$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49c96710-1e67-4b08-aeed-9db02b3e6469.roa File: 49c96710-1e67-4b08-aeed-9db02b3e6469.roa (raw, json) Hash identifier: OnTAJIFgGnzzzk9W5+yKpQDjUiW+01rhZNTXrLUcgNA= Subject key identifier: F3:20:B5:D5:51:56:C4:67:DF:87:CD:1B:AB:CD:F8:F6:D9:DF:AF:FD Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3963A1AC0AA7A0E420992406CF548792093FD1FF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49c96710-1e67-4b08-aeed-9db02b3e6469.roa Signing time: Wed 24 Apr 2024 00:00:00 +0000 ROA not before: Wed 24 Apr 2024 00:00:00 +0000 ROA not after: Wed 29 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf5:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 06 May 2024 15:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:63:a1:ac:0a:a7:a0:e4:20:99:24:06:cf:54:87:92:09:3f:d1:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 24 00:00:00 2024 GMT Not After : May 29 23:59:59 2024 GMT Subject: serialNumber=f611cf6315415779066d9d3b2ef0b7c8ffd4f92acac5fab79a5a11cdfacaa49e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:27:58:77:5b:5d:84:11:25:e1:06:85:9a:d6: be:0d:03:5c:99:0f:49:8a:39:f7:7f:44:af:00:32: de:dd:c6:0f:4d:e3:70:83:8c:46:13:16:ab:74:85: d0:ac:5c:39:15:8d:73:14:7a:71:b3:2b:e1:3f:7b: 82:57:dc:39:cd:9e:a2:3a:6b:ef:5c:b4:4b:43:02: 6e:be:9b:71:5f:d3:c6:a4:83:c2:f6:e8:a7:2b:eb: f9:95:9d:00:79:87:4a:35:47:b6:e8:ba:ff:0b:ed: 78:f3:65:e8:3f:1f:2e:fd:62:7a:fa:fc:3c:87:94: d9:99:1b:d1:1c:14:98:f2:56:3b:e9:15:cf:bd:0e: 51:fe:dc:42:59:6d:26:45:b5:9a:bb:44:c2:75:a9: 17:45:29:48:f4:d7:0b:7b:dd:75:f0:0a:5f:41:1b: b8:ca:ba:b0:e6:0b:3a:7a:22:9f:a7:de:15:6d:f1: 6c:16:6c:73:65:2b:d8:87:b9:b0:1e:dc:2a:52:d9: ff:5a:a9:d0:ce:e7:cb:32:e2:18:c3:8e:37:15:52: 44:69:66:0f:6c:c4:91:f3:d4:8a:58:ae:d3:c4:38: 26:9e:b7:70:27:ba:08:cf:bc:63:97:94:08:f2:ae: 88:4e:a1:d3:77:b2:a7:fa:db:9f:6f:f6:ab:27:ff: a5:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:20:B5:D5:51:56:C4:67:DF:87:CD:1B:AB:CD:F8:F6:D9:DF:AF:FD X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49c96710-1e67-4b08-aeed-9db02b3e6469.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf5:e000::/40 Signature Algorithm: sha256WithRSAEncryption 1e:d0:29:d9:5c:b1:77:a8:ca:75:6f:18:75:e5:54:3f:ce:d9: 08:7a:b9:a4:22:93:11:c2:fb:49:42:c1:bf:b8:87:c3:47:d0: 4e:b7:9a:fb:af:e8:66:b7:fc:d9:a4:ba:3a:51:e0:f7:d1:86: 41:33:65:75:4c:2f:f4:5b:3d:17:a1:26:2e:31:fc:30:00:ef: cf:0c:2f:03:b3:16:33:34:5c:c4:6e:19:54:95:6a:c4:af:d9: 14:29:f1:99:16:bb:fd:e7:a2:c6:6d:1a:6c:d5:14:b8:56:da: b9:24:0e:f5:ae:43:48:f2:4f:7d:a6:3c:bf:ce:bf:fe:05:d5: 6b:85:fc:4b:bf:17:71:2a:1e:b2:38:47:40:ff:ce:3d:01:3f: 4b:d9:fa:9c:33:9f:f4:3f:bd:42:45:71:f8:28:1a:32:4e:9f: 88:74:2a:34:fc:57:18:b1:3f:12:ef:86:99:de:fb:e3:a2:cb: 8a:a4:d4:70:f6:8b:f8:0a:7d:11:d1:dc:2d:4a:a5:67:3b:c0: 85:44:dc:c9:27:11:55:a5:7d:07:67:03:6d:31:81:8b:6a:60: 72:3c:92:db:90:ae:aa:e4:ac:c5:bb:52:75:79:5f:4a:46:75: 53:a9:1e:62:02:49:05:be:83:bb:e0:c8:74:e5:2a:3b:7d:9d: 74:e8:a5:80 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUOWOhrAqnoOQgmSQGz1SHkgk/0f8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQyNDAwMDAwMFoX DTI0MDUyOTIzNTk1OVowejFJMEcGA1UEBRNAZjYxMWNmNjMxNTQxNTc3OTA2NmQ5 ZDNiMmVmMGI3YzhmZmQ0ZjkyYWNhYzVmYWI3OWE1YTExY2RmYWNhYTQ5ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlydYd1tdhBEl4QaFmta+DQNcmQ9J ijn3f0SvADLe3cYPTeNwg4xGExardIXQrFw5FY1zFHpxsyvhP3uCV9w5zZ6iOmvv XLRLQwJuvptxX9PGpIPC9uinK+v5lZ0AeYdKNUe26Lr/C+1482XoPx8u/WJ6+vw8 h5TZmRvRHBSY8lY76RXPvQ5R/txCWW0mRbWau0TCdakXRSlI9NcLe9118ApfQRu4 yrqw5gs6eiKfp94VbfFsFmxzZSvYh7mwHtwqUtn/WqnQzufLMuIYw443FVJEaWYP bMSR89SKWK7TxDgmnrdwJ7oIz7xjl5QI8q6ITqHTd7Kn+tufb/arJ/+lbQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPMgtdVRVsRn34fNG6vN+PbZ36/9MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ5Yzk2NzEwLTFlNjctNGIwOC1hZWVkLTlkYjAyYjNlNjQ2OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9eAwDQYJKoZIhvcNAQELBQADggEBAB7QKdlcsXeoynVvGHXl VD/O2Qh6uaQikxHC+0lCwb+4h8NH0E63mvuv6Ga3/NmkujpR4PfRhkEzZXVML/Rb PRehJi4x/DAA788MLwOzFjM0XMRuGVSVasSv2RQp8ZkWu/3nosZtGmzVFLhW2rkk DvWuQ0jyT32mPL/Ov/4F1WuF/Eu/F3EqHrI4R0D/zj0BP0vZ+pwzn/Q/vUJFcfgo GjJOn4h0KjT8VxixPxLvhpne++Oiy4qk1HD2i/gKfRHR3C1KpWc7wIVE3MknEVWl fQdnA20xgYtqYHI8ktuQrqrkrMW7UnV5X0pGdVOpHmICSQW+g7vgyHTlKjt9nXTo pYA= -----END CERTIFICATE-----Generated at Thu May 2 17:40:58 2024 by rpki-client on console-fra.rpki-client.org