:1f:a3:84:79:3a:cc:fe:a1: 54:ca:34:91:14:9c:b5:4d:b7:24:b1:7b:5e:8f:28: 59:3f:05:4b:48:ec:d3:b5:80:cd:aa:0d:ad:d5:8f: df:fd:13:0b:06:88:c0:40:37:91:22:9e:cb:fe:c3: 3f:43:be:05:9e:4f:9b:07:7a:f3:a9:28:ec:f8:53: 5f:66:62:f6:ba:6b:46:41:db:1e:0e:1c:1e:8e:8a: 5a:ff:29:4c:dd:8a:53:46:9e:cd:93:c3:47:71:8c: 5c:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:30:4D:87:45:8F:AB:4A:E1:81:6C:2E:1E:8D:9B:30:1A:E1:47:F8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/26852de8-0947-45cf-8a8d-dd2044b222d0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf0:b000::/40 Signature Algorithm: sha256WithRSAEncryption 80:4e:52:b7:71:1f:62:d8:b4:fe:74:05:5d:f3:74:6d:0f:bd: 0e:b1:16:27:84:2f:1d:5e:4b:a5:8d:c9:7f:03:ce:38:0d:9e: 88:6f:6f:a0:22:c7:aa:e1:9f:4f:66:a1:8c:8f:2c:20:1b:55: 8f:76:78:47:6f:69:a8:fa:e2:bf:2e:27:22:4c:78:21:57:a4: 19:3f:16:74:0a:03:7b:4a:e0:41:7e:c4:7e:b0:b8:e1:f5:c7: 23:5e:b2:70:56:27:53:94:14:e5:23:b5:fc:4c:97:ee:fa:71: 2f:73:8c:49:5e:83:3a:21:c6:98:f2:cb:a5:0c:5b:13:f4:d0: 4b:68:12:cb:85:d7:ee:b9:27:21:da:7b:f7:97:30:36:b1:5b: 9c:61:db:d1:4b:6e:e5:fe:b9:77:b4:c6:10:61:19:a3:19:93: b7:fe:0c:1e:59:d8:b3:d1:27:90:ae:ff:49:96:00:1b:d2:5f: 2f:17:0d:3f:c8:b5:e3:6a:59:69:f2:2d:4f:bf:e1:e1:96:ba: ae:97:76:dd:6c:2d:1b:b5:4a:6f:ba:13:11:11:09:38:79:ea: 54:2f:b1:2d:5e:ad:91:75:f9:0f:5b:39:f0:8c:44:4c:c1:04: 7f:48:14:a1:75:40:44:92:a8:44:7e:3e:5b:0e:a1:9e:b5:05: 47:a2:ac:80 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUFwfvL0D+c4CuwQhdVyxoAVGwMzYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkxODAwMDAwMFoX DTIzMTAyMzIzNTk1OVowejFJMEcGA1UEBRNAMGFjNzJiMTMzYmFiMjU5NGQxODY3 ODliOTJhMmVlZjgxZDYxMGZlMjRjZTgzNmE2MWQ2Nzc4NDNiNjgxYTRmNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApz1S42rHXpRbYVnMIpmSgZ9a2bCa L5oRQ0ofGJ6QxOR6/3tAWp2fDyZSv1hcU7zyE3SDJfUdPx74t7hzBGtTgp7WSP2k cQ1Bx8kO7tSkyOuB/aUwHrEcNMZdodZP50VrwbEl8tr5yY9QdB8/vDYF7GLRhS6P tnTm9wOqmpABE/iSq7nx20gvV70sH2fLU1Nfw/gKdDUe/VUkk426H6OEeTrM/qFU yjSRFJy1TbcksXtejyhZPwVLSOzTtYDNqg2t1Y/f/RMLBojAQDeRIp7L/sM/Q74F nk+bB3rzqSjs+FNfZmL2umtGQdseDhwejopa/ylM3YpTRp7Nk8NHcYxceQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFG0wTYdFj6tK4YFsLh6NmzAa4Uf4MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI2ODUyZGU4LTA5NDctNDVjZi04YThkLWRkMjA0NGIyMjJkMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8LAwDQYJKoZIhvcNAQELBQADggEBAIBOUrdxH2LYtP50BV3z dG0PvQ6xFieELx1eS6WNyX8DzjgNnohvb6Aix6rhn09moYyPLCAbVY92eEdvaaj6 4r8uJyJMeCFXpBk/FnQKA3tK4EF+xH6wuOH1xyNesnBWJ1OUFOUjtfxMl+76cS9z jElegzohxpjyy6UMWxP00EtoEsuF1+65JyHae/eXMDaxW5xh29FLbuX+uXe0xhBh GaMZk7f+DB5Z2LPRJ5Cu/0mWABvSXy8XDT/IteNqWWnyLU+/4eGWuq6Xdt1sLRu1 Sm+6ExERCTh56lQvsS1erZF1+Q9bOfCMREzBBH9IFKF1QESSqER+PlsOoZ61BUei rIA= -----END CERTIFICATE-----Generated at Mon Sep 18 15:24:45 2023 by rpki-client on console-fra.rpki-client.org