$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5e3a6a73-be0f-463f-a67b-a132e473d6f7.roa File: 5e3a6a73-be0f-463f-a67b-a132e473d6f7.roa (raw, json) Hash identifier: 3+IIIe9fhm9He/5z5D7RHPXvxGaj/h43XcYfiwGtJ8c= Subject key identifier: 1E:09:76:53:EC:F9:0D:61:1E:73:25:32:AA:C9:22:E8:F3:C1:C5:FE Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4B3FD4675E596DC67A49BCE6D4C705068F3076F8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5e3a6a73-be0f-463f-a67b-a132e473d6f7.roa Signing time: Wed 01 May 2024 00:00:00 +0000 ROA not before: Wed 01 May 2024 00:00:00 +0000 ROA not after: Wed 05 Jun 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf9:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 15:21:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:3f:d4:67:5e:59:6d:c6:7a:49:bc:e6:d4:c7:05:06:8f:30:76:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 1 00:00:00 2024 GMT Not After : Jun 5 23:59:59 2024 GMT Subject: serialNumber=156d96c8affc9a0ed600c735fcadac1296eef23d0e4bb4fa878deefa4eca5bef, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:82:9e:03:f8:80:17:0a:f3:9f:2b:73:7e:ae: 89:5b:cb:6b:9f:ad:28:25:2e:63:95:6f:f8:07:7a: 81:18:bd:b1:b2:5a:af:01:b4:04:3f:77:57:b4:20: 16:16:ba:c4:e9:61:a1:f1:42:9b:66:c9:fb:48:2d: 51:46:a7:ea:0f:2a:bc:eb:3e:b9:97:66:98:6d:2b: 41:27:c3:8f:16:42:80:7f:f6:b7:33:e9:02:46:9e: a0:a4:65:76:df:7f:84:b0:0e:95:d0:67:63:37:6c: 58:9e:16:b4:82:4d:ec:90:c8:d7:27:d5:c4:95:0e: bc:cf:ca:ed:ef:f7:f5:85:23:8e:b1:a3:66:e6:44: 47:b8:43:62:ae:9d:ae:ae:50:6b:4b:0f:7a:bd:22: 79:5a:de:82:ef:19:25:93:b0:08:33:74:a3:19:59: 78:63:f5:34:68:e2:e6:f8:33:01:fd:76:df:00:e7: f7:44:4b:69:7a:56:66:6d:54:38:90:eb:84:c7:49: 6f:6b:df:ba:2c:5b:57:2e:fb:45:1d:27:10:92:6e: b1:5b:77:5d:22:72:0b:9d:28:59:b1:4e:f1:26:a6: a1:45:61:45:a2:60:af:5e:25:76:ee:ea:db:78:00: 66:04:d0:3e:47:19:10:f4:a7:20:07:bb:4f:48:16: 7c:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:09:76:53:EC:F9:0D:61:1E:73:25:32:AA:C9:22:E8:F3:C1:C5:FE X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5e3a6a73-be0f-463f-a67b-a132e473d6f7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf9:4000::/40 Signature Algorithm: sha256WithRSAEncryption 6c:69:61:99:54:bf:d5:0a:6b:ba:7d:5f:5c:30:b6:43:ac:4f: a0:b4:8e:5b:c6:81:73:24:66:6f:f0:17:67:af:55:58:de:d8: 5a:a0:78:4f:ba:46:43:ad:1e:57:fd:9e:1e:95:cb:e5:d7:1d: df:3c:0a:4b:da:5d:67:30:59:1f:13:f5:fb:8e:42:b7:ff:cf: f3:c2:fe:b6:68:56:a9:23:34:ba:01:d5:53:42:60:df:6f:98: 59:23:58:a3:2b:37:bf:46:f1:23:79:9b:ae:a7:b4:b6:ad:dd: 63:ee:68:1f:15:4f:2d:cf:da:76:72:dc:ff:3b:78:89:ba:e7: 3c:26:b9:fb:1f:ad:e6:11:1a:8d:cc:55:93:5e:30:b9:33:33: 0e:80:12:dc:61:1f:2c:25:f3:dd:75:72:61:02:80:28:15:5b: e3:29:0a:f5:07:9b:48:b7:40:07:99:20:bb:7c:7d:4f:43:25: 50:c1:60:f4:78:eb:05:b0:7b:1c:8d:81:90:88:cc:95:f4:7a: f1:e4:97:92:a1:c3:d7:76:bf:f7:e3:b2:e7:42:ef:59:17:51: 86:6f:6c:be:5b:8d:09:16:97:c6:01:0d:51:f4:3c:9e:08:ae: bd:f1:fb:36:19:f1:72:ec:b7:35:45:63:63:53:d6:87:8c:f9: aa:33:79:92 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUSz/UZ15ZbcZ6Sbzm1McFBo8wdvgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUwMTAwMDAwMFoX DTI0MDYwNTIzNTk1OVowejFJMEcGA1UEBRNAMTU2ZDk2YzhhZmZjOWEwZWQ2MDBj NzM1ZmNhZGFjMTI5NmVlZjIzZDBlNGJiNGZhODc4ZGVlZmE0ZWNhNWJlZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYKeA/iAFwrznytzfq6JW8trn60o JS5jlW/4B3qBGL2xslqvAbQEP3dXtCAWFrrE6WGh8UKbZsn7SC1RRqfqDyq86z65 l2aYbStBJ8OPFkKAf/a3M+kCRp6gpGV233+EsA6V0GdjN2xYnha0gk3skMjXJ9XE lQ68z8rt7/f1hSOOsaNm5kRHuENirp2urlBrSw96vSJ5Wt6C7xklk7AIM3SjGVl4 Y/U0aOLm+DMB/XbfAOf3REtpelZmbVQ4kOuEx0lva9+6LFtXLvtFHScQkm6xW3dd InILnShZsU7xJqahRWFFomCvXiV27urbeABmBNA+RxkQ9KcgB7tPSBZ8aQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFB4JdlPs+Q1hHnMlMqrJIujzwcX+MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVlM2E2YTczLWJlMGYtNDYzZi1hNjdiLWExMzJlNDczZDZmNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+UAwDQYJKoZIhvcNAQELBQADggEBAGxpYZlUv9UKa7p9X1ww tkOsT6C0jlvGgXMkZm/wF2evVVje2FqgeE+6RkOtHlf9nh6Vy+XXHd88CkvaXWcw WR8T9fuOQrf/z/PC/rZoVqkjNLoB1VNCYN9vmFkjWKMrN79G8SN5m66ntLat3WPu aB8VTy3P2nZy3P87eIm65zwmufsfreYRGo3MVZNeMLkzMw6AEtxhHywl8911cmEC gCgVW+MpCvUHm0i3QAeZILt8fU9DJVDBYPR46wWwexyNgZCIzJX0evHkl5Khw9d2 v/fjsudC71kXUYZvbL5bjQkWl8YBDVH0PJ4Irr3x+zYZ8XLstzVFY2NT1oeM+aoz eZI= -----END CERTIFICATE-----Generated at Thu May 9 00:29:36 2024 by rpki-client on console-ams.rpki-client.org