$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4fe6a299-f119-4899-820b-ec885ec1a4a3.roa File: 4fe6a299-f119-4899-820b-ec885ec1a4a3.roa (raw, json) Hash identifier: ghQli4+awK//xeObMeg1j+/5ggdtujjE1MGfiAvvfts= Subject key identifier: 46:30:2C:AE:93:85:70:DA:B7:5E:FF:E8:74:FA:11:A7:C4:BE:0B:87 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4E8826B306A33CD2F68BB143049BB908FBD0000A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4fe6a299-f119-4899-820b-ec885ec1a4a3.roa Signing time: Sat 20 Jul 2024 00:00:00 +0000 ROA not before: Sat 20 Jul 2024 00:00:00 +0000 ROA not after: Sat 24 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf7:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:88:26:b3:06:a3:3c:d2:f6:8b:b1:43:04:9b:b9:08:fb:d0:00:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 20 00:00:00 2024 GMT Not After : Aug 24 23:59:59 2024 GMT Subject: serialNumber=d34fd3b49c487d55ac27841122f09394b30dca19de5cc5961865a43d357949fa, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:a3:bf:61:d5:1a:48:f9:d8:64:94:10:03:5f: 8e:61:6a:b1:2c:2d:ed:71:6d:54:4a:a3:2b:e7:06: 05:74:25:47:57:2c:43:b3:1f:1d:c0:aa:7a:89:d3: 66:a4:8b:36:1f:f5:bd:94:62:a4:cb:7c:04:dc:8b: 82:b0:2b:02:17:d0:11:ec:36:b6:a3:69:77:ae:1b: d7:9c:cd:d7:21:0d:d1:ca:cb:0f:79:e1:37:a0:27: cb:8b:26:0a:5c:58:4a:7f:dd:f8:33:e5:b6:d7:23: 90:32:52:4d:6b:95:a2:f7:b0:83:84:b7:98:47:a3: 52:d0:79:f8:55:f6:6e:29:f8:d9:a9:cb:1b:d9:a0: e0:bd:d6:da:53:30:e9:71:50:b4:05:6a:10:e1:c3: 4e:e5:0e:2b:e8:f6:1f:31:02:8a:89:8a:52:5d:c1: d0:50:37:31:fe:54:56:51:cd:04:e2:a0:f7:5c:09: 3f:51:5b:6a:bc:86:a9:c1:1f:a9:1c:7d:ac:0d:76: 77:6f:31:a5:46:a9:2c:3b:20:32:72:a1:71:1b:1f: 8a:b9:51:fc:bf:bd:96:54:fd:f3:d1:8b:40:7b:79: 98:2e:f9:67:92:50:0b:7e:1b:10:8e:06:3d:4d:62: c0:47:28:0d:a8:14:6b:3e:bd:9d:2c:19:5b:ed:e8: 6b:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:30:2C:AE:93:85:70:DA:B7:5E:FF:E8:74:FA:11:A7:C4:BE:0B:87 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4fe6a299-f119-4899-820b-ec885ec1a4a3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf7:2000::/40 Signature Algorithm: sha256WithRSAEncryption ac:77:8a:36:f7:83:ef:2a:de:98:9b:94:2f:40:86:c0:f1:48: 1d:b1:ae:93:5f:81:b4:88:66:00:5e:1d:72:52:a4:47:a0:67: 1c:f8:ac:2a:08:de:c0:ad:fa:df:e0:a1:ec:21:0a:63:c5:5e: fc:c1:c0:dc:ae:a9:37:51:3f:90:74:1c:ba:a3:cb:3c:1a:8d: 1a:0e:d9:f8:42:5d:b6:22:b3:25:93:ff:f7:52:c7:7e:61:61: 2d:2c:b2:17:cc:2f:06:ee:b7:ce:1a:f1:99:a2:7b:bb:2a:57: 58:41:82:3a:cc:ab:e7:9a:5e:f0:d1:35:35:bf:22:9c:c1:1d: 47:38:c8:46:e0:06:f5:f1:f6:4c:7a:9d:d3:0d:3a:fb:14:92: ca:31:8c:f1:a3:95:5d:a3:b0:66:ea:14:84:4a:c9:44:ca:28: d8:75:84:49:4f:10:09:0a:4c:d2:de:fd:ba:b7:e4:c2:74:0b: 80:2a:5b:73:67:0e:33:d8:64:7b:73:ac:0e:a2:4c:a5:69:27: ba:bd:11:06:32:14:b7:fa:76:62:7b:38:66:59:c8:cc:0b:8f: bc:d0:39:8d:d4:7e:b4:c9:98:76:76:e4:35:e8:c2:05:6d:9e: 58:7d:ff:97:d8:10:20:49:67:58:46:f6:21:82:71:61:96:70: 30:f7:b1:78 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUTogmswajPNL2i7FDBJu5CPvQAAowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcyMDAwMDAwMFoX DTI0MDgyNDIzNTk1OVowejFJMEcGA1UEBRNAZDM0ZmQzYjQ5YzQ4N2Q1NWFjMjc4 NDExMjJmMDkzOTRiMzBkY2ExOWRlNWNjNTk2MTg2NWE0M2QzNTc5NDlmYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqO/YdUaSPnYZJQQA1+OYWqxLC3t cW1USqMr5wYFdCVHVyxDsx8dwKp6idNmpIs2H/W9lGKky3wE3IuCsCsCF9AR7Da2 o2l3rhvXnM3XIQ3RyssPeeE3oCfLiyYKXFhKf934M+W21yOQMlJNa5Wi97CDhLeY R6NS0Hn4VfZuKfjZqcsb2aDgvdbaUzDpcVC0BWoQ4cNO5Q4r6PYfMQKKiYpSXcHQ UDcx/lRWUc0E4qD3XAk/UVtqvIapwR+pHH2sDXZ3bzGlRqksOyAycqFxGx+KuVH8 v72WVP3z0YtAe3mYLvlnklALfhsQjgY9TWLARygNqBRrPr2dLBlb7ehrGwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEYwLK6ThXDat17/6HT6EafEvguHMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRmZTZhMjk5LWYxMTktNDg5OS04MjBiLWVjODg1ZWMxYTRhMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9yAwDQYJKoZIhvcNAQELBQADggEBAKx3ijb3g+8q3piblC9A hsDxSB2xrpNfgbSIZgBeHXJSpEegZxz4rCoI3sCt+t/goewhCmPFXvzBwNyuqTdR P5B0HLqjyzwajRoO2fhCXbYisyWT//dSx35hYS0sshfMLwbut84a8Zmie7sqV1hB gjrMq+eaXvDRNTW/IpzBHUc4yEbgBvXx9kx6ndMNOvsUksoxjPGjlV2jsGbqFIRK yUTKKNh1hElPEAkKTNLe/bq35MJ0C4AqW3NnDjPYZHtzrA6iTKVpJ7q9EQYyFLf6 dmJ7OGZZyMwLj7zQOY3UfrTJmHZ25DXowgVtnlh9/5fYECBJZ1hG9iGCcWGWcDD3 sXg= -----END CERTIFICATE-----Generated at Fri Jul 26 02:06:15 2024 by rpki-client on console-fra.rpki-client.org