$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/390b07ec-5dbd-4f87-81ae-9ed85c7be280.roa File: 390b07ec-5dbd-4f87-81ae-9ed85c7be280.roa (raw, json) Hash identifier: EdT7AmFo9fyo4v3S0p6Mo4DsvfHJhOvMYEr6ohpTB6I= Subject key identifier: DC:BF:B5:60:2F:9E:4F:F4:1D:6B:78:00:34:D1:98:85:A7:0F:99:99 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 42F560B5F7DDC1EB850EB8FEACADED2E17D03F30 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/390b07ec-5dbd-4f87-81ae-9ed85c7be280.roa Signing time: Mon 18 Sep 2023 00:00:00 +0000 ROA not before: Mon 18 Sep 2023 00:00:00 +0000 ROA not after: Mon 23 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 20 Sep 2023 03:07:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:f5:60:b5:f7:dd:c1:eb:85:0e:b8:fe:ac:ad:ed:2e:17:d0:3f:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 18 00:00:00 2023 GMT Not After : Oct 23 23:59:59 2023 GMT Subject: serialNumber=161e0d560ec026bfbf7dd03ddac5a2d11fff6bc63b4618d5f063a03a29abef39, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:34:1e:fc:fd:bd:42:7d:99:55:95:09:5b:8e: e4:0a:0d:a4:5d:b4:5e:2c:ca:19:45:42:68:3a:3b: a4:09:a3:12:7f:ea:e9:1b:88:19:92:b1:ca:0c:5d: d0:ae:4e:4e:47:b8:d5:7f:5f:89:d2:d6:84:0d:6d: 2f:96:e7:8c:2b:70:09:4b:49:e5:44:82:d8:16:04: b3:e5:01:4f:74:23:45:10:65:c3:11:74:93:5c:d1: 2b:81:4a:a2:d2:1e:ef:1f:e2:cf:18:1d:2e:c7:ed: 3c:5c:c9:dd:df:7b:b3:28:76:70:61:e7:bb:88:87: c0:42:71:d7:a1:86:2b:34:94:dc:fd:71:0f:ba:e3: 86:0b:8e:19:69:cb:24:8b:70:d3:fa:2c:ae:7b:a5: 4a:fe:bf:bb:d6:ce:6b:b3:be:57:42:6e:8d:f5:6c: 69:cc:53:fe:6f:35:0c:f1:a7:e5:d7:8c:c4:a2:13: 4f:a1:95:43:bd:99:0f:1d:b8:b3:36:8f:32:79:30: b3:24:46:c6:d0:f8:1f:38:52:2b:49:3c:a9:d3:af: 22:e2:43:78:7c:c1:a4:d9:ae:31:55:14:8e:12:f3: 4c:b9:fc:c0:d7:b2:a7:52:7a:c9:d4:bf:62:67:9c: 44:80:dd:c2:9e:3c:e1:c8:d9:b6:34:af:94:06:cf: 77:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:BF:B5:60:2F:9E:4F:F4:1D:6B:78:00:34:D1:98:85:A7:0F:99:99 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/390b07ec-5dbd-4f87-81ae-9ed85c7be280.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:2000::/40 Signature Algorithm: sha256WithRSAEncryption bf:c4:46:b8:64:a7:57:c2:91:c5:1b:86:9f:d0:a0:2a:f9:86: be:84:b9:1d:51:4b:ab:61:36:c3:79:11:d4:c4:f5:88:32:1f: d0:2a:9d:d7:9a:0e:8e:48:bf:db:af:f3:2e:dd:61:93:54:23: 8a:18:87:c1:a2:ae:7f:43:94:09:b1:7e:dc:6a:e7:48:3e:d3: e0:34:c8:a8:a0:d0:0d:e6:8b:90:be:b4:b9:fd:be:bb:0a:21: ca:c0:9a:32:7d:42:f5:8b:9d:57:26:a2:03:c3:14:e5:e6:63: 17:65:67:e5:10:f0:4a:cd:31:fd:d0:26:e9:c9:79:47:17:44: ef:bc:91:2b:2c:73:7f:71:94:e5:35:bc:d4:39:69:19:ce:b2: 95:fa:2d:ad:b5:5b:09:b0:b5:20:e1:8e:e1:3e:c1:1b:77:21: 66:a8:51:f7:7b:a5:db:48:32:2a:b7:dc:c3:07:1f:11:48:53: 5e:6a:ee:4f:0c:e3:33:59:33:9f:4b:9f:6b:a9:4f:40:4b:91: 90:51:57:70:7d:a4:98:9c:25:24:d3:9e:30:04:23:08:a4:c3: 9b:18:af:11:c8:e7:aa:f0:e1:36:32:16:7e:72:f3:86:50:90: 5d:6e:ad:35:9d:77:d5:5a:da:87:03:ca:fb:f4:ad:4a:78:d5: 2b:08:dd:20 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQvVgtffdweuFDrj+rK3tLhfQPzAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkxODAwMDAwMFoX DTIzMTAyMzIzNTk1OVowejFJMEcGA1UEBRNAMTYxZTBkNTYwZWMwMjZiZmJmN2Rk MDNkZGFjNWEyZDExZmZmNmJjNjNiNDYxOGQ1ZjA2M2EwM2EyOWFiZWYzOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzQe/P29Qn2ZVZUJW47kCg2kXbRe LMoZRUJoOjukCaMSf+rpG4gZkrHKDF3Qrk5OR7jVf1+J0taEDW0vlueMK3AJS0nl RILYFgSz5QFPdCNFEGXDEXSTXNErgUqi0h7vH+LPGB0ux+08XMnd33uzKHZwYee7 iIfAQnHXoYYrNJTc/XEPuuOGC44Zacski3DT+iyue6VK/r+71s5rs75XQm6N9Wxp zFP+bzUM8afl14zEohNPoZVDvZkPHbizNo8yeTCzJEbG0PgfOFIrSTyp068i4kN4 fMGk2a4xVRSOEvNMufzA17KnUnrJ1L9iZ5xEgN3CnjzhyNm2NK+UBs93AQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNy/tWAvnk/0HWt4ADTRmIWnD5mZMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM5MGIwN2VjLTVkYmQtNGY4Ny04MWFlLTllZDg1YzdiZTI4MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+yAwDQYJKoZIhvcNAQELBQADggEBAL/ERrhkp1fCkcUbhp/Q oCr5hr6EuR1RS6thNsN5EdTE9YgyH9AqndeaDo5Iv9uv8y7dYZNUI4oYh8Girn9D lAmxftxq50g+0+A0yKig0A3mi5C+tLn9vrsKIcrAmjJ9QvWLnVcmogPDFOXmYxdl Z+UQ8ErNMf3QJunJeUcXRO+8kSssc39xlOU1vNQ5aRnOspX6La21WwmwtSDhjuE+ wRt3IWaoUfd7pdtIMiq33MMHHxFIU15q7k8M4zNZM59Ln2upT0BLkZBRV3B9pJic JSTTnjAEIwikw5sYrxHI56rw4TYyFn5y84ZQkF1urTWdd9Va2ocDyvv0rUp41SsI 3SA= -----END CERTIFICATE-----Generated at Mon Sep 18 15:24:45 2023 by rpki-client on console-fra.rpki-client.org