$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4e9beec2-4dab-4f31-b0cb-ad6a3a5761b2.roa File: 4e9beec2-4dab-4f31-b0cb-ad6a3a5761b2.roa (raw, json) Hash identifier: hKsc9nwNcXWgLfSD2tkIUFb6f9bNv2e65GZYiQoEZYA= Subject key identifier: F1:89:F6:A5:20:B0:9B:BB:60:A2:76:7F:49:02:93:E8:5E:28:C2:2E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 09D675559B4C1F5A466B30CF00B21D863A5081C3 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4e9beec2-4dab-4f31-b0cb-ad6a3a5761b2.roa Signing time: Wed 10 Apr 2024 00:00:00 +0000 ROA not before: Wed 10 Apr 2024 00:00:00 +0000 ROA not after: Wed 15 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafa:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 22 Apr 2024 00:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:d6:75:55:9b:4c:1f:5a:46:6b:30:cf:00:b2:1d:86:3a:50:81:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 10 00:00:00 2024 GMT Not After : May 15 23:59:59 2024 GMT Subject: serialNumber=ca3137ad46c450d882123769e866711dc1c188bd8f33f71318a1a1c73056abc6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:9e:6a:ea:fa:be:e4:7b:6b:e1:04:2a:05:86: 6d:55:3e:a0:a6:ce:46:c0:ad:e9:0f:98:a7:f5:a1: 75:e6:f3:d7:a4:0c:78:20:d1:6a:59:dc:0f:d0:e2: 53:09:db:f7:ae:a5:79:96:e6:fe:c9:ec:2d:3d:56: 96:f4:46:4b:4c:5d:e0:75:0f:1e:b9:bc:8a:58:d7: 52:94:7b:4f:ed:e0:6d:50:71:26:39:8f:37:5b:26: 3c:90:bd:a7:41:8d:ee:3b:b5:6d:d1:fc:67:60:2a: d9:13:39:87:78:85:bd:d0:b8:89:0b:11:d4:b1:2d: f8:ff:b3:05:c6:3c:aa:4a:06:d0:e2:db:20:3b:b6: 78:6a:95:54:3b:8e:ad:34:de:a6:cc:13:f1:20:35: 12:1a:05:f4:6d:69:2f:ae:1e:da:9f:fa:22:4c:e4: 88:bc:b6:0a:68:a1:c2:59:0a:57:7b:5b:a7:b2:d4: f1:48:f5:4a:80:da:e7:6c:a2:5b:d4:f7:d5:64:8a: e7:b0:23:d6:6d:63:df:49:a9:cc:9c:42:ba:c2:e9: e6:a4:57:78:d5:b7:53:3b:3d:e8:32:c6:d0:b3:66: eb:70:49:73:25:48:b4:3b:15:25:a6:f0:9f:d7:af: 3f:64:d5:7b:c2:ce:84:ec:f3:34:aa:c9:4f:a1:a3: cc:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:89:F6:A5:20:B0:9B:BB:60:A2:76:7F:49:02:93:E8:5E:28:C2:2E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4e9beec2-4dab-4f31-b0cb-ad6a3a5761b2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafa:c000::/40 Signature Algorithm: sha256WithRSAEncryption 6c:c3:bf:e8:73:09:ef:bd:f1:56:d3:df:44:a8:92:95:f3:2c: d6:1a:2e:0e:d3:ce:98:87:3d:b4:70:26:e4:68:d5:f5:41:71: 1c:f2:8d:71:2e:83:00:93:30:5a:25:a0:41:db:18:79:6f:15: dd:49:7b:51:bd:64:cb:4b:0a:21:72:4a:0b:83:f4:95:2e:84: 2e:8c:61:49:99:53:eb:57:f5:c7:4b:91:f1:9a:2b:c5:92:a6: d4:aa:18:69:18:09:ff:61:c7:21:83:5e:7b:2b:7a:4a:b7:37: ec:19:db:c1:a9:d9:69:80:6c:7b:04:c1:86:7f:75:31:ba:4c: cb:6a:4d:c0:94:e9:cc:a4:61:ff:b4:ad:a6:7e:0b:99:84:3b: 51:32:ad:48:b9:16:47:2b:38:34:1a:02:1c:d2:89:27:0c:12: 88:55:6a:b3:32:1d:ee:35:1c:37:2e:89:e5:fe:2f:92:5a:48: 1f:03:75:80:d1:dd:cb:87:97:78:c4:d2:f6:82:0a:82:5e:a7: b9:7d:bc:15:d0:3a:c7:e3:37:bd:0a:37:b0:b2:18:d4:44:30: 2e:3d:e1:33:3d:d6:a3:71:ab:ab:ad:16:f4:ae:0c:67:15:62: 58:de:94:f4:a8:99:d3:23:6a:8d:a1:a1:b3:c0:fb:a5:5a:c0: 8e:32:6d:a5 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUCdZ1VZtMH1pGazDPALIdhjpQgcMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQxMDAwMDAwMFoX DTI0MDUxNTIzNTk1OVowejFJMEcGA1UEBRNAY2EzMTM3YWQ0NmM0NTBkODgyMTIz NzY5ZTg2NjcxMWRjMWMxODhiZDhmMzNmNzEzMThhMWExYzczMDU2YWJjNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyp5q6vq+5Htr4QQqBYZtVT6gps5G wK3pD5in9aF15vPXpAx4INFqWdwP0OJTCdv3rqV5lub+yewtPVaW9EZLTF3gdQ8e ubyKWNdSlHtP7eBtUHEmOY83WyY8kL2nQY3uO7Vt0fxnYCrZEzmHeIW90LiJCxHU sS34/7MFxjyqSgbQ4tsgO7Z4apVUO46tNN6mzBPxIDUSGgX0bWkvrh7an/oiTOSI vLYKaKHCWQpXe1unstTxSPVKgNrnbKJb1PfVZIrnsCPWbWPfSanMnEK6wunmpFd4 1bdTOz3oMsbQs2brcElzJUi0OxUlpvCf168/ZNV7ws6E7PM0qslPoaPMBQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPGJ9qUgsJu7YKJ2f0kCk+heKMIuMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRlOWJlZWMyLTRkYWItNGYzMS1iMGNiLWFkNmEzYTU3NjFiMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+sAwDQYJKoZIhvcNAQELBQADggEBAGzDv+hzCe+98VbT30So kpXzLNYaLg7TzpiHPbRwJuRo1fVBcRzyjXEugwCTMFoloEHbGHlvFd1Je1G9ZMtL CiFySguD9JUuhC6MYUmZU+tX9cdLkfGaK8WSptSqGGkYCf9hxyGDXnsrekq3N+wZ 28Gp2WmAbHsEwYZ/dTG6TMtqTcCU6cykYf+0raZ+C5mEO1EyrUi5FkcrODQaAhzS iScMEohVarMyHe41HDcuieX+L5JaSB8DdYDR3cuHl3jE0vaCCoJep7l9vBXQOsfj N70KN7CyGNREMC494TM91qNxq6utFvSuDGcVYljelPSomdMjao2hobPA+6VawI4y baU= -----END CERTIFICATE-----Generated at Thu Apr 18 03:48:26 2024 by rpki-client on console-fra.rpki-client.org