$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4e351fa8-3b89-4512-a16b-5c307fc6f611.roa File: 4e351fa8-3b89-4512-a16b-5c307fc6f611.roa (raw, json) Hash identifier: 3PogrS7ZCUYvWTFdCriOz0S6Ifc08M0ZVSbV3XJfGtQ= Subject key identifier: 75:22:0F:18:4B:06:BE:16:E7:C3:3D:63:25:5B:60:55:F5:DE:07:B8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 44402464FB657065ECA675862A5552299637359F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4e351fa8-3b89-4512-a16b-5c307fc6f611.roa Signing time: Wed 10 Apr 2024 00:00:00 +0000 ROA not before: Wed 10 Apr 2024 00:00:00 +0000 ROA not after: Wed 15 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf0:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 06 May 2024 15:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:40:24:64:fb:65:70:65:ec:a6:75:86:2a:55:52:29:96:37:35:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 10 00:00:00 2024 GMT Not After : May 15 23:59:59 2024 GMT Subject: serialNumber=6c672c81117290c028438e0aad7c522490f5313b8be81303a8902f0f3927b5c5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:7a:9f:4f:60:b9:91:0f:35:d8:27:2d:21:85: 63:98:5c:7c:4d:90:4b:7b:f3:ac:0d:e2:05:b0:ad: 4c:01:ff:90:ee:14:30:1b:ea:de:50:b8:8c:75:8b: 5c:6f:ed:97:0f:73:df:42:30:c8:0b:e6:20:b8:93: 82:dd:7e:5e:73:34:05:50:e9:c9:57:54:13:24:68: 63:e1:ce:fe:6a:56:26:ce:53:b8:5e:68:2a:38:ba: 97:35:e0:2c:00:43:5c:e9:ba:bc:8a:dd:76:de:58: 6f:52:72:04:d5:30:86:95:6b:79:69:54:4b:84:00: 89:75:27:fb:2a:db:bd:ac:4a:df:f7:6e:ad:3c:d4: 5d:7c:79:e5:45:77:71:be:06:62:51:91:93:ba:8f: 15:26:ee:18:47:87:6d:9b:03:1d:1e:fd:ed:a1:11: f1:1b:67:52:cb:15:12:28:94:a5:cf:29:72:b1:2d: 9b:ac:ac:1e:be:0c:b1:2d:ae:86:40:1d:fb:b5:83: ad:a9:eb:c5:e6:30:ba:5e:b6:52:75:79:cb:43:ce: 0f:b8:ac:b3:26:15:d9:1c:f8:6f:a1:b9:31:23:94: 93:67:2c:22:b3:1b:3e:b7:3b:5d:9c:01:a0:48:d1: 62:32:a2:26:35:76:7e:d5:92:0c:c8:61:7f:63:d6: 8e:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:22:0F:18:4B:06:BE:16:E7:C3:3D:63:25:5B:60:55:F5:DE:07:B8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4e351fa8-3b89-4512-a16b-5c307fc6f611.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf0:800::/40 Signature Algorithm: sha256WithRSAEncryption 74:dc:e3:9d:60:36:c8:7a:ac:fa:ed:02:d3:d7:31:cd:7d:6a: b5:d7:42:4f:ce:a7:95:1b:35:29:b8:17:97:37:1d:d7:50:97: 27:2f:3a:8e:1f:75:fc:95:af:5b:79:1c:4a:25:1e:31:b6:80: 32:61:57:a0:19:73:ee:c3:d5:1c:95:58:9b:e9:4e:b0:ee:e5: b9:22:ba:5e:ec:67:b6:d3:98:37:94:c5:c7:22:9a:2c:8d:ea: 3d:98:73:74:4f:6b:27:15:82:9d:6c:a2:8e:47:d3:8e:99:dd: 66:a8:d6:16:c4:7e:ea:0f:f7:61:4b:67:84:41:a8:7c:40:ae: 37:f0:16:3e:63:98:de:e9:e0:f2:41:94:a3:ef:eb:03:ca:b5: 2c:0c:cd:2d:74:b9:c6:93:45:46:41:ba:6c:6b:1a:c6:61:8f: c9:7c:86:ff:f6:c0:fb:d4:e8:95:ce:b5:9e:8c:3d:0d:82:51: 2b:6d:6c:3f:56:a9:ed:0c:f8:17:77:27:2d:bf:79:56:c7:be: a3:b6:71:94:75:65:cf:ec:3a:f4:45:09:3a:8e:76:84:a3:39: 2c:81:4c:df:6c:2d:ae:c4:a4:00:fc:fa:f4:de:d2:37:0c:a9: 21:5b:25:f1:ad:85:26:d7:c5:b6:2b:ec:a1:f6:7a:2c:65:ff: 3b:1b:9a:8e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUREAkZPtlcGXspnWGKlVSKZY3NZ8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQxMDAwMDAwMFoX DTI0MDUxNTIzNTk1OVowejFJMEcGA1UEBRNANmM2NzJjODExMTcyOTBjMDI4NDM4 ZTBhYWQ3YzUyMjQ5MGY1MzEzYjhiZTgxMzAzYTg5MDJmMGYzOTI3YjVjNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHqfT2C5kQ812CctIYVjmFx8TZBL e/OsDeIFsK1MAf+Q7hQwG+reULiMdYtcb+2XD3PfQjDIC+YguJOC3X5eczQFUOnJ V1QTJGhj4c7+alYmzlO4XmgqOLqXNeAsAENc6bq8it123lhvUnIE1TCGlWt5aVRL hACJdSf7Ktu9rErf926tPNRdfHnlRXdxvgZiUZGTuo8VJu4YR4dtmwMdHv3toRHx G2dSyxUSKJSlzylysS2brKwevgyxLa6GQB37tYOtqevF5jC6XrZSdXnLQ84PuKyz JhXZHPhvobkxI5STZywisxs+tztdnAGgSNFiMqImNXZ+1ZIMyGF/Y9aOkQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHUiDxhLBr4W58M9YyVbYFX13ge4MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRlMzUxZmE4LTNiODktNDUxMi1hMTZiLTVjMzA3ZmM2ZjYxMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8AgwDQYJKoZIhvcNAQELBQADggEBAHTc451gNsh6rPrtAtPX Mc19arXXQk/Op5UbNSm4F5c3HddQlycvOo4fdfyVr1t5HEolHjG2gDJhV6AZc+7D 1RyVWJvpTrDu5bkiul7sZ7bTmDeUxccimiyN6j2Yc3RPaycVgp1soo5H046Z3Wao 1hbEfuoP92FLZ4RBqHxArjfwFj5jmN7p4PJBlKPv6wPKtSwMzS10ucaTRUZBumxr GsZhj8l8hv/2wPvU6JXOtZ6MPQ2CUSttbD9Wqe0M+Bd3Jy2/eVbHvqO2cZR1Zc/s OvRFCTqOdoSjOSyBTN9sLa7EpAD8+vTe0jcMqSFbJfGthSbXxbYr7KH2eixl/zsb mo4= -----END CERTIFICATE-----Generated at Thu May 2 23:18:29 2024 by rpki-client on console-ams.rpki-client.org