$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4fd1d514-e9ac-44a6-93a0-af9ce79fc3de.roa File: 4fd1d514-e9ac-44a6-93a0-af9ce79fc3de.roa (raw, json) Hash identifier: L6XJ02TolrQ7J9CRiUFcRhLxvWK6PYO0HzIIAS1+3jU= Subject key identifier: D3:9F:85:1A:2A:87:4B:D5:64:0D:7E:A5:E3:54:B4:82:EF:5F:B4:BC Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 26ABE34D43728BA236506CBAE52644E1B25DD0F0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4fd1d514-e9ac-44a6-93a0-af9ce79fc3de.roa Signing time: Thu 02 May 2024 00:00:00 +0000 ROA not before: Thu 02 May 2024 00:00:00 +0000 ROA not after: Thu 06 Jun 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 May 2024 00:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:ab:e3:4d:43:72:8b:a2:36:50:6c:ba:e5:26:44:e1:b2:5d:d0:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 2 00:00:00 2024 GMT Not After : Jun 6 23:59:59 2024 GMT Subject: serialNumber=2cc8d83390a6c70745eb0456d1ef0168b24ec082ab69b48a3e391832c99d6902, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:6b:d9:65:6b:80:8a:18:a1:31:8c:e8:d8:b1: e2:20:99:e9:15:14:85:93:20:3c:cf:0d:bd:c4:c0: 23:94:87:e5:10:50:8b:8a:41:71:af:3a:0a:31:b2: 4d:92:2e:38:cb:86:56:33:99:d5:4c:73:ab:f0:a1: ce:b2:3d:c3:01:68:b8:eb:7a:60:a6:46:ee:ad:1c: 6d:ba:5f:80:e6:79:af:02:ca:bd:fb:8b:89:70:98: 95:2b:12:34:9e:0b:aa:ad:10:02:61:ae:52:b6:3f: 20:87:69:5a:16:92:63:c5:9e:34:3d:f9:17:b3:47: 57:07:4b:b1:ed:4f:39:fa:40:93:9a:26:46:1b:bc: 54:27:96:79:99:b6:dd:36:5e:cd:94:26:fe:0e:77: ac:90:e8:f6:7a:c2:8e:1c:27:65:f6:0e:bf:01:60: 39:3e:65:26:a2:02:8a:fe:b6:4b:e6:53:34:f5:c5: 44:66:82:24:c7:92:46:28:2e:88:1b:68:69:1f:0d: 1f:e1:d5:22:b3:a6:c9:35:93:76:9b:c6:2d:34:4b: b5:3a:5c:6c:c2:62:c9:3f:05:6a:74:61:2e:3f:96: 3c:0d:20:c0:31:9f:c2:d7:29:f6:71:eb:c8:bf:c8: c7:c2:b5:f8:20:b1:a4:7c:ff:bd:9c:99:d0:fe:73: 2c:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:9F:85:1A:2A:87:4B:D5:64:0D:7E:A5:E3:54:B4:82:EF:5F:B4:BC X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4fd1d514-e9ac-44a6-93a0-af9ce79fc3de.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:4000::/40 Signature Algorithm: sha256WithRSAEncryption 89:2a:e4:1c:b8:c3:9a:88:df:4f:cb:d5:e0:07:6c:55:6c:af: ac:40:1e:66:e4:29:54:72:2f:1e:49:c4:ca:ff:00:ea:72:77: 6c:43:21:dd:cd:13:cf:2e:0a:46:68:59:19:ed:1d:c5:ba:b4: 5b:05:38:0e:04:e9:88:65:da:f2:09:c0:c3:c3:aa:aa:ad:5e: 6e:4a:11:31:39:78:a9:57:11:95:dd:c9:32:be:b1:e8:48:ae: 39:db:ea:48:68:16:cc:3e:a0:10:54:44:60:63:76:52:a4:71: 8b:d5:72:ab:14:61:c5:71:a0:90:07:4e:8d:39:4d:38:2e:f4: c6:eb:c8:a6:57:9c:f0:38:1c:80:57:17:d9:68:b2:fe:8d:66: ff:48:34:d5:14:cf:28:73:c2:41:f4:d2:48:8d:1c:fc:38:d1: 0c:ff:6f:25:c8:34:0a:b7:fb:95:05:75:2b:59:f8:11:c2:7e: 06:65:6b:a1:6d:71:b0:1c:d2:8e:9e:6a:d8:dd:52:cc:45:32: 6d:d6:77:d8:9c:1f:fa:c4:51:55:70:ae:81:7c:fb:9c:59:42: 37:3a:e0:02:e9:b3:db:cd:ff:43:91:c4:e2:a8:0b:9b:10:68: 64:53:49:e5:9b:f4:dd:1c:e8:09:d5:51:bf:41:ef:3b:01:39: 06:20:5c:c3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJqvjTUNyi6I2UGy65SZE4bJd0PAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUwMjAwMDAwMFoX DTI0MDYwNjIzNTk1OVowejFJMEcGA1UEBRNAMmNjOGQ4MzM5MGE2YzcwNzQ1ZWIw NDU2ZDFlZjAxNjhiMjRlYzA4MmFiNjliNDhhM2UzOTE4MzJjOTlkNjkwMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymvZZWuAihihMYzo2LHiIJnpFRSF kyA8zw29xMAjlIflEFCLikFxrzoKMbJNki44y4ZWM5nVTHOr8KHOsj3DAWi463pg pkburRxtul+A5nmvAsq9+4uJcJiVKxI0nguqrRACYa5Stj8gh2laFpJjxZ40PfkX s0dXB0ux7U85+kCTmiZGG7xUJ5Z5mbbdNl7NlCb+DneskOj2esKOHCdl9g6/AWA5 PmUmogKK/rZL5lM09cVEZoIkx5JGKC6IG2hpHw0f4dUis6bJNZN2m8YtNEu1Olxs wmLJPwVqdGEuP5Y8DSDAMZ/C1yn2cevIv8jHwrX4ILGkfP+9nJnQ/nMsKwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNOfhRoqh0vVZA1+peNUtILvX7S8MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRmZDFkNTE0LWU5YWMtNDRhNi05M2EwLWFmOWNlNzlmYzNkZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOEAwDQYJKoZIhvcNAQELBQADggEBAIkq5By4w5qI30/L1eAH bFVsr6xAHmbkKVRyLx5JxMr/AOpyd2xDId3NE88uCkZoWRntHcW6tFsFOA4E6Yhl 2vIJwMPDqqqtXm5KETE5eKlXEZXdyTK+sehIrjnb6khoFsw+oBBURGBjdlKkcYvV cqsUYcVxoJAHTo05TTgu9MbryKZXnPA4HIBXF9losv6NZv9INNUUzyhzwkH00kiN HPw40Qz/byXINAq3+5UFdStZ+BHCfgZla6FtcbAc0o6eatjdUsxFMm3Wd9icH/rE UVVwroF8+5xZQjc64ALps9vN/0ORxOKoC5sQaGRTSeWb9N0c6AnVUb9B7zsBOQYg XMM= -----END CERTIFICATE-----Generated at Thu May 23 05:06:52 2024 by rpki-client on console-fra.rpki-client.org