$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4ee28c39-6f60-49b5-822e-66d0c4fed628.roa File: 4ee28c39-6f60-49b5-822e-66d0c4fed628.roa (raw, json) Hash identifier: T3RnBPE/ZYMEnTj5U4B6xWDymWrnSdX990KfdvSytVg= Subject key identifier: 79:9C:4D:64:60:71:E0:21:CE:3B:69:13:F2:24:90:F9:C5:0F:D2:ED Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 11AE196E2B56C078A63B94134E888959393A37C6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4ee28c39-6f60-49b5-822e-66d0c4fed628.roa Signing time: Tue 23 Apr 2024 00:00:00 +0000 ROA not before: Tue 23 Apr 2024 00:00:00 +0000 ROA not after: Tue 28 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:c800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 09 May 2024 00:01:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:ae:19:6e:2b:56:c0:78:a6:3b:94:13:4e:88:89:59:39:3a:37:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 23 00:00:00 2024 GMT Not After : May 28 23:59:59 2024 GMT Subject: serialNumber=20d10ccc7c26f95f51c72e1f335cc19667d161bb0a88026fabe2a7084679022d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:04:f6:8f:36:23:61:cb:83:22:0f:3e:cc:43: 52:51:7c:59:0a:f0:09:d0:30:1d:a1:af:c4:ac:f6: 33:06:9c:f2:00:d3:3b:93:9f:ac:a2:f0:c9:77:c3: 07:97:1f:51:43:ce:a3:35:e2:f1:f6:42:28:18:4a: 0f:b1:9b:b7:9c:bb:16:a5:79:4b:f4:88:ce:a4:3c: 88:52:a1:43:7b:ab:52:df:a0:44:66:b8:d1:ad:b1: 3c:b4:02:09:0a:ad:0c:e8:a9:0a:90:c4:20:91:10: 68:46:85:73:3c:6a:a3:89:05:98:0e:67:ec:2a:02: e3:1f:b7:fd:c0:7e:a9:08:97:f2:34:69:d7:9a:7d: 01:b6:62:b4:2e:50:3c:a2:b2:23:be:43:8d:4b:6b: 78:2b:a9:60:06:e8:1b:c5:94:e3:6b:71:9a:e0:b3: 5b:a2:48:54:c5:14:91:81:07:7e:4f:5e:60:77:51: 61:66:d0:a2:d5:01:97:9d:0c:32:47:f1:29:c0:cc: 28:90:a9:f7:01:91:93:92:01:38:38:49:98:ab:6c: 7e:01:fa:0a:24:e1:d4:3a:fd:25:02:ea:4c:68:a3: 1e:54:52:41:73:08:f9:87:49:1f:23:75:a1:a5:73: 92:14:e4:bc:e4:8f:cd:ab:5f:e2:74:a8:72:32:93: 57:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:9C:4D:64:60:71:E0:21:CE:3B:69:13:F2:24:90:F9:C5:0F:D2:ED X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4ee28c39-6f60-49b5-822e-66d0c4fed628.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:c800::/40 Signature Algorithm: sha256WithRSAEncryption 78:1e:1a:da:d1:51:91:ce:06:3b:f4:df:bd:2a:07:d4:0e:87: 5c:b5:c0:cb:f3:fd:5b:d8:a9:73:4f:f0:6b:c9:09:3c:d4:80: 71:18:8c:f4:27:b8:62:ac:4d:94:77:e6:6b:9e:ed:94:fe:92: 54:97:27:05:c6:98:65:5c:f3:d4:77:fe:a7:d4:4b:87:b0:35: 68:e3:bd:71:e6:a4:30:27:11:70:59:72:df:b5:31:f3:02:59: 08:f9:49:17:f3:4d:bc:5e:e9:ff:b5:69:54:19:21:ea:1b:ea: 56:08:bd:24:2f:6c:bc:40:34:b7:27:e3:8e:c7:a5:47:38:b3: 8f:f0:c6:e5:3f:ac:4d:fe:7b:5b:73:24:a4:2b:40:41:61:b7: b6:1e:f1:bf:89:a3:ff:09:d7:94:77:d7:d5:80:9d:a1:89:f1: 37:e2:4e:a3:6e:29:b4:55:62:26:4e:50:53:e3:1c:f4:41:cd: cf:ae:e5:cc:a7:19:65:9e:4b:ff:27:7a:15:4e:92:bd:8a:84: 41:1c:6f:7e:2d:36:88:f4:b1:f5:f9:2a:13:8f:16:12:32:50: 7c:b5:03:af:e4:dc:bf:d8:99:0e:b5:7d:c4:10:fc:3d:39:98: c8:bf:df:16:83:ec:f0:4c:8c:f6:01:d6:b4:cf:f7:49:ad:d9: 9e:15:41:64 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUEa4ZbitWwHimO5QTToiJWTk6N8YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQyMzAwMDAwMFoX DTI0MDUyODIzNTk1OVowejFJMEcGA1UEBRNAMjBkMTBjY2M3YzI2Zjk1ZjUxYzcy ZTFmMzM1Y2MxOTY2N2QxNjFiYjBhODgwMjZmYWJlMmE3MDg0Njc5MDIyZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0AT2jzYjYcuDIg8+zENSUXxZCvAJ 0DAdoa/ErPYzBpzyANM7k5+sovDJd8MHlx9RQ86jNeLx9kIoGEoPsZu3nLsWpXlL 9IjOpDyIUqFDe6tS36BEZrjRrbE8tAIJCq0M6KkKkMQgkRBoRoVzPGqjiQWYDmfs KgLjH7f9wH6pCJfyNGnXmn0BtmK0LlA8orIjvkONS2t4K6lgBugbxZTja3Ga4LNb okhUxRSRgQd+T15gd1FhZtCi1QGXnQwyR/EpwMwokKn3AZGTkgE4OEmYq2x+AfoK JOHUOv0lAupMaKMeVFJBcwj5h0kfI3WhpXOSFOS85I/Nq1/idKhyMpNXMwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHmcTWRgceAhzjtpE/IkkPnFD9LtMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRlZTI4YzM5LTZmNjAtNDliNS04MjJlLTY2ZDBjNGZlZDYyOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYcgwDQYJKoZIhvcNAQELBQADggEBAHgeGtrRUZHOBjv0370q B9QOh1y1wMvz/VvYqXNP8GvJCTzUgHEYjPQnuGKsTZR35mue7ZT+klSXJwXGmGVc 89R3/qfUS4ewNWjjvXHmpDAnEXBZct+1MfMCWQj5SRfzTbxe6f+1aVQZIeob6lYI vSQvbLxANLcn447HpUc4s4/wxuU/rE3+e1tzJKQrQEFht7Ye8b+Jo/8J15R319WA naGJ8TfiTqNuKbRVYiZOUFPjHPRBzc+u5cynGWWeS/8nehVOkr2KhEEcb34tNoj0 sfX5KhOPFhIyUHy1A6/k3L/YmQ61fcQQ/D05mMi/3xaD7PBMjPYB1rTP90mt2Z4V QWQ= -----END CERTIFICATE-----Generated at Sun May 5 01:11:59 2024 by rpki-client on console-ams.rpki-client.org