$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6018436a-9c1a-42cb-8584-15032be971bb.roa File: 6018436a-9c1a-42cb-8584-15032be971bb.roa (raw, json) Hash identifier: jKI14x0Vq73hLe9AwXsqpsIjaVUQRfdHUbKqMf+6zws= Subject key identifier: 18:21:AF:A2:07:CD:DA:8B:EF:5B:40:5F:60:A1:1C:4B:21:44:83:E6 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 37863D978313F9AABE6AEED3B3DC85C1CB901633 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6018436a-9c1a-42cb-8584-15032be971bb.roa Signing time: Mon 11 Sep 2023 00:00:00 +0000 ROA not before: Mon 11 Sep 2023 00:00:00 +0000 ROA not after: Mon 16 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da24::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 Sep 2023 03:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:86:3d:97:83:13:f9:aa:be:6a:ee:d3:b3:dc:85:c1:cb:90:16:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 11 00:00:00 2023 GMT Not After : Oct 16 23:59:59 2023 GMT Subject: serialNumber=9e06b5a9b11747678041b7499b57fb2b8a31713cab3149300c51b4b0db5551c2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:aa:c7:af:26:26:bc:f7:dd:5a:1e:d1:16:6d: d6:53:4e:bb:71:b1:f6:e6:f5:4c:7f:57:57:1d:ee: ea:13:84:89:6d:2f:62:fb:23:5e:23:a0:2a:2f:77: 2a:57:9d:55:77:e8:be:2c:02:a1:fc:f0:ef:b9:41: d2:33:a5:66:dc:dc:f9:fa:b7:ef:b2:90:d7:4b:e9: 19:3c:2b:a3:c2:c7:0c:c8:8f:6f:64:1c:32:0b:b7: 4e:c0:6c:9a:b6:6f:e2:4c:f9:04:86:bf:f7:ee:a2: 37:28:75:11:a0:2b:4a:4e:c3:dd:76:d4:0f:da:0f: d0:82:2c:94:41:9b:f2:72:c7:df:93:e0:a8:83:3a: b8:14:7d:11:93:48:70:0d:e7:0f:af:cd:4c:73:a6: a6:82:f9:dd:be:c6:2c:37:3e:93:33:c4:8f:47:1f: 8b:39:36:85:31:5d:8d:02:5d:f6:d3:1d:1f:46:3c: 2f:a1:00:24:c9:a3:c6:63:f3:71:73:2f:c0:d3:53: ea:5f:f1:6d:89:a9:7f:a8:8b:2c:bd:df:8a:6d:46: f7:67:24:6b:55:4c:c4:87:b1:6e:ea:3c:56:1d:23: 8b:f8:fc:06:ab:16:11:e8:1d:42:f3:cd:37:96:38: 8b:12:a3:56:1b:2f:df:2f:d6:b2:a9:ae:e3:0a:db: 93:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:21:AF:A2:07:CD:DA:8B:EF:5B:40:5F:60:A1:1C:4B:21:44:83:E6 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6018436a-9c1a-42cb-8584-15032be971bb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da24::/36 Signature Algorithm: sha256WithRSAEncryption 90:8b:cf:19:88:d8:89:d3:f3:50:f3:37:c3:33:8d:c6:8f:41: 25:d0:e2:d3:d9:ad:43:58:e3:fb:a7:f6:fe:73:e4:77:64:30: 7d:b6:07:b3:7e:5d:5e:34:22:d2:4c:bd:7d:5e:c1:b0:23:18: b7:f9:b5:f9:41:12:02:70:11:dc:d8:ab:3b:cb:d3:7d:e9:fc: a9:c2:7c:2b:fd:0a:2b:a6:67:54:b3:ab:5d:29:3a:a1:e2:1d: 6b:21:5f:8a:1e:90:dd:0a:5f:1f:11:29:01:11:70:89:5a:8a: 30:96:f9:6a:63:23:a6:2d:d3:68:68:12:4d:ee:d2:27:6b:0f: f3:1a:24:ee:05:67:7b:2c:46:7f:14:8c:0f:f3:69:ca:75:74: 31:ee:81:50:28:16:06:68:bc:48:8a:67:27:5c:00:5e:6a:27: fd:ee:b0:63:e6:42:b1:e8:db:a3:26:b0:6a:3e:68:c3:34:2f: 64:9c:d8:93:86:6b:2e:82:18:68:7a:e8:7a:53:d9:bc:7e:24: bb:a7:bf:76:73:19:c5:4c:ea:a6:33:b6:8b:fb:4c:6a:1e:c0: 88:ca:7e:ec:48:6b:ef:e6:25:80:e3:46:ed:46:49:05:95:b4: 8e:54:4f:93:a0:a6:c8:77:91:87:cf:98:8e:ca:a6:50:95:9a: ce:2a:b4:c6 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUN4Y9l4MT+aq+au7Ts9yFwcuQFjMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkxMTAwMDAwMFoX DTIzMTAxNjIzNTk1OVowejFJMEcGA1UEBRNAOWUwNmI1YTliMTE3NDc2NzgwNDFi NzQ5OWI1N2ZiMmI4YTMxNzEzY2FiMzE0OTMwMGM1MWI0YjBkYjU1NTFjMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6rHryYmvPfdWh7RFm3WU067cbH2 5vVMf1dXHe7qE4SJbS9i+yNeI6AqL3cqV51Vd+i+LAKh/PDvuUHSM6Vm3Nz5+rfv spDXS+kZPCujwscMyI9vZBwyC7dOwGyatm/iTPkEhr/37qI3KHURoCtKTsPddtQP 2g/QgiyUQZvycsffk+Cogzq4FH0Rk0hwDecPr81Mc6amgvndvsYsNz6TM8SPRx+L OTaFMV2NAl320x0fRjwvoQAkyaPGY/Nxcy/A01PqX/Ftial/qIssvd+KbUb3ZyRr VUzEh7Fu6jxWHSOL+PwGqxYR6B1C8803ljiLEqNWGy/fL9ayqa7jCtuTVQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBghr6IHzdqL71tAX2ChHEshRIPmMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzYwMTg0MzZhLTljMWEtNDJjYi04NTg0LTE1MDMyYmU5NzFiYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaJAAwDQYJKoZIhvcNAQELBQADggEBAJCLzxmI2InT81DzN8Mz jcaPQSXQ4tPZrUNY4/un9v5z5HdkMH22B7N+XV40ItJMvX1ewbAjGLf5tflBEgJw EdzYqzvL033p/KnCfCv9CiumZ1Szq10pOqHiHWshX4oekN0KXx8RKQERcIlaijCW +WpjI6Yt02hoEk3u0idrD/MaJO4FZ3ssRn8UjA/zacp1dDHugVAoFgZovEiKZydc AF5qJ/3usGPmQrHo26MmsGo+aMM0L2Sc2JOGay6CGGh66HpT2bx+JLunv3ZzGcVM 6qYztov7TGoewIjKfuxIa+/mJYDjRu1GSQWVtI5UT5Ogpsh3kYfPmI7KplCVms4q tMY= -----END CERTIFICATE-----Generated at Mon Sep 11 15:39:31 2023 by rpki-client on console-ams.rpki-client.org