$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49c96710-1e67-4b08-aeed-9db02b3e6469.roa File: 49c96710-1e67-4b08-aeed-9db02b3e6469.roa (raw, json) Hash identifier: BEQENyWM9Wz7GZ/BP+8xMRwQH5r2WMvR0I149qKQyJQ= Subject key identifier: 66:D5:33:A4:FA:F6:5D:6D:B2:00:B0:25:A1:DF:19:FF:F3:2C:8B:7B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3D73036D955BFDCCB5B3704153D22DA5E8830FEA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49c96710-1e67-4b08-aeed-9db02b3e6469.roa Signing time: Tue 09 Jul 2024 00:00:00 +0000 ROA not before: Tue 09 Jul 2024 00:00:00 +0000 ROA not after: Tue 13 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf5:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:73:03:6d:95:5b:fd:cc:b5:b3:70:41:53:d2:2d:a5:e8:83:0f:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 9 00:00:00 2024 GMT Not After : Aug 13 23:59:59 2024 GMT Subject: serialNumber=5cd9570b6d496ff305361f007fd4915362b3db75294f3e9f5b36f4615145e8c1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:7a:64:fb:42:05:52:d6:34:3e:40:07:fd:6c: dc:39:ef:4c:2f:b3:f9:aa:0f:04:ec:e9:ca:6f:46: e1:3a:16:50:88:7f:e7:90:e5:b2:3c:0b:47:fc:86: 0e:78:33:54:32:b4:37:75:da:b0:0e:8a:3d:8a:95: 21:6c:18:da:9a:84:0a:9c:27:75:8f:ec:5d:af:20: e4:82:6f:35:19:b5:1c:48:8f:ff:69:e0:56:e6:38: 85:05:b6:82:be:aa:59:d8:17:a0:f0:7c:ef:57:ee: 61:8d:5f:62:66:5e:40:7c:e8:77:6d:50:cb:59:96: bb:01:37:d1:b2:4e:c7:ad:b5:f5:b1:cb:42:a3:62: 07:f0:cc:a5:68:06:01:af:f3:d1:2d:1a:b8:02:84: 4b:aa:21:25:f6:0c:f3:72:78:44:a6:f7:11:06:cc: dd:28:79:c9:63:55:b3:1e:30:27:ad:4a:e5:2c:84: 3c:ee:ef:01:67:60:c2:7c:ed:ee:85:ea:2e:a8:51: 66:57:1e:b4:97:04:95:88:24:49:90:bb:54:c2:67: 7e:bc:d3:4e:13:0b:76:52:6e:64:25:95:10:49:f0: 4b:97:e2:5e:9a:95:71:5a:42:d1:29:80:cf:4e:95: 81:ab:e5:44:22:9f:26:ef:88:db:21:71:ee:15:3c: 3d:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:D5:33:A4:FA:F6:5D:6D:B2:00:B0:25:A1:DF:19:FF:F3:2C:8B:7B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49c96710-1e67-4b08-aeed-9db02b3e6469.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf5:e000::/40 Signature Algorithm: sha256WithRSAEncryption 67:28:98:07:62:34:db:1a:7c:ee:2d:50:da:70:6a:ba:ce:3f: 87:fb:3b:3b:b8:2b:db:a1:5a:a6:67:64:2a:65:64:0b:49:80: 42:44:21:dd:db:37:5a:20:9a:fe:80:92:ec:a6:f9:8d:31:02: 13:43:2e:4b:a3:62:01:d4:6a:49:5d:25:42:7d:5a:98:f4:2a: 5a:75:24:03:88:2a:cf:53:4d:0d:d3:4a:17:42:c3:ec:f7:5c: 06:67:d3:69:2c:a8:79:3b:73:e8:33:64:09:64:4e:f0:d8:d0: b5:a4:f5:f6:0b:be:8f:8e:20:d2:44:fb:58:5f:c4:32:d3:99: ab:7b:44:c1:6d:c2:51:be:36:f7:2c:59:3e:aa:5d:17:9d:81: 71:0d:48:81:22:eb:1f:58:34:40:c8:e6:4d:83:bd:63:6b:a5: 07:19:b7:36:ff:85:84:96:54:e8:0c:1f:68:fd:07:83:36:e4: f2:80:82:10:f3:4f:12:87:c6:4b:53:77:1b:ba:5a:c4:81:5c: 9e:b5:96:71:7b:61:d3:b2:8e:d6:06:c4:7d:da:09:34:34:24: 8f:44:bf:92:71:25:41:5a:56:b2:51:d8:27:f1:7b:54:3a:44: a1:74:7e:42:06:c3:19:5f:dc:62:d0:e6:f3:3b:ac:3b:db:ab: e3:9e:63:72 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPXMDbZVb/cy1s3BBU9ItpeiDD+owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcwOTAwMDAwMFoX DTI0MDgxMzIzNTk1OVowejFJMEcGA1UEBRNANWNkOTU3MGI2ZDQ5NmZmMzA1MzYx ZjAwN2ZkNDkxNTM2MmIzZGI3NTI5NGYzZTlmNWIzNmY0NjE1MTQ1ZThjMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHpk+0IFUtY0PkAH/WzcOe9ML7P5 qg8E7OnKb0bhOhZQiH/nkOWyPAtH/IYOeDNUMrQ3ddqwDoo9ipUhbBjamoQKnCd1 j+xdryDkgm81GbUcSI//aeBW5jiFBbaCvqpZ2Beg8HzvV+5hjV9iZl5AfOh3bVDL WZa7ATfRsk7HrbX1sctCo2IH8MylaAYBr/PRLRq4AoRLqiEl9gzzcnhEpvcRBszd KHnJY1WzHjAnrUrlLIQ87u8BZ2DCfO3uheouqFFmVx60lwSViCRJkLtUwmd+vNNO Ewt2Um5kJZUQSfBLl+JempVxWkLRKYDPTpWBq+VEIp8m74jbIXHuFTw9yQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGbVM6T69l1tsgCwJaHfGf/zLIt7MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ5Yzk2NzEwLTFlNjctNGIwOC1hZWVkLTlkYjAyYjNlNjQ2OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9eAwDQYJKoZIhvcNAQELBQADggEBAGcomAdiNNsafO4tUNpw arrOP4f7Ozu4K9uhWqZnZCplZAtJgEJEId3bN1ogmv6Akuym+Y0xAhNDLkujYgHU akldJUJ9Wpj0Klp1JAOIKs9TTQ3TShdCw+z3XAZn02ksqHk7c+gzZAlkTvDY0LWk 9fYLvo+OINJE+1hfxDLTmat7RMFtwlG+NvcsWT6qXRedgXENSIEi6x9YNEDI5k2D vWNrpQcZtzb/hYSWVOgMH2j9B4M25PKAghDzTxKHxktTdxu6WsSBXJ61lnF7YdOy jtYGxH3aCTQ0JI9Ev5JxJUFaVrJR2Cfxe1Q6RKF0fkIGwxlf3GLQ5vM7rDvbq+Oe Y3I= -----END CERTIFICATE-----Generated at Fri Jul 26 02:06:15 2024 by rpki-client on console-fra.rpki-client.org