$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/52ed4ede-452e-4252-99d4-ab87dca3e810.roa File: 52ed4ede-452e-4252-99d4-ab87dca3e810.roa (raw, json) Hash identifier: zCUF99U/qEimOvfNz/DlZvtLAjGbKR4/sAeU3LsNnp8= Subject key identifier: DC:0D:5F:D5:E5:1E:2A:08:27:94:35:43:F0:14:16:A0:40:36:93:5F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 17733B8F848743C50CD9013AA3215BB0BA2676CC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/52ed4ede-452e-4252-99d4-ab87dca3e810.roa Signing time: Mon 18 Sep 2023 00:00:00 +0000 ROA not before: Mon 18 Sep 2023 00:00:00 +0000 ROA not after: Mon 23 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafe:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 20 Sep 2023 03:07:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:73:3b:8f:84:87:43:c5:0c:d9:01:3a:a3:21:5b:b0:ba:26:76:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 18 00:00:00 2023 GMT Not After : Oct 23 23:59:59 2023 GMT Subject: serialNumber=b91f4fef167fda227ce5e58df505ecb4f09457636617488abb00639959443df1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:fc:6f:be:18:f6:85:fd:c5:3e:39:7d:83:ea: e3:ab:6b:6a:a6:e5:65:ba:6d:99:a5:05:fa:6a:bd: 34:16:0b:a8:2f:46:ac:17:d7:84:ac:63:5e:3d:40: 1c:2f:df:1f:49:3b:4d:8d:dd:ba:d7:e3:a8:66:7e: 37:42:13:05:1d:8c:a5:a8:71:97:4a:31:31:6c:68: 26:35:13:d9:5d:18:e7:e9:44:55:aa:5b:d6:5a:b9: af:ad:9b:f7:9e:26:c0:e0:9e:d8:ee:96:1c:17:90: 74:ad:b7:a6:d9:16:c4:d7:8e:24:8a:c8:fb:cf:28: 0a:48:8b:e3:0b:d1:63:16:ba:82:10:b6:1b:5a:54: 49:aa:91:a0:98:aa:ec:01:b3:1f:1a:32:12:85:7c: c9:2a:2c:24:63:d7:83:57:94:d9:f1:41:86:19:5b: 6d:ff:01:32:8a:32:5c:a5:82:3c:da:bb:c0:b9:38: b7:45:15:9b:e2:7c:85:26:2c:0a:6a:0c:04:47:da: 2b:87:f9:7a:5a:f2:dc:c3:70:c1:8e:5c:cd:4f:cf: ea:97:93:77:13:b8:78:f9:c7:3d:89:3e:6c:41:47: 89:c6:2a:64:86:25:23:b6:45:7f:6d:dc:b4:90:65: f1:8e:9d:36:d2:f7:b0:4c:a9:c7:3f:fb:e7:a8:5d: 9d:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:0D:5F:D5:E5:1E:2A:08:27:94:35:43:F0:14:16:A0:40:36:93:5F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/52ed4ede-452e-4252-99d4-ab87dca3e810.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafe:a000::/40 Signature Algorithm: sha256WithRSAEncryption b0:53:55:52:bc:88:c7:19:fe:70:11:7e:c2:5f:44:b6:b3:c1: 7e:42:72:2c:ff:f8:4e:51:f0:7c:2f:01:f1:0b:f1:56:3d:08: f2:00:38:41:f9:20:f0:a8:8f:41:fe:b7:19:40:04:41:48:6c: a9:6d:1c:9a:88:c8:ba:0c:9f:62:d3:bd:f3:90:14:9c:b8:8f: 1d:65:07:d1:93:d5:ea:93:14:cc:9f:77:28:56:a5:4d:d2:44: 62:d3:db:0b:78:48:58:27:bf:3e:0e:c2:39:f9:d4:6d:11:97: 98:3f:a4:58:5e:4a:8f:a2:08:23:4c:e9:32:3c:5f:0c:34:8e: 37:ed:79:11:4f:57:f2:89:ac:8c:74:cc:7a:46:a5:4d:f0:1b: 0f:89:69:c0:6d:a7:0a:cf:88:eb:8a:da:50:5e:eb:11:3f:85: ee:a9:16:37:e8:91:a3:8b:97:45:94:39:1c:0a:3c:c1:f9:10: dc:a6:7f:98:a0:01:8b:b1:c7:6e:02:4c:e2:ed:eb:7c:c2:23: 76:9e:be:51:63:6d:d1:b3:56:0c:6a:95:2b:4b:ab:9a:95:ba: 1e:35:25:ff:2d:3f:5e:aa:98:f3:27:7b:99:e0:e7:b0:cc:be: 9d:e9:c3:dd:c6:bf:da:f0:9f:01:d9:20:f8:f1:70:2c:7a:8e: e4:de:07:c7 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUF3M7j4SHQ8UM2QE6oyFbsLomdswwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkxODAwMDAwMFoX DTIzMTAyMzIzNTk1OVowejFJMEcGA1UEBRNAYjkxZjRmZWYxNjdmZGEyMjdjZTVl NThkZjUwNWVjYjRmMDk0NTc2MzY2MTc0ODhhYmIwMDYzOTk1OTQ0M2RmMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Pxvvhj2hf3FPjl9g+rjq2tqpuVl um2ZpQX6ar00FguoL0asF9eErGNePUAcL98fSTtNjd261+OoZn43QhMFHYylqHGX SjExbGgmNRPZXRjn6URVqlvWWrmvrZv3nibA4J7Y7pYcF5B0rbem2RbE144kisj7 zygKSIvjC9FjFrqCELYbWlRJqpGgmKrsAbMfGjIShXzJKiwkY9eDV5TZ8UGGGVtt /wEyijJcpYI82rvAuTi3RRWb4nyFJiwKagwER9orh/l6WvLcw3DBjlzNT8/ql5N3 E7h4+cc9iT5sQUeJxipkhiUjtkV/bdy0kGXxjp020vewTKnHP/vnqF2dOwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNwNX9XlHioIJ5Q1Q/AUFqBANpNfMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzUyZWQ0ZWRlLTQ1MmUtNDI1Mi05OWQ0LWFiODdkY2EzZTgxMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/qAwDQYJKoZIhvcNAQELBQADggEBALBTVVK8iMcZ/nARfsJf RLazwX5Cciz/+E5R8HwvAfEL8VY9CPIAOEH5IPCoj0H+txlABEFIbKltHJqIyLoM n2LTvfOQFJy4jx1lB9GT1eqTFMyfdyhWpU3SRGLT2wt4SFgnvz4Owjn51G0Rl5g/ pFheSo+iCCNM6TI8Xww0jjfteRFPV/KJrIx0zHpGpU3wGw+JacBtpwrPiOuK2lBe 6xE/he6pFjfokaOLl0WUORwKPMH5ENymf5igAYuxx24CTOLt63zCI3aevlFjbdGz VgxqlStLq5qVuh41Jf8tP16qmPMne5ng57DMvp3pw93Gv9rwnwHZIPjxcCx6juTe B8c= -----END CERTIFICATE-----Generated at Mon Sep 18 15:24:45 2023 by rpki-client on console-fra.rpki-client.org