$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/34315c91-143e-48d8-b654-b8332ff1ee53.roa File: 34315c91-143e-48d8-b654-b8332ff1ee53.roa (raw, json) Hash identifier: hyEaCA+xTB/LM1bDqS4nb4yzW/OU3R+rGRez2m/NbtU= Subject key identifier: D1:41:59:5E:0A:C7:34:83:0D:48:BF:7A:8C:7F:1F:0E:89:81:B4:2F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 53364145310415CE9B8FAF52266E0DE1B91722D4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/34315c91-143e-48d8-b654-b8332ff1ee53.roa Signing time: Mon 08 Jul 2024 00:00:00 +0000 ROA not before: Mon 08 Jul 2024 00:00:00 +0000 ROA not after: Mon 12 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab8:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:36:41:45:31:04:15:ce:9b:8f:af:52:26:6e:0d:e1:b9:17:22:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 8 00:00:00 2024 GMT Not After : Aug 12 23:59:59 2024 GMT Subject: serialNumber=d8894391beaaa6602ce86f126ca29d36830174870b213a40ec79d94a79389faa, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:20:9a:6a:0b:73:0a:b4:2e:0b:70:f5:2e:77: 5e:d7:39:8c:2f:42:ac:f3:d1:30:2f:c1:ac:c6:99: ce:82:36:f8:47:e1:05:7c:2e:75:77:27:4d:b3:1d: 12:83:30:be:4e:2e:43:17:b9:5f:17:42:1c:f9:e5: 69:e0:41:82:82:85:93:07:ba:6d:77:ff:7e:a0:f6: 35:5c:39:c1:a4:68:db:66:b8:4c:b2:93:40:e6:fe: ee:4a:43:d7:77:95:63:83:f4:be:54:31:c8:68:f6: 54:c6:d9:82:e0:ac:76:aa:b8:7d:0b:b5:7b:9b:6a: 92:06:a6:aa:f8:7d:f8:ee:05:ab:fa:db:47:bf:09: 7d:06:72:bc:bb:78:a4:a7:87:d0:82:1a:a3:33:fa: 65:bf:ea:0b:34:a1:8a:75:80:5f:1c:20:81:86:12: 47:03:1b:cd:0f:d1:87:40:c8:7b:1f:4a:dd:18:f6: de:bc:3e:0b:e5:bd:83:c4:91:00:26:5b:c4:f2:10: 79:66:04:d8:43:37:5d:dd:f7:34:8c:3b:dc:27:cc: 5c:7a:4b:3f:5e:12:c4:20:0e:ae:6f:e0:e1:b1:08: a9:72:0e:48:94:9e:04:5a:0a:85:9b:ca:e2:44:85: 77:de:bc:d3:8d:14:1e:28:c5:d9:3d:5e:ce:47:e5: 75:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:41:59:5E:0A:C7:34:83:0D:48:BF:7A:8C:7F:1F:0E:89:81:B4:2F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/34315c91-143e-48d8-b654-b8332ff1ee53.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab8:a000::/40 Signature Algorithm: sha256WithRSAEncryption 7d:81:46:92:03:f1:ed:09:b8:6d:6d:0f:4b:d9:71:03:00:3a: ad:81:32:94:e8:35:fc:d8:76:27:62:0b:cc:6f:0b:80:0b:40: 62:9c:0e:16:71:08:08:0f:a4:1d:ce:7f:37:6c:c2:d3:a8:ce: fc:44:11:cd:9a:a7:96:b2:85:b6:cb:1b:5a:3f:45:bc:65:08: 8c:6e:57:be:f4:64:a8:fa:06:21:0c:15:0d:0e:06:df:df:c5: 24:aa:f0:a6:97:93:d5:a2:5c:99:c8:9e:90:f3:6d:3f:46:31: e6:41:bd:24:1b:a2:79:50:4b:3f:57:52:07:40:22:54:f9:e6: 2e:d5:58:7a:60:22:f0:91:6a:9d:a2:70:b2:ea:ec:ce:1b:a9: c4:3a:e2:ea:dc:3e:f1:72:13:42:ce:ff:3e:91:d9:b8:e7:8e: a7:01:93:21:ea:b6:86:fb:c2:d9:06:97:03:45:53:3c:bf:a0: 6a:6b:09:7d:17:13:6a:8f:17:f0:53:e6:35:9f:b5:f9:8c:28: 55:e3:c3:a2:7c:cb:10:80:05:f4:6f:63:c3:9c:83:6e:6e:50: 75:f5:8f:63:35:a2:12:ec:b4:ed:7d:4f:b5:b9:1d:38:24:bd: 71:1b:8a:b8:2e:7d:f9:1a:59:27:b0:68:9e:27:48:c4:68:c2: c9:8c:86:eb -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUUzZBRTEEFc6bj69SJm4N4bkXItQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcwODAwMDAwMFoX DTI0MDgxMjIzNTk1OVowejFJMEcGA1UEBRNAZDg4OTQzOTFiZWFhYTY2MDJjZTg2 ZjEyNmNhMjlkMzY4MzAxNzQ4NzBiMjEzYTQwZWM3OWQ5NGE3OTM4OWZhYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2yCaagtzCrQuC3D1Lnde1zmML0Ks 89EwL8GsxpnOgjb4R+EFfC51dydNsx0SgzC+Ti5DF7lfF0Ic+eVp4EGCgoWTB7pt d/9+oPY1XDnBpGjbZrhMspNA5v7uSkPXd5Vjg/S+VDHIaPZUxtmC4Kx2qrh9C7V7 m2qSBqaq+H347gWr+ttHvwl9BnK8u3ikp4fQghqjM/plv+oLNKGKdYBfHCCBhhJH AxvND9GHQMh7H0rdGPbevD4L5b2DxJEAJlvE8hB5ZgTYQzdd3fc0jDvcJ8xceks/ XhLEIA6ub+DhsQipcg5IlJ4EWgqFm8riRIV33rzTjRQeKMXZPV7OR+V1EwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNFBWV4KxzSDDUi/eox/Hw6JgbQvMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM0MzE1YzkxLTE0M2UtNDhkOC1iNjU0LWI4MzMyZmYxZWU1My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauKAwDQYJKoZIhvcNAQELBQADggEBAH2BRpID8e0JuG1tD0vZ cQMAOq2BMpToNfzYdidiC8xvC4ALQGKcDhZxCAgPpB3OfzdswtOozvxEEc2ap5ay hbbLG1o/RbxlCIxuV770ZKj6BiEMFQ0OBt/fxSSq8KaXk9WiXJnInpDzbT9GMeZB vSQbonlQSz9XUgdAIlT55i7VWHpgIvCRap2icLLq7M4bqcQ64urcPvFyE0LO/z6R 2bjnjqcBkyHqtob7wtkGlwNFUzy/oGprCX0XE2qPF/BT5jWftfmMKFXjw6J8yxCA BfRvY8Ocg25uUHX1j2M1ohLstO19T7W5HTgkvXEbirguffkaWSewaJ4nSMRowsmM hus= -----END CERTIFICATE-----Generated at Fri Jul 26 01:58:40 2024 by rpki-client on console-ams.rpki-client.org