$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4fd4f1fa-ef72-445b-8178-cdb0ba581ea1.roa File: 4fd4f1fa-ef72-445b-8178-cdb0ba581ea1.roa (raw, json) Hash identifier: i2j1pewLqI28wsIZ48vlGVvpDnVvaeg+Uqr1XvbXeiw= Subject key identifier: 3C:84:27:9F:CA:23:B1:55:92:9E:A2:D7:E8:F5:CF:67:95:5D:A0:CC Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 116BF2A79133DEC69815A1BC42FAFCA7CF370D3C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4fd4f1fa-ef72-445b-8178-cdb0ba581ea1.roa Signing time: Sat 06 Apr 2024 00:00:00 +0000 ROA not before: Sat 06 Apr 2024 00:00:00 +0000 ROA not after: Sat 11 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 23 Apr 2024 00:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:6b:f2:a7:91:33:de:c6:98:15:a1:bc:42:fa:fc:a7:cf:37:0d:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 6 00:00:00 2024 GMT Not After : May 11 23:59:59 2024 GMT Subject: serialNumber=b2dae12d52312d5e7f89b03e697cb1a5c1ecb1b326308d075ebe60b024415f12, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:c8:f5:20:28:f6:9f:47:75:51:1a:05:bb:05: 5b:db:27:1e:08:f2:2f:23:94:da:e6:2d:eb:cc:24: d8:9b:5f:5c:71:55:30:7e:3f:bf:c0:af:57:5e:69: 7f:f1:01:a8:9d:b6:8f:ac:50:91:d0:58:d2:f2:68: 71:f8:e2:07:88:9b:9d:69:c0:a4:e8:b1:12:27:75: dc:55:65:d4:b9:5b:c9:06:4e:ec:ee:97:10:c2:a4: a9:0c:6a:36:1c:f6:55:9c:41:32:87:47:cd:90:fd: c7:40:de:c1:03:89:fc:c6:4f:89:b2:02:e5:83:21: 76:e5:58:fd:83:f3:ad:e2:d2:3c:c0:09:eb:f9:e2: 6b:3b:ba:54:fb:f8:c1:27:80:ad:e5:e4:87:ac:86: b7:c6:f0:47:e4:88:bd:90:46:f1:c1:34:3f:d0:5c: 70:28:74:58:05:54:6f:e3:97:c1:60:06:e1:76:ce: 7d:90:51:6d:29:ed:1f:94:d0:94:34:56:41:ab:06: 07:e3:ac:55:a1:75:97:33:6e:8e:26:5c:51:68:c5: 81:c0:ec:15:a8:3c:86:46:6f:ab:57:b8:c1:4e:e6: 95:a9:03:16:f1:5a:71:ec:3d:28:6d:9b:c4:31:d0: 0d:02:5f:f8:0a:65:a3:10:1a:8e:a1:cd:c6:cc:55: 79:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:84:27:9F:CA:23:B1:55:92:9E:A2:D7:E8:F5:CF:67:95:5D:A0:CC X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4fd4f1fa-ef72-445b-8178-cdb0ba581ea1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:a000::/40 Signature Algorithm: sha256WithRSAEncryption 41:81:5b:3d:ea:68:0d:06:cf:39:56:e7:50:66:3e:b0:fb:24: a4:ab:a4:e1:58:30:c8:98:0f:3b:5f:22:c2:fd:ef:49:72:7e: ac:17:a1:ca:0b:09:cb:41:33:80:86:63:8e:a3:08:89:e3:dc: 19:b2:f8:82:27:5c:89:57:bf:67:23:0f:60:77:3c:e8:2d:1d: 67:69:2d:12:7c:b2:7b:f4:40:9d:1c:fc:05:9d:b4:89:3b:73: 90:1e:06:dc:86:37:f8:69:b5:e1:10:7b:bc:23:29:b2:6b:9f: 55:a2:e9:ce:1a:5f:18:2e:75:44:c2:9f:fb:00:1a:38:16:2b: 03:98:aa:e8:29:27:47:cc:25:41:c1:d4:db:69:b5:96:9a:da: de:f0:f0:5b:75:07:01:73:3e:c4:d1:cf:3d:0f:00:cb:fe:d7: 6f:18:98:2c:1f:27:a9:7d:a9:a2:37:0c:4a:b9:60:64:94:f5: 0d:77:42:b4:a2:69:82:9a:18:1d:d4:ae:59:54:84:5e:12:4d: d2:aa:a9:61:e1:d6:37:03:7f:a1:5a:31:c7:dd:97:f2:1f:72: d3:3d:1f:23:7f:75:49:16:b2:42:5b:b8:09:5f:65:42:bf:d9: 78:0c:c6:83:76:3a:3c:4b:b5:c7:7e:22:83:a5:ca:b9:43:c2: f0:54:18:b0 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUEWvyp5Ez3saYFaG8Qvr8p883DTwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQwNjAwMDAwMFoX DTI0MDUxMTIzNTk1OVowejFJMEcGA1UEBRNAYjJkYWUxMmQ1MjMxMmQ1ZTdmODli MDNlNjk3Y2IxYTVjMWVjYjFiMzI2MzA4ZDA3NWViZTYwYjAyNDQxNWYxMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA78j1ICj2n0d1URoFuwVb2yceCPIv I5Ta5i3rzCTYm19ccVUwfj+/wK9XXml/8QGonbaPrFCR0FjS8mhx+OIHiJudacCk 6LESJ3XcVWXUuVvJBk7s7pcQwqSpDGo2HPZVnEEyh0fNkP3HQN7BA4n8xk+JsgLl gyF25Vj9g/Ot4tI8wAnr+eJrO7pU+/jBJ4Ct5eSHrIa3xvBH5Ii9kEbxwTQ/0Fxw KHRYBVRv45fBYAbhds59kFFtKe0flNCUNFZBqwYH46xVoXWXM26OJlxRaMWBwOwV qDyGRm+rV7jBTuaVqQMW8Vpx7D0obZvEMdANAl/4CmWjEBqOoc3GzFV5ywIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDyEJ5/KI7FVkp6i1+j1z2eVXaDMMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRmZDRmMWZhLWVmNzItNDQ1Yi04MTc4LWNkYjBiYTU4MWVhMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaAKAwDQYJKoZIhvcNAQELBQADggEBAEGBWz3qaA0GzzlW51Bm PrD7JKSrpOFYMMiYDztfIsL970lyfqwXocoLCctBM4CGY46jCInj3Bmy+IInXIlX v2cjD2B3POgtHWdpLRJ8snv0QJ0c/AWdtIk7c5AeBtyGN/hpteEQe7wjKbJrn1Wi 6c4aXxgudUTCn/sAGjgWKwOYqugpJ0fMJUHB1NtptZaa2t7w8Ft1BwFzPsTRzz0P AMv+128YmCwfJ6l9qaI3DEq5YGSU9Q13QrSiaYKaGB3UrllUhF4STdKqqWHh1jcD f6FaMcfdl/IfctM9HyN/dUkWskJbuAlfZUK/2XgMxoN2OjxLtcd+IoOlyrlDwvBU GLA= -----END CERTIFICATE-----Generated at Fri Apr 19 00:50:21 2024 by rpki-client on console-ams.rpki-client.org