$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e9cc6af-bc2c-4dca-8915-0cddf25cc8db.roa File: 3e9cc6af-bc2c-4dca-8915-0cddf25cc8db.roa (raw, json) Hash identifier: rpks/GAnxkXmhURlgFXl+fbndEwm+o/+xtNkRQiA6w8= Subject key identifier: 63:D1:D5:4D:91:60:B7:A8:90:22:6E:C0:E1:95:97:E3:18:F4:17:AE Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 38DE436D731DD4B81065F275EE09BEAF0AD36388 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e9cc6af-bc2c-4dca-8915-0cddf25cc8db.roa Signing time: Tue 30 Apr 2024 00:00:00 +0000 ROA not before: Tue 30 Apr 2024 00:00:00 +0000 ROA not after: Tue 04 Jun 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:4800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 07 May 2024 00:10:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:de:43:6d:73:1d:d4:b8:10:65:f2:75:ee:09:be:af:0a:d3:63:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 30 00:00:00 2024 GMT Not After : Jun 4 23:59:59 2024 GMT Subject: serialNumber=c1aa59013ec668680766362289344f05167b84a708c6b13a39785cf3ad7f9a52, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:e2:77:62:db:61:91:24:3f:e3:b8:79:4a:2f: 42:5d:c4:cb:bd:fe:f0:31:36:78:af:6f:7b:e0:b7: ba:e7:fe:6f:92:06:21:38:78:ed:c7:41:97:fc:4b: 8a:41:7b:ee:90:3a:19:51:0d:8f:3a:3a:75:64:66: 1e:7d:74:92:16:0a:25:34:22:8e:d9:87:4a:2b:fc: f5:24:46:83:b7:1a:9d:40:c1:e7:a2:85:bc:49:76: 1b:11:f9:9e:46:10:e1:d2:a8:db:e9:47:bd:f7:71: 96:25:3c:54:9c:84:7b:d1:d0:4b:d1:65:14:20:9b: 11:fc:01:6b:e3:55:00:99:d0:c4:9e:60:3c:2d:a6: 49:d5:d2:57:25:a4:34:47:9b:78:c5:d3:be:ff:85: 50:7a:f6:9b:73:be:cd:40:08:68:57:a3:5d:e2:4a: a5:08:37:26:74:16:d0:53:db:1e:60:66:cd:a1:2f: 82:b9:87:ec:a7:13:81:34:02:34:6a:aa:11:16:a0: ab:36:3c:10:2f:bd:2b:10:8b:7a:48:ae:6d:86:c8: 38:d6:3b:95:85:b6:6e:ab:44:f0:fa:72:1a:96:3d: b8:58:19:45:f0:b0:c5:7f:62:c7:bb:e6:05:cb:dc: e6:63:89:18:bd:b8:67:4b:12:fe:a1:13:43:53:e3: b5:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:D1:D5:4D:91:60:B7:A8:90:22:6E:C0:E1:95:97:E3:18:F4:17:AE X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e9cc6af-bc2c-4dca-8915-0cddf25cc8db.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:4800::/40 Signature Algorithm: sha256WithRSAEncryption be:2e:e2:33:ca:d4:f9:5f:7b:ae:4c:69:66:93:78:19:14:a3: fc:ac:de:34:b7:61:4c:ad:53:17:c6:48:a2:64:95:19:32:d5: ca:db:7a:31:60:7b:c9:ef:a7:35:41:f2:8a:8e:eb:0f:4b:14: 39:e7:b8:6d:e6:ae:7f:07:d6:96:c5:d4:7a:c7:e4:c5:a3:ff: f6:be:a7:47:2e:60:41:b2:f3:0f:63:73:92:f2:3f:aa:88:c2: 4d:81:4a:b8:50:39:59:1b:18:4e:40:2f:48:a7:dc:ac:87:24: 8f:31:f7:19:52:ec:71:84:15:5d:b2:d7:f5:92:d7:d3:e6:b2: c7:7b:28:39:11:fb:85:9a:00:f0:4f:cd:b8:41:78:8b:f8:8b: 42:0b:4d:0d:75:24:eb:48:8d:29:3d:21:c6:1d:04:1e:1a:aa: 39:9f:a0:e2:b5:3c:c9:8e:ef:02:9a:3a:75:9b:27:2d:03:61: 88:17:85:99:67:c4:ee:ed:ed:dc:76:46:e8:e9:7a:cb:f0:fa: f2:ab:aa:f6:bf:cd:9d:08:ee:7f:c7:25:5e:9c:8c:52:b5:e0: ae:37:72:93:81:43:73:f6:95:f9:f3:96:32:bb:22:ba:94:d8: 5f:5b:83:01:af:52:48:41:02:bd:11:e7:bc:92:cf:74:c5:de: 64:42:de:5f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUON5DbXMd1LgQZfJ17gm+rwrTY4gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQzMDAwMDAwMFoX DTI0MDYwNDIzNTk1OVowejFJMEcGA1UEBRNAYzFhYTU5MDEzZWM2Njg2ODA3NjYz NjIyODkzNDRmMDUxNjdiODRhNzA4YzZiMTNhMzk3ODVjZjNhZDdmOWE1MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOJ3YtthkSQ/47h5Si9CXcTLvf7w MTZ4r2974Le65/5vkgYhOHjtx0GX/EuKQXvukDoZUQ2POjp1ZGYefXSSFgolNCKO 2YdKK/z1JEaDtxqdQMHnooW8SXYbEfmeRhDh0qjb6Ue993GWJTxUnIR70dBL0WUU IJsR/AFr41UAmdDEnmA8LaZJ1dJXJaQ0R5t4xdO+/4VQevabc77NQAhoV6Nd4kql CDcmdBbQU9seYGbNoS+CuYfspxOBNAI0aqoRFqCrNjwQL70rEIt6SK5thsg41juV hbZuq0Tw+nIalj24WBlF8LDFf2LHu+YFy9zmY4kYvbhnSxL+oRNDU+O1GQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGPR1U2RYLeokCJuwOGVl+MY9BeuMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNlOWNjNmFmLWJjMmMtNGRjYS04OTE1LTBjZGRmMjVjYzhkYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaEgwDQYJKoZIhvcNAQELBQADggEBAL4u4jPK1Plfe65MaWaT eBkUo/ys3jS3YUytUxfGSKJklRky1crbejFge8nvpzVB8oqO6w9LFDnnuG3mrn8H 1pbF1HrH5MWj//a+p0cuYEGy8w9jc5LyP6qIwk2BSrhQOVkbGE5AL0in3KyHJI8x 9xlS7HGEFV2y1/WS19Pmssd7KDkR+4WaAPBPzbhBeIv4i0ILTQ11JOtIjSk9IcYd BB4aqjmfoOK1PMmO7wKaOnWbJy0DYYgXhZlnxO7t7dx2Rujpesvw+vKrqva/zZ0I 7n/HJV6cjFK14K43cpOBQ3P2lfnzljK7IrqU2F9bgwGvUkhBAr0R57ySz3TF3mRC 3l8= -----END CERTIFICATE-----Generated at Fri May 3 01:27:44 2024 by rpki-client on console-fra.rpki-client.org