$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3a0072df-b178-45d2-b20f-191c118650c6.roa File: 3a0072df-b178-45d2-b20f-191c118650c6.roa (raw, json) Hash identifier: k2LmywMio8mY6SQaIIWabOVZHTsFCWvUdc0762F1j0A= Subject key identifier: F2:B4:3D:61:7A:B5:4E:B6:06:2B:84:BA:F0:DE:15:C6:20:34:8C:E9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 49F94E02E356CF994412FE3986C1FCAB5EF0C773 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3a0072df-b178-45d2-b20f-191c118650c6.roa Signing time: Wed 01 May 2024 00:00:00 +0000 ROA not before: Wed 01 May 2024 00:00:00 +0000 ROA not after: Wed 05 Jun 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da30:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 May 2024 00:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:f9:4e:02:e3:56:cf:99:44:12:fe:39:86:c1:fc:ab:5e:f0:c7:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 1 00:00:00 2024 GMT Not After : Jun 5 23:59:59 2024 GMT Subject: serialNumber=bdc2b20f6d1fcd7ffbd364e3733dc048be165d8af77741cbc99e3043dda72ea4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:0b:fc:b7:f6:a2:17:90:90:cc:67:4f:23:2a: e2:ab:77:ea:37:09:b7:cc:8d:5c:f3:04:d0:32:64: 46:95:bd:d4:2f:82:e5:66:ac:65:53:40:3d:8b:65: db:4b:0d:9e:70:0a:0b:cc:6b:a6:70:ab:4c:9c:80: be:c1:84:3b:94:86:96:c6:ce:4b:6f:00:08:0f:09: 87:48:25:37:16:59:69:aa:f9:94:28:81:ef:f6:d5: 3e:39:d9:7b:6f:48:d1:bf:72:b4:44:03:d0:fd:6f: e9:b0:29:92:32:9e:98:c5:3b:1f:de:78:04:43:71: be:6b:ab:3b:4b:e3:bc:26:f5:92:4a:6f:cf:e4:13: a4:bd:67:83:81:17:2d:29:82:28:1f:7f:21:5c:85: 74:7b:7f:a2:87:16:65:dc:48:3a:64:c4:76:bb:31: 2a:e9:33:0c:38:60:15:d1:23:a6:f4:ec:15:e9:de: a6:ef:7b:ac:a7:1c:a5:99:4f:da:8d:3d:72:0d:a6: 2c:77:77:a2:b9:ee:9f:df:ff:dd:ae:b8:ff:1d:e4: d0:34:71:5c:63:25:9f:ca:6d:38:4c:a6:68:a7:c5: 9e:f8:4b:23:2f:d1:80:2a:bb:91:c0:b7:61:0a:7a: ac:43:4e:3b:5a:5f:b5:89:0b:88:22:93:f1:66:28: b4:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:B4:3D:61:7A:B5:4E:B6:06:2B:84:BA:F0:DE:15:C6:20:34:8C:E9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3a0072df-b178-45d2-b20f-191c118650c6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da30:f000::/40 Signature Algorithm: sha256WithRSAEncryption 54:61:87:cc:a0:8f:4e:9c:c8:79:38:99:36:b2:42:55:0c:2a: 7e:b6:0b:06:ae:b2:00:69:27:e0:90:7b:bc:40:cd:8a:b7:54: ef:a8:aa:79:7a:0d:53:99:28:70:ea:34:d2:46:41:20:c8:68: a1:47:99:a2:b0:a2:1b:7f:86:08:2d:4c:72:59:ef:3d:64:d8: f5:a7:7f:4c:b0:4c:5a:cb:d9:37:44:3a:9c:81:3f:96:32:bb: ab:c5:ad:58:2f:16:d9:6f:c5:56:ac:13:d9:70:6a:2e:19:52: ee:30:71:51:5f:2b:88:54:eb:29:1b:e4:cc:49:16:90:3b:53: 08:ae:78:0b:57:43:2c:aa:a4:47:2f:69:fc:46:fd:9f:a0:db: 85:2f:4f:c6:74:76:23:32:a6:ee:1f:4d:86:2a:0b:dd:62:fd: 38:f1:28:8d:92:be:73:02:b8:5c:1d:57:04:1b:90:fb:f5:83: b4:a7:cb:6c:97:78:7f:cc:7c:ff:e7:3f:b2:4d:58:58:04:60: 1e:52:60:fb:aa:34:1f:9b:f8:66:dc:f8:d5:a1:36:ba:5c:06: 34:8e:39:d6:1a:85:41:68:28:5d:b3:de:58:b6:39:b6:48:72: 59:8c:c6:b1:18:4f:64:d7:9b:57:a3:20:a7:12:27:09:b9:52: 08:54:3d:78 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUSflOAuNWz5lEEv45hsH8q17wx3MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUwMTAwMDAwMFoX DTI0MDYwNTIzNTk1OVowejFJMEcGA1UEBRNAYmRjMmIyMGY2ZDFmY2Q3ZmZiZDM2 NGUzNzMzZGMwNDhiZTE2NWQ4YWY3Nzc0MWNiYzk5ZTMwNDNkZGE3MmVhNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwv8t/aiF5CQzGdPIyriq3fqNwm3 zI1c8wTQMmRGlb3UL4LlZqxlU0A9i2XbSw2ecAoLzGumcKtMnIC+wYQ7lIaWxs5L bwAIDwmHSCU3FllpqvmUKIHv9tU+Odl7b0jRv3K0RAPQ/W/psCmSMp6YxTsf3ngE Q3G+a6s7S+O8JvWSSm/P5BOkvWeDgRctKYIoH38hXIV0e3+ihxZl3Eg6ZMR2uzEq 6TMMOGAV0SOm9OwV6d6m73uspxylmU/ajT1yDaYsd3eiue6f3//drrj/HeTQNHFc YyWfym04TKZop8We+EsjL9GAKruRwLdhCnqsQ047Wl+1iQuIIpPxZii0fwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPK0PWF6tU62BiuEuvDeFcYgNIzpMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNhMDA3MmRmLWIxNzgtNDVkMi1iMjBmLTE5MWMxMTg2NTBjNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaMPAwDQYJKoZIhvcNAQELBQADggEBAFRhh8ygj06cyHk4mTay QlUMKn62CwausgBpJ+CQe7xAzYq3VO+oqnl6DVOZKHDqNNJGQSDIaKFHmaKwoht/ hggtTHJZ7z1k2PWnf0ywTFrL2TdEOpyBP5Yyu6vFrVgvFtlvxVasE9lwai4ZUu4w cVFfK4hU6ykb5MxJFpA7UwiueAtXQyyqpEcvafxG/Z+g24UvT8Z0diMypu4fTYYq C91i/TjxKI2SvnMCuFwdVwQbkPv1g7Sny2yXeH/MfP/nP7JNWFgEYB5SYPuqNB+b +Gbc+NWhNrpcBjSOOdYahUFoKF2z3li2ObZIclmMxrEYT2TXm1ejIKcSJwm5UghU PXg= -----END CERTIFICATE-----Generated at Thu May 23 05:39:35 2024 by rpki-client on console-ams.rpki-client.org