$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3ea6b312-7b38-4ea1-b02d-674fb5a5448e.roa File: 3ea6b312-7b38-4ea1-b02d-674fb5a5448e.roa (raw, json) Hash identifier: zGj4ODqQNNHMwu3W0g+ZypTEkEg+spfxcouzftXCqZ0= Subject key identifier: 86:63:B9:B6:AE:64:B0:39:E1:C7:E9:6F:A7:54:1D:00:87:F1:4D:8B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 22B3729772C4197ACE0141DB864B5BCBD53E5162 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3ea6b312-7b38-4ea1-b02d-674fb5a5448e.roa Signing time: Tue 23 Apr 2024 00:00:00 +0000 ROA not before: Tue 23 Apr 2024 00:00:00 +0000 ROA not after: Tue 28 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:c800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 09 May 2024 00:01:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:b3:72:97:72:c4:19:7a:ce:01:41:db:86:4b:5b:cb:d5:3e:51:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 23 00:00:00 2024 GMT Not After : May 28 23:59:59 2024 GMT Subject: serialNumber=a4f92196bd6a6ac69d73348e0877ff968b6ad6fc2135be545f2d35e755b38900, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:2f:31:55:0b:26:ff:13:1f:f4:0c:76:d1:51: 5b:e7:0c:e3:f7:89:5e:84:65:04:05:5e:46:6c:69: ee:7d:8a:0e:ff:cf:fa:41:b6:92:92:ab:ba:ac:37: 4e:c1:dc:ee:5b:96:41:59:06:90:72:e3:75:e1:f9: df:71:ae:a5:a4:eb:c7:ef:6a:e0:20:c7:08:70:90: 02:e1:b0:68:88:3e:39:81:99:93:13:70:20:60:f4: ce:bb:2a:99:9e:5d:08:86:3a:c2:24:07:04:db:73: c4:2c:21:94:c6:04:ff:26:7f:46:c8:c6:33:72:35: 50:eb:be:e4:e6:3d:b8:e5:1c:e0:5d:42:fb:7d:40: 97:29:4b:b6:e3:cf:61:6e:92:ef:33:b4:3f:7d:9e: 84:df:5a:17:49:c0:7b:e8:17:94:34:b6:55:08:31: c5:3f:0c:45:1b:71:4c:bb:56:15:a7:c2:ec:a1:cc: 98:cf:58:76:ab:b7:67:79:6f:35:f4:fc:41:ed:60: 1b:05:80:d4:90:9d:95:97:9d:08:92:8a:ea:13:93: 9a:87:2f:e3:cd:bb:87:a0:23:f9:7b:d0:40:e6:0c: fa:9c:f2:d9:ff:21:66:6e:14:ac:41:fe:ba:37:8c: 61:77:14:0f:52:d2:e7:92:61:48:c5:f3:cc:c9:54: 7b:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:63:B9:B6:AE:64:B0:39:E1:C7:E9:6F:A7:54:1D:00:87:F1:4D:8B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3ea6b312-7b38-4ea1-b02d-674fb5a5448e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:c800::/40 Signature Algorithm: sha256WithRSAEncryption 2b:e8:29:be:04:0a:cf:0d:77:8c:64:71:8f:bf:b8:38:6e:14: 64:6d:41:46:d5:4d:13:09:a4:2f:67:a6:55:4c:da:c6:9c:b4: 39:a9:f6:d6:84:71:13:d3:4a:50:f5:de:5e:46:bd:af:46:b8: 2c:d7:7e:e4:e2:37:57:f2:01:63:3f:88:22:42:4e:60:1e:1f: 88:49:3f:0a:5b:0e:52:82:8b:aa:80:db:ab:6e:c7:33:80:15: 2e:7a:cd:2f:67:7e:ef:87:48:d8:81:62:f8:70:a7:54:07:1e: f8:47:88:12:d7:1c:e4:7a:b3:27:08:1c:1a:0f:4b:3e:1e:5d: 12:5d:31:3c:e4:62:f7:52:5a:c4:42:aa:05:8c:03:b4:7f:26: b5:80:53:c0:45:69:e0:77:e9:2a:b8:55:c8:e5:49:e2:3c:db: e3:0d:3c:07:d3:b0:52:9d:54:80:98:cd:66:fc:53:56:ed:9f: 5d:3d:de:0f:b0:b0:ff:71:f8:70:6e:50:d7:26:f2:47:94:80: 96:43:f1:33:62:7a:a5:7b:3d:a2:9d:d4:f3:5c:ab:f7:31:74: 02:04:10:c6:1c:b1:7e:93:70:14:76:f3:31:a7:7b:0a:43:bc: 56:c6:8a:ae:ae:9b:37:aa:48:6f:9b:44:c2:d9:2c:ed:01:ea: 17:b3:8c:84 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUIrNyl3LEGXrOAUHbhktby9U+UWIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQyMzAwMDAwMFoX DTI0MDUyODIzNTk1OVowejFJMEcGA1UEBRNAYTRmOTIxOTZiZDZhNmFjNjlkNzMz NDhlMDg3N2ZmOTY4YjZhZDZmYzIxMzViZTU0NWYyZDM1ZTc1NWIzODkwMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoS8xVQsm/xMf9Ax20VFb5wzj94le hGUEBV5GbGnufYoO/8/6QbaSkqu6rDdOwdzuW5ZBWQaQcuN14fnfca6lpOvH72rg IMcIcJAC4bBoiD45gZmTE3AgYPTOuyqZnl0IhjrCJAcE23PELCGUxgT/Jn9GyMYz cjVQ677k5j245RzgXUL7fUCXKUu2489hbpLvM7Q/fZ6E31oXScB76BeUNLZVCDHF PwxFG3FMu1YVp8LsocyYz1h2q7dneW819PxB7WAbBYDUkJ2Vl50IkorqE5Oahy/j zbuHoCP5e9BA5gz6nPLZ/yFmbhSsQf66N4xhdxQPUtLnkmFIxfPMyVR7MwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIZjubauZLA54cfpb6dUHQCH8U2LMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNlYTZiMzEyLTdiMzgtNGVhMS1iMDJkLTY3NGZiNWE1NDQ4ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8sgwDQYJKoZIhvcNAQELBQADggEBACvoKb4ECs8Nd4xkcY+/ uDhuFGRtQUbVTRMJpC9nplVM2sactDmp9taEcRPTSlD13l5Gva9GuCzXfuTiN1fy AWM/iCJCTmAeH4hJPwpbDlKCi6qA26tuxzOAFS56zS9nfu+HSNiBYvhwp1QHHvhH iBLXHOR6sycIHBoPSz4eXRJdMTzkYvdSWsRCqgWMA7R/JrWAU8BFaeB36Sq4Vcjl SeI82+MNPAfTsFKdVICYzWb8U1btn1093g+wsP9x+HBuUNcm8keUgJZD8TNieqV7 PaKd1PNcq/cxdAIEEMYcsX6TcBR28zGnewpDvFbGiq6umzeqSG+bRMLZLO0B6hez jIQ= -----END CERTIFICATE-----Generated at Sun May 5 01:11:58 2024 by rpki-client on console-ams.rpki-client.org