$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d9c63de-e5b5-43d1-a1f9-ad5d3ec72b02.roa File: 4d9c63de-e5b5-43d1-a1f9-ad5d3ec72b02.roa (raw, json) Hash identifier: mdlkzLvWsraa5TVuSnmfVLPKqIW+NxcNxDcT+73pOv0= Subject key identifier: 98:5D:1D:01:C7:0F:78:91:B0:23:F1:B1:B0:96:5A:F1:B0:B5:26:97 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4976454C4BEBE8141E745EEB2978FB8CAF067FFE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d9c63de-e5b5-43d1-a1f9-ad5d3ec72b02.roa Signing time: Mon 18 Sep 2023 00:00:00 +0000 ROA not before: Mon 18 Sep 2023 00:00:00 +0000 ROA not after: Mon 23 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafc:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 20 Sep 2023 03:07:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:76:45:4c:4b:eb:e8:14:1e:74:5e:eb:29:78:fb:8c:af:06:7f:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 18 00:00:00 2023 GMT Not After : Oct 23 23:59:59 2023 GMT Subject: serialNumber=08b2720fb100ed71cfa2c493e1fd4bf4dfc90e15ba9878039fa6e32ef5367e2e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:6c:76:1b:e4:b8:e0:e3:2f:57:13:be:be:f3: 64:70:1e:94:ef:b0:51:1a:26:99:bb:8f:e8:31:76: 0f:88:4f:7e:7f:a3:ad:cb:e0:6e:66:2d:d4:4a:ef: a0:81:8c:83:f1:ab:eb:2f:b8:9b:1c:98:7f:2a:78: 6f:d2:61:48:b4:14:15:fa:b6:a8:77:0d:81:2e:08: 43:a8:07:e0:0f:70:95:62:dd:0e:86:8d:0e:91:cb: e9:7a:05:e4:f3:4d:da:ce:2b:09:c3:00:30:36:b7: 82:3f:09:a3:ba:3e:5e:ad:1c:cb:a1:7d:55:3a:bb: 43:b0:89:85:52:60:1a:1b:a3:06:ac:f2:3a:54:98: 05:19:77:e2:f5:f7:d7:37:f4:4e:8a:12:04:d2:82: 88:0c:79:98:84:c9:a4:fc:66:97:0d:f0:41:af:05: 06:80:c7:be:95:e3:8e:4a:53:e7:69:1d:f5:74:73: 20:28:9f:4c:8a:8b:a6:c8:d0:ab:b2:c9:ea:8e:90: e1:6b:37:5f:ea:fc:4f:35:86:41:49:33:91:10:eb: 13:0e:16:2d:bc:92:a0:8e:c3:90:00:60:6c:74:85: 25:0d:eb:42:b9:59:16:51:dd:6e:bd:6e:16:d2:24: 0f:d2:26:08:50:fb:cb:42:b1:f7:2f:7a:bb:86:4c: 98:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:5D:1D:01:C7:0F:78:91:B0:23:F1:B1:B0:96:5A:F1:B0:B5:26:97 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d9c63de-e5b5-43d1-a1f9-ad5d3ec72b02.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafc:f000::/40 Signature Algorithm: sha256WithRSAEncryption 21:0b:19:a4:04:45:f9:c3:ac:0a:5e:c7:bf:e8:f7:0c:37:5b: 9c:c2:db:42:de:76:f9:4d:a7:6a:f2:a6:1a:a7:ed:39:f7:77: 59:f1:50:4b:96:7c:61:cf:c8:05:eb:4a:31:27:a9:cb:85:8e: 5f:2a:30:08:58:8a:dc:25:07:d4:22:6c:4b:9a:9c:fe:b9:a2: 89:56:fe:3c:e8:8b:86:00:5b:c4:9a:df:6d:a2:1d:d0:88:59: e2:7c:91:fa:5f:bf:73:36:e2:88:58:df:df:f3:66:13:14:ac: 78:d0:e3:1b:8f:28:2b:84:6e:ff:0d:5f:76:0c:d6:22:d8:e9: 89:b0:70:30:f4:95:66:d7:07:6e:f8:cc:30:d4:0e:cd:b7:3f: 72:5f:4b:84:a1:c0:c5:f4:7f:87:c1:92:00:61:b2:fe:0f:c2: 4e:2f:44:ec:f8:44:d2:1e:0e:9b:a3:5b:20:1c:e8:20:57:5f: df:7a:3f:2b:23:2c:1e:da:b3:c9:1e:37:ea:16:c7:e9:b8:90: 2a:af:85:65:51:fa:96:11:64:08:6b:87:2d:58:cf:41:37:b8: 89:78:2e:b1:3b:62:b3:5d:83:88:cb:b9:86:1a:1e:48:90:97: 30:54:1a:6f:68:da:4b:db:6f:61:a8:d1:db:2c:cf:03:cb:ff: e1:da:6d:08 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUSXZFTEvr6BQedF7rKXj7jK8Gf/4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkxODAwMDAwMFoX DTIzMTAyMzIzNTk1OVowejFJMEcGA1UEBRNAMDhiMjcyMGZiMTAwZWQ3MWNmYTJj NDkzZTFmZDRiZjRkZmM5MGUxNWJhOTg3ODAzOWZhNmUzMmVmNTM2N2UyZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02x2G+S44OMvVxO+vvNkcB6U77BR GiaZu4/oMXYPiE9+f6Oty+BuZi3USu+ggYyD8avrL7ibHJh/Knhv0mFItBQV+rao dw2BLghDqAfgD3CVYt0Oho0OkcvpegXk803azisJwwAwNreCPwmjuj5erRzLoX1V OrtDsImFUmAaG6MGrPI6VJgFGXfi9ffXN/ROihIE0oKIDHmYhMmk/GaXDfBBrwUG gMe+leOOSlPnaR31dHMgKJ9MioumyNCrssnqjpDhazdf6vxPNYZBSTOREOsTDhYt vJKgjsOQAGBsdIUlDetCuVkWUd1uvW4W0iQP0iYIUPvLQrH3L3q7hkyY5QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJhdHQHHD3iRsCPxsbCWWvGwtSaXMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRkOWM2M2RlLWU1YjUtNDNkMS1hMWY5LWFkNWQzZWM3MmIwMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/PAwDQYJKoZIhvcNAQELBQADggEBACELGaQERfnDrApex7/o 9ww3W5zC20LedvlNp2ryphqn7Tn3d1nxUEuWfGHPyAXrSjEnqcuFjl8qMAhYitwl B9QibEuanP65oolW/jzoi4YAW8Sa322iHdCIWeJ8kfpfv3M24ohY39/zZhMUrHjQ 4xuPKCuEbv8NX3YM1iLY6YmwcDD0lWbXB274zDDUDs23P3JfS4ShwMX0f4fBkgBh sv4Pwk4vROz4RNIeDpujWyAc6CBXX996PysjLB7as8keN+oWx+m4kCqvhWVR+pYR ZAhrhy1Yz0E3uIl4LrE7YrNdg4jLuYYaHkiQlzBUGm9o2kvbb2Go0dsszwPL/+Ha bQg= -----END CERTIFICATE-----Generated at Mon Sep 18 15:24:45 2023 by rpki-client on console-fra.rpki-client.org