$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4e9beec2-4dab-4f31-b0cb-ad6a3a5761b2.roa File: 4e9beec2-4dab-4f31-b0cb-ad6a3a5761b2.roa (raw, json) Hash identifier: T2l5+ObUBHMInWCx5TXfC0USeu2QXjbkr/MVWFUz6mk= Subject key identifier: 38:BE:D4:4F:E8:69:C1:52:49:AA:D5:43:A7:86:4B:8A:68:2A:AC:53 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6FD1CE9CF1A4EB11FEEBD3C397A15BDF974B4924 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4e9beec2-4dab-4f31-b0cb-ad6a3a5761b2.roa Signing time: Fri 22 Sep 2023 00:00:00 +0000 ROA not before: Fri 22 Sep 2023 00:00:00 +0000 ROA not after: Fri 27 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafa:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Sep 2023 12:02:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:d1:ce:9c:f1:a4:eb:11:fe:eb:d3:c3:97:a1:5b:df:97:4b:49:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 22 00:00:00 2023 GMT Not After : Oct 27 23:59:59 2023 GMT Subject: serialNumber=d9e88eed267f0373e26f635aaaf9804b0fcbc177bf8883f55c954ad395099f0d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:49:20:32:fa:13:26:1e:21:b7:34:c2:6a:87: 7c:76:54:9e:72:2e:34:6b:32:42:34:36:5f:39:01: 25:82:b3:0b:71:8b:71:06:b8:82:29:a2:ac:3e:0e: c8:8b:b0:76:02:8b:d0:cb:4f:91:33:52:5e:c6:d4: f2:be:59:12:69:71:27:6b:49:4d:ed:03:87:30:2a: 1c:31:e8:ed:bd:a4:d3:0f:3a:0b:d2:1a:d4:5c:fa: 2b:ed:29:89:0c:48:88:5b:8a:5b:78:c5:ed:bd:a5: 27:d3:99:46:f9:cf:f3:3f:be:58:93:51:c8:54:98: 84:5a:8a:23:2c:81:63:38:29:cf:27:d8:06:5c:e0: 00:c6:82:f0:6f:0e:70:35:ff:6c:bb:3c:b9:56:84: 1a:32:37:e8:51:77:41:bd:0e:25:25:03:ac:ce:66: 25:5b:63:28:98:c7:83:53:fe:c7:b3:9b:85:b1:e6: fd:56:6b:2f:37:0f:2c:ce:4b:c5:1b:d5:6d:57:94: 29:70:7d:55:e6:b6:3e:98:a6:2f:96:f5:4f:11:79: ab:d4:d0:fa:2c:56:25:6e:dd:5c:76:96:b4:d6:26: e6:66:c1:5d:98:b6:f7:f0:ca:b4:34:59:bb:6d:8e: 5a:3b:c7:83:f7:e5:87:f4:c0:44:d2:e7:2f:99:03: 27:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:BE:D4:4F:E8:69:C1:52:49:AA:D5:43:A7:86:4B:8A:68:2A:AC:53 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4e9beec2-4dab-4f31-b0cb-ad6a3a5761b2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafa:c000::/40 Signature Algorithm: sha256WithRSAEncryption 1a:a7:32:f7:88:4b:20:4d:0e:7b:fd:52:e9:85:28:bd:a8:7b: f5:0f:ec:6d:7a:66:46:ff:28:ce:d3:fd:0d:84:7b:55:bb:12: 94:6f:6d:ee:b6:19:e5:4f:80:c2:ec:54:4c:1d:41:f1:11:ce: 39:1d:4e:3c:f1:28:78:71:6a:3a:6c:bb:46:00:68:9f:77:58: 7c:b7:6f:9d:8f:d3:87:25:2b:40:c2:1c:09:fd:be:09:8b:e2: cb:76:f3:dc:8d:6e:b7:a3:2f:7a:fe:d0:49:c9:8f:a7:e1:5c: 63:89:fd:66:86:88:2e:36:85:7b:72:98:59:c6:aa:16:c9:f9: 3c:88:5a:d7:fb:ef:20:41:3f:46:ec:01:c0:ee:f8:1f:70:c0: 3c:1c:ee:0d:93:80:fe:86:de:7e:03:16:18:af:17:04:9a:66: 21:10:20:78:fe:b1:8c:67:cb:cb:c3:d0:a4:ba:7e:50:b5:c3: 09:ca:28:f8:65:b8:e0:a8:4c:c5:a9:82:ad:30:b2:b6:bc:0e: 2b:bc:d1:d4:71:c7:a9:4e:1f:d7:9d:ae:0e:f9:4a:be:72:ab: 1c:03:fb:ce:85:48:c2:16:6d:00:bb:2c:fe:96:64:a3:f1:ba: 2a:ab:8f:59:86:4a:83:02:2e:c3:7c:80:0d:81:9a:05:79:d5: 98:d4:aa:d8 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUb9HOnPGk6xH+69PDl6Fb35dLSSQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkyMjAwMDAwMFoX DTIzMTAyNzIzNTk1OVowejFJMEcGA1UEBRNAZDllODhlZWQyNjdmMDM3M2UyNmY2 MzVhYWFmOTgwNGIwZmNiYzE3N2JmODg4M2Y1NWM5NTRhZDM5NTA5OWYwZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEkgMvoTJh4htzTCaod8dlSeci40 azJCNDZfOQElgrMLcYtxBriCKaKsPg7Ii7B2AovQy0+RM1JextTyvlkSaXEna0lN 7QOHMCocMejtvaTTDzoL0hrUXPor7SmJDEiIW4pbeMXtvaUn05lG+c/zP75Yk1HI VJiEWoojLIFjOCnPJ9gGXOAAxoLwbw5wNf9suzy5VoQaMjfoUXdBvQ4lJQOszmYl W2MomMeDU/7Hs5uFseb9VmsvNw8szkvFG9VtV5QpcH1V5rY+mKYvlvVPEXmr1ND6 LFYlbt1cdpa01ibmZsFdmLb38Mq0NFm7bY5aO8eD9+WH9MBE0ucvmQMnrQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDi+1E/oacFSSarVQ6eGS4poKqxTMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRlOWJlZWMyLTRkYWItNGYzMS1iMGNiLWFkNmEzYTU3NjFiMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+sAwDQYJKoZIhvcNAQELBQADggEBABqnMveISyBNDnv9UumF KL2oe/UP7G16Zkb/KM7T/Q2Ee1W7EpRvbe62GeVPgMLsVEwdQfERzjkdTjzxKHhx ajpsu0YAaJ93WHy3b52P04clK0DCHAn9vgmL4st289yNbrejL3r+0EnJj6fhXGOJ /WaGiC42hXtymFnGqhbJ+TyIWtf77yBBP0bsAcDu+B9wwDwc7g2TgP6G3n4DFhiv FwSaZiEQIHj+sYxny8vD0KS6flC1wwnKKPhluOCoTMWpgq0wsra8Diu80dRxx6lO H9edrg75Sr5yqxwD+86FSMIWbQC7LP6WZKPxuiqrj1mGSoMCLsN8gA2BmgV51ZjU qtg= -----END CERTIFICATE-----Generated at Fri Sep 22 00:27:51 2023 by rpki-client on console-ams.rpki-client.org