$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4e351fa8-3b89-4512-a16b-5c307fc6f611.roa File: 4e351fa8-3b89-4512-a16b-5c307fc6f611.roa (raw, json) Hash identifier: 0oqggV6ZRlnhZvSdwoSiHJZ5sKm+JgG6hyVx9dcaq0w= Subject key identifier: 79:DB:8C:5C:A9:FA:81:7B:32:36:F7:D9:A6:AC:D0:20:B3:80:FA:1E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 53B91BC68733A83F9C6106D1CE64D4A563969922 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4e351fa8-3b89-4512-a16b-5c307fc6f611.roa Signing time: Sat 20 Jul 2024 00:00:00 +0000 ROA not before: Sat 20 Jul 2024 00:00:00 +0000 ROA not after: Sat 24 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf0:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:b9:1b:c6:87:33:a8:3f:9c:61:06:d1:ce:64:d4:a5:63:96:99:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 20 00:00:00 2024 GMT Not After : Aug 24 23:59:59 2024 GMT Subject: serialNumber=8cef10588b3ebe73861eaedc18ff71151c660a7923b36e25685a565388760aca, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:09:b4:25:4f:3c:ac:09:00:f3:96:2a:a7:3d: 96:9b:e2:87:94:88:51:4d:dc:23:e1:f5:4a:86:aa: a6:d4:2e:25:21:e9:61:a2:00:91:ac:03:0a:b9:a3: 4f:b2:e2:a5:6a:4e:e6:05:b7:bd:22:86:79:bf:c0: c3:a0:79:c1:d4:47:bd:a8:c2:db:4e:5d:de:a6:f2: 67:68:e1:c8:e2:2d:10:af:72:28:59:5c:c2:12:39: 1c:78:d1:77:5b:ce:e2:d2:e7:9c:20:16:63:8e:61: e0:c6:d5:6f:ba:ba:1c:81:ec:af:48:fa:c8:4e:82: 79:f5:51:f3:c5:20:bf:81:6e:79:cb:27:67:5d:bb: 5a:61:cd:b9:c2:8d:83:6c:8d:6c:87:89:92:3f:5a: 03:a8:f0:96:fc:4a:2b:f3:4d:32:7d:6a:4d:d9:59: 81:f9:b1:fd:32:50:27:5e:fc:c3:93:47:0d:2f:b5: 0a:bb:dd:be:51:23:2e:10:72:bd:0c:d1:04:17:73: fb:5c:da:82:56:d9:70:25:1b:75:ce:c9:d6:37:a6: 9f:f7:7f:bb:b9:05:f8:d5:57:f4:1a:ce:76:fe:c3: 39:1c:21:2b:3e:f0:94:d1:73:07:c2:91:62:e2:49: fd:20:40:91:63:65:60:4b:02:9a:bc:81:dc:ae:dc: f6:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:DB:8C:5C:A9:FA:81:7B:32:36:F7:D9:A6:AC:D0:20:B3:80:FA:1E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4e351fa8-3b89-4512-a16b-5c307fc6f611.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf0:800::/40 Signature Algorithm: sha256WithRSAEncryption 18:c6:23:73:ac:62:7d:c5:44:22:41:ee:af:5b:21:1e:67:7e: 10:17:7f:a9:9d:15:e6:b6:56:d4:f6:f8:0d:67:bc:4a:ec:38: 55:f5:99:65:b0:37:3a:23:73:9c:a3:8a:e3:6f:50:9f:52:83: 48:a0:65:99:bc:72:4d:42:00:7f:51:07:aa:8c:58:82:97:32: a1:d9:df:12:57:76:5f:ca:31:5e:4f:ec:a7:f6:61:a2:1c:0e: 31:6e:9b:80:43:81:54:5e:ec:4c:f1:c1:e1:4a:c2:31:cc:82: 0b:e9:79:7d:fd:55:e2:a6:b7:67:45:12:bd:dc:81:26:32:10: 87:8d:20:35:f6:93:82:04:b5:08:24:78:d2:43:2b:59:53:01: a8:0a:c6:73:90:ea:23:0f:63:60:29:5b:3f:54:6c:4a:e8:ac: 46:6b:ff:d2:99:a6:4a:4f:ed:bd:66:51:a3:32:ba:92:75:cc: 61:20:f6:1f:7a:7d:1f:db:a5:62:9a:07:83:31:69:bd:8e:95: 8b:2f:25:de:c7:c4:2f:5f:06:8e:f2:be:db:3f:cc:b6:39:bf: 25:56:4d:25:99:b1:5c:14:fe:26:94:0b:75:42:9f:fc:fd:e5: e2:23:0a:98:2b:03:9e:45:d0:56:26:f1:bb:89:10:19:e4:a7: 32:43:45:1f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUU7kbxoczqD+cYQbRzmTUpWOWmSIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcyMDAwMDAwMFoX DTI0MDgyNDIzNTk1OVowejFJMEcGA1UEBRNAOGNlZjEwNTg4YjNlYmU3Mzg2MWVh ZWRjMThmZjcxMTUxYzY2MGE3OTIzYjM2ZTI1Njg1YTU2NTM4ODc2MGFjYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQm0JU88rAkA85Yqpz2Wm+KHlIhR Tdwj4fVKhqqm1C4lIelhogCRrAMKuaNPsuKlak7mBbe9IoZ5v8DDoHnB1Ee9qMLb Tl3epvJnaOHI4i0Qr3IoWVzCEjkceNF3W87i0uecIBZjjmHgxtVvurocgeyvSPrI ToJ59VHzxSC/gW55yydnXbtaYc25wo2DbI1sh4mSP1oDqPCW/Eor800yfWpN2VmB +bH9MlAnXvzDk0cNL7UKu92+USMuEHK9DNEEF3P7XNqCVtlwJRt1zsnWN6af93+7 uQX41Vf0Gs52/sM5HCErPvCU0XMHwpFi4kn9IECRY2VgSwKavIHcrtz2PQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHnbjFyp+oF7Mjb32aas0CCzgPoeMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRlMzUxZmE4LTNiODktNDUxMi1hMTZiLTVjMzA3ZmM2ZjYxMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8AgwDQYJKoZIhvcNAQELBQADggEBABjGI3OsYn3FRCJB7q9b IR5nfhAXf6mdFea2VtT2+A1nvErsOFX1mWWwNzojc5yjiuNvUJ9Sg0igZZm8ck1C AH9RB6qMWIKXMqHZ3xJXdl/KMV5P7Kf2YaIcDjFum4BDgVRe7EzxweFKwjHMggvp eX39VeKmt2dFEr3cgSYyEIeNIDX2k4IEtQgkeNJDK1lTAagKxnOQ6iMPY2ApWz9U bErorEZr/9KZpkpP7b1mUaMyupJ1zGEg9h96fR/bpWKaB4Mxab2OlYsvJd7HxC9f Bo7yvts/zLY5vyVWTSWZsVwU/iaUC3VCn/z95eIjCpgrA55F0FYm8buJEBnkpzJD RR8= -----END CERTIFICATE-----Generated at Fri Jul 26 02:06:15 2024 by rpki-client on console-fra.rpki-client.org