$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49a679dd-b6ba-4b54-beeb-b3e83302b998.roa File: 49a679dd-b6ba-4b54-beeb-b3e83302b998.roa (raw, json) Hash identifier: TWSFWLaiJEaPcOK9KV2dg/jQJvWit9e11U79iqyFtEA= Subject key identifier: 95:AE:FE:65:3C:A2:2A:1E:66:77:61:2B:78:02:B8:27:5D:8D:C6:FF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6555E2F77B4001F5120BEEF532A32AAC40B86B34 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49a679dd-b6ba-4b54-beeb-b3e83302b998.roa Signing time: Wed 10 Apr 2024 00:00:00 +0000 ROA not before: Wed 10 Apr 2024 00:00:00 +0000 ROA not after: Wed 15 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 06 May 2024 15:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:55:e2:f7:7b:40:01:f5:12:0b:ee:f5:32:a3:2a:ac:40:b8:6b:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 10 00:00:00 2024 GMT Not After : May 15 23:59:59 2024 GMT Subject: serialNumber=9ce7a8f33dfcdca72f1e86796c0d8f538fa7ff02fb6c9313b8b3b124b24c0c72, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:50:51:8e:0d:4e:b7:01:91:ff:d7:64:8b:31: 08:2c:3b:66:60:c7:a4:47:df:eb:0e:43:4a:1b:6a: 32:9b:de:e9:35:7e:7d:c9:f7:73:dd:34:4d:d6:5b: db:de:1a:ab:c5:9a:73:29:35:bb:cd:f3:de:ca:8b: 81:54:ba:b9:2e:6b:10:91:be:81:da:3b:a2:24:8f: 83:86:eb:b7:a0:ad:a8:01:ca:b2:3f:b5:91:c8:8c: 4d:ff:9d:62:b0:7c:12:61:7c:13:e6:2b:dc:2a:ab: 94:dc:f6:e0:e1:77:23:0f:c3:ca:f7:ee:b0:da:5b: 90:03:1d:19:40:b4:1f:4a:f2:11:0a:b2:63:71:9f: 97:8d:ee:ca:80:18:03:66:d0:16:42:3b:27:13:24: f7:a0:f9:ec:e6:0a:f7:63:de:ce:8c:d4:10:d8:1f: 3c:83:50:07:e8:94:7e:3b:2f:0a:99:ad:bf:2e:d1: c3:ab:71:a0:fc:0e:ce:57:9f:d9:1a:57:f1:5b:73: a1:36:7f:db:e4:25:2a:4e:c6:e4:d3:3f:d4:81:33: 41:c5:51:ca:a3:db:9b:9d:63:a2:a3:0a:fa:e8:66: 92:ed:23:88:60:79:9c:f2:15:38:5a:85:97:49:95: 5e:7a:2e:7a:8e:c2:cd:18:20:bd:4d:2d:23:1b:ef: d5:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:AE:FE:65:3C:A2:2A:1E:66:77:61:2B:78:02:B8:27:5D:8D:C6:FF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49a679dd-b6ba-4b54-beeb-b3e83302b998.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:800::/40 Signature Algorithm: sha256WithRSAEncryption b8:c3:ce:57:90:dc:de:2d:05:39:2f:0c:26:7b:a3:23:5a:50: 0f:a7:91:f2:02:cb:29:26:45:47:17:a4:61:3d:23:00:da:d4: 43:df:76:be:fc:b2:dd:33:fc:01:70:1a:3c:2f:8c:72:dc:55: 3d:93:5d:f8:40:7d:1c:33:d7:a4:fa:34:2e:6d:fa:90:b2:f2: 7d:4c:17:55:3f:e8:1e:cd:00:fb:f0:21:e9:b0:bd:8b:a4:e5: 96:e1:30:e0:9f:19:c6:31:e0:cd:9f:65:8b:c7:76:74:4b:df: 09:b1:f6:a3:db:05:fe:d4:e3:4c:dc:d2:08:58:27:a5:b6:76: b4:cc:75:9b:30:57:b4:f3:64:71:7c:9b:3d:a6:62:fd:c5:82: 17:cc:ee:5f:fc:a5:06:83:97:74:78:b9:38:63:35:a7:9a:d1: 23:7a:59:9c:dd:90:ef:6d:93:ae:56:a3:f8:0b:dd:0a:9c:06: 63:ac:f3:74:d0:4f:25:48:ac:47:52:42:78:17:ef:32:ca:ec: 10:80:31:2f:79:0e:a1:84:a9:08:b1:cd:b7:a6:e4:be:13:87: f2:29:18:8f:5e:70:77:20:d8:1e:69:92:21:08:80:14:1b:fa: c4:04:a6:05:16:61:8a:97:80:72:c6:32:13:4c:83:4c:09:c0: 24:55:fb:e0 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZVXi93tAAfUSC+71MqMqrEC4azQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQxMDAwMDAwMFoX DTI0MDUxNTIzNTk1OVowejFJMEcGA1UEBRNAOWNlN2E4ZjMzZGZjZGNhNzJmMWU4 Njc5NmMwZDhmNTM4ZmE3ZmYwMmZiNmM5MzEzYjhiM2IxMjRiMjRjMGM3MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllBRjg1OtwGR/9dkizEILDtmYMek R9/rDkNKG2oym97pNX59yfdz3TRN1lvb3hqrxZpzKTW7zfPeyouBVLq5LmsQkb6B 2juiJI+Dhuu3oK2oAcqyP7WRyIxN/51isHwSYXwT5ivcKquU3Pbg4XcjD8PK9+6w 2luQAx0ZQLQfSvIRCrJjcZ+Xje7KgBgDZtAWQjsnEyT3oPns5gr3Y97OjNQQ2B88 g1AH6JR+Oy8Kma2/LtHDq3Gg/A7OV5/ZGlfxW3OhNn/b5CUqTsbk0z/UgTNBxVHK o9ubnWOiowr66GaS7SOIYHmc8hU4WoWXSZVeei56jsLNGCC9TS0jG+/VbwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJWu/mU8oioeZndhK3gCuCddjcb/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ5YTY3OWRkLWI2YmEtNGI1NC1iZWViLWIzZTgzMzAyYjk5OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8QgwDQYJKoZIhvcNAQELBQADggEBALjDzleQ3N4tBTkvDCZ7 oyNaUA+nkfICyykmRUcXpGE9IwDa1EPfdr78st0z/AFwGjwvjHLcVT2TXfhAfRwz 16T6NC5t+pCy8n1MF1U/6B7NAPvwIemwvYuk5ZbhMOCfGcYx4M2fZYvHdnRL3wmx 9qPbBf7U40zc0ghYJ6W2drTMdZswV7TzZHF8mz2mYv3FghfM7l/8pQaDl3R4uThj Naea0SN6WZzdkO9tk65Wo/gL3QqcBmOs83TQTyVIrEdSQngX7zLK7BCAMS95DqGE qQixzbem5L4Th/IpGI9ecHcg2B5pkiEIgBQb+sQEpgUWYYqXgHLGMhNMg0wJwCRV ++A= -----END CERTIFICATE-----Generated at Thu May 2 20:03:15 2024 by rpki-client on console-ams.rpki-client.org