$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b0ce5dd-b814-404d-834f-cb4ff6e69c73.roa File: 2b0ce5dd-b814-404d-834f-cb4ff6e69c73.roa (raw, json) Hash identifier: dlt9Pn/CfKersGrmN9NeWqOhayfhfCX6fy9c7m4qjII= Subject key identifier: E3:CF:B3:0E:F8:B9:AF:D4:1F:6A:57:63:92:C6:8A:2E:C0:43:5D:A5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3B622DD99A4C708ECD041C55C6787D3D469442E7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b0ce5dd-b814-404d-834f-cb4ff6e69c73.roa Signing time: Mon 18 Sep 2023 00:00:00 +0000 ROA not before: Mon 18 Sep 2023 00:00:00 +0000 ROA not after: Mon 23 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daa0:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 20 Sep 2023 03:07:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:62:2d:d9:9a:4c:70:8e:cd:04:1c:55:c6:78:7d:3d:46:94:42:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 18 00:00:00 2023 GMT Not After : Oct 23 23:59:59 2023 GMT Subject: serialNumber=59709a0a69f2b4d0c4ae1a93a8972f68ddb89a4cf8c0b3c34374e9a2fbe7adc3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:e4:ee:e5:36:36:71:fe:63:6f:b2:b1:86:3a: 35:e0:d9:7e:f3:d5:3a:32:7a:1c:05:31:16:33:71: 04:85:3b:72:21:f6:5c:27:79:62:7e:bc:75:71:85: f4:59:de:64:14:73:0f:db:b5:95:93:79:23:72:df: 17:88:98:e2:1a:47:c4:8c:62:5a:70:cd:50:09:3f: 10:19:34:08:f7:24:79:96:52:ba:2e:b4:cb:68:13: b6:86:f4:ec:0f:52:01:19:c7:0d:d6:03:e8:09:fc: 9a:89:92:de:93:6b:1d:41:b9:06:74:0c:85:e4:18: e2:34:db:f3:ac:dd:06:57:27:cf:b9:89:e7:4c:f6: 7f:d9:7c:df:9a:55:50:70:60:45:78:1a:60:88:5a: cf:d5:69:e2:18:b0:e2:0b:37:93:4a:88:4b:26:af: 64:e0:a7:4c:2b:fa:3e:27:38:75:5c:41:c3:25:e1: 8c:d6:60:76:e3:99:e0:50:c3:0e:e3:bb:89:9f:99: 24:2c:ca:2a:b5:28:e5:53:37:37:20:38:56:53:a4: 6b:3d:e5:65:93:d5:44:ab:bc:3a:b6:91:20:7e:03: 02:bc:d8:a7:7b:47:92:5c:42:f8:d9:63:12:d7:51: fe:06:cb:23:70:35:37:77:9b:6c:4a:ee:ca:c9:31: 3c:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:CF:B3:0E:F8:B9:AF:D4:1F:6A:57:63:92:C6:8A:2E:C0:43:5D:A5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b0ce5dd-b814-404d-834f-cb4ff6e69c73.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daa0:1000::/40 Signature Algorithm: sha256WithRSAEncryption 5e:78:27:2d:60:9f:b5:59:63:0a:a2:bc:32:c9:22:48:79:f3: 56:56:9f:23:78:b9:5f:bd:70:4e:27:7b:f3:e5:44:d2:49:a4: bb:00:d0:ec:9b:dc:da:6c:e9:cd:56:a3:dd:d1:3c:77:b5:da: 60:f2:58:a3:04:f3:7c:2b:da:bf:c4:4b:21:2b:38:0f:18:e9: d7:3e:f0:23:c0:df:30:c3:59:f5:bd:4f:ef:b5:b7:6a:4a:44: 83:47:bc:9b:9e:86:ac:92:48:77:6d:e6:d4:d6:5a:f4:4d:99: b4:bc:30:5a:d0:ef:f9:4a:5c:bb:3a:63:5b:00:38:ae:b9:e5: ba:ae:9b:2c:f6:0e:38:d1:41:4a:a1:b7:82:28:95:8c:38:21: 2f:c6:35:2b:a8:8b:be:f3:8f:3f:56:10:aa:10:c8:71:a7:b7: 33:8f:74:f5:21:5d:8e:6c:f5:43:f3:78:f3:a8:c3:96:4e:d6: f5:73:11:e3:9f:75:fc:50:8b:1c:df:00:cb:cd:fc:b6:67:87: dc:cb:f4:14:8a:41:fb:6c:a9:ca:d1:08:08:bc:8e:98:c5:0a: be:2d:ff:6f:a4:a4:8b:6c:e5:2f:33:45:e4:71:e5:3d:f8:e6: 15:2c:d6:d5:cc:ca:18:a7:02:56:17:20:4f:98:d7:16:2d:83: 8c:99:09:69 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUO2It2ZpMcI7NBBxVxnh9PUaUQucwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkxODAwMDAwMFoX DTIzMTAyMzIzNTk1OVowejFJMEcGA1UEBRNANTk3MDlhMGE2OWYyYjRkMGM0YWUx YTkzYTg5NzJmNjhkZGI4OWE0Y2Y4YzBiM2MzNDM3NGU5YTJmYmU3YWRjMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeTu5TY2cf5jb7Kxhjo14Nl+89U6 MnocBTEWM3EEhTtyIfZcJ3lifrx1cYX0Wd5kFHMP27WVk3kjct8XiJjiGkfEjGJa cM1QCT8QGTQI9yR5llK6LrTLaBO2hvTsD1IBGccN1gPoCfyaiZLek2sdQbkGdAyF 5BjiNNvzrN0GVyfPuYnnTPZ/2XzfmlVQcGBFeBpgiFrP1WniGLDiCzeTSohLJq9k 4KdMK/o+Jzh1XEHDJeGM1mB245ngUMMO47uJn5kkLMoqtSjlUzc3IDhWU6RrPeVl k9VEq7w6tpEgfgMCvNine0eSXEL42WMS11H+BssjcDU3d5tsSu7KyTE8iwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOPPsw74ua/UH2pXY5LGii7AQ12lMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJiMGNlNWRkLWI4MTQtNDA0ZC04MzRmLWNiNGZmNmU2OWM3My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaoBAwDQYJKoZIhvcNAQELBQADggEBAF54Jy1gn7VZYwqivDLJ Ikh581ZWnyN4uV+9cE4ne/PlRNJJpLsA0Oyb3Nps6c1Wo93RPHe12mDyWKME83wr 2r/ESyErOA8Y6dc+8CPA3zDDWfW9T++1t2pKRINHvJuehqySSHdt5tTWWvRNmbS8 MFrQ7/lKXLs6Y1sAOK655bqumyz2DjjRQUqht4IolYw4IS/GNSuoi77zjz9WEKoQ yHGntzOPdPUhXY5s9UPzePOow5ZO1vVzEeOfdfxQixzfAMvN/LZnh9zL9BSKQfts qcrRCAi8jpjFCr4t/2+kpIts5S8zReRx5T345hUs1tXMyhinAlYXIE+Y1xYtg4yZ CWk= -----END CERTIFICATE-----Generated at Mon Sep 18 15:24:45 2023 by rpki-client on console-fra.rpki-client.org