$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6055c99a-8ca5-4e31-bf2f-3b75ddd3d70d.roa File: 6055c99a-8ca5-4e31-bf2f-3b75ddd3d70d.roa (raw, json) Hash identifier: iGKUhKMAQ/LaEXyW7ZVflhxy+WayQuj6GrCI8sZwJGE= Subject key identifier: F5:EC:CB:5E:02:35:A4:D3:53:7B:8A:52:8B:BB:5A:2E:64:C2:05:BF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3F5DDF1D79CC65CCFEB15B00A183CDD7E5DB93AB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6055c99a-8ca5-4e31-bf2f-3b75ddd3d70d.roa Signing time: Sat 06 Apr 2024 00:00:00 +0000 ROA not before: Sat 06 Apr 2024 00:00:00 +0000 ROA not after: Sat 11 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Apr 2024 00:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:5d:df:1d:79:cc:65:cc:fe:b1:5b:00:a1:83:cd:d7:e5:db:93:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 6 00:00:00 2024 GMT Not After : May 11 23:59:59 2024 GMT Subject: serialNumber=dce0125955e25a9e87b9f8653fe13f2bb5830d3187a42832401ccd88339689e9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:4f:bb:f0:6b:1a:0c:9e:49:83:26:27:59:dc: fa:97:f4:c7:4b:b2:d6:8f:9f:3a:34:f8:32:60:ae: 58:81:a5:f6:5f:94:d7:21:a0:39:fd:8f:cf:be:2b: b1:a8:b9:c8:17:a4:fa:ae:52:cd:d8:4c:93:ef:5b: 4d:bf:fa:7e:5c:d6:b4:57:d2:cf:66:08:c7:98:a0: bf:15:c3:e6:8e:46:2d:c1:da:66:b4:70:5d:67:af: c8:32:41:cf:5c:56:7f:67:89:5a:57:74:d6:ed:aa: d3:2c:1e:99:00:89:07:5c:6f:0f:6d:6f:c6:ee:51: a9:ca:8f:fa:d3:c7:89:0d:16:c0:75:be:12:43:98: d3:0c:96:27:80:98:db:12:d5:e8:24:f0:09:af:97: c3:f4:a7:ba:00:b5:39:f4:97:7b:4c:a3:de:db:ec: 57:73:0c:70:30:1f:f4:68:89:4d:1b:b4:1c:31:ef: 15:92:fa:b6:6e:8f:3d:0c:a5:d8:28:44:c0:34:c2: ac:a1:3e:91:0a:a9:a9:bd:00:62:f8:13:b8:c1:81: 34:59:b7:ef:62:ff:cd:26:71:9b:12:07:e5:25:2a: f4:6a:d3:9b:f6:5d:c2:6c:61:57:2b:da:80:54:a8: c5:fd:e4:4c:3c:b7:8d:77:c4:c2:e2:13:03:41:a0: ce:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:EC:CB:5E:02:35:A4:D3:53:7B:8A:52:8B:BB:5A:2E:64:C2:05:BF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6055c99a-8ca5-4e31-bf2f-3b75ddd3d70d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:1000::/40 Signature Algorithm: sha256WithRSAEncryption ae:23:c4:54:d7:1c:b8:3f:6f:ac:e8:bf:99:1a:b9:89:82:a6: 70:23:2d:fa:48:7d:b5:3c:2d:74:33:93:97:f6:4a:5c:e1:3f: 14:f9:66:f0:8f:91:7c:18:69:70:df:c2:5e:ff:8d:2f:7e:f2: 8b:0c:80:ab:f5:d3:89:17:a7:c1:c6:24:bb:e0:c9:c4:8c:96: b7:0c:00:1f:25:85:56:7d:fa:7c:9e:e4:4e:22:6d:4e:59:16: 98:96:4d:02:91:de:fe:11:82:80:a4:6c:a5:c2:36:71:50:cc: ca:5c:13:07:c3:87:de:2e:ca:06:fd:ce:92:50:3c:97:da:7a: 1d:4d:b3:5f:49:e1:ab:8c:b4:09:5c:de:f3:aa:90:26:91:a2: c3:d3:5d:50:f5:2d:41:77:48:49:9d:a7:3c:f4:69:69:6e:04: 7d:b4:7a:57:b6:71:72:14:fe:59:d6:73:df:dd:09:d9:80:dd: 41:29:98:b6:99:58:cc:e6:b0:e4:23:4b:5d:5e:0b:a8:33:87: eb:53:45:8d:d8:4f:c3:30:c3:40:34:22:16:33:fd:9f:19:f3: bb:d0:e3:5e:09:80:3d:67:d9:57:a6:a1:6d:7a:4f:ce:39:a4: d2:ca:cc:e7:4c:48:8f:83:84:6b:ac:49:53:44:f8:d1:45:f3: b1:74:b2:87 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUP13fHXnMZcz+sVsAoYPN1+Xbk6swDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQwNjAwMDAwMFoX DTI0MDUxMTIzNTk1OVowejFJMEcGA1UEBRNAZGNlMDEyNTk1NWUyNWE5ZTg3Yjlm ODY1M2ZlMTNmMmJiNTgzMGQzMTg3YTQyODMyNDAxY2NkODgzMzk2ODllOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsE+78GsaDJ5JgyYnWdz6l/THS7LW j586NPgyYK5YgaX2X5TXIaA5/Y/PviuxqLnIF6T6rlLN2EyT71tNv/p+XNa0V9LP ZgjHmKC/FcPmjkYtwdpmtHBdZ6/IMkHPXFZ/Z4laV3TW7arTLB6ZAIkHXG8PbW/G 7lGpyo/608eJDRbAdb4SQ5jTDJYngJjbEtXoJPAJr5fD9Ke6ALU59Jd7TKPe2+xX cwxwMB/0aIlNG7QcMe8Vkvq2bo89DKXYKETANMKsoT6RCqmpvQBi+BO4wYE0Wbfv Yv/NJnGbEgflJSr0atOb9l3CbGFXK9qAVKjF/eRMPLeNd8TC4hMDQaDO+wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPXsy14CNaTTU3uKUou7Wi5kwgW/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzYwNTVjOTlhLThjYTUtNGUzMS1iZjJmLTNiNzVkZGQzZDcwZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaABAwDQYJKoZIhvcNAQELBQADggEBAK4jxFTXHLg/b6zov5ka uYmCpnAjLfpIfbU8LXQzk5f2SlzhPxT5ZvCPkXwYaXDfwl7/jS9+8osMgKv104kX p8HGJLvgycSMlrcMAB8lhVZ9+nye5E4ibU5ZFpiWTQKR3v4RgoCkbKXCNnFQzMpc EwfDh94uygb9zpJQPJfaeh1Ns19J4auMtAlc3vOqkCaRosPTXVD1LUF3SEmdpzz0 aWluBH20ele2cXIU/lnWc9/dCdmA3UEpmLaZWMzmsOQjS11eC6gzh+tTRY3YT8Mw w0A0IhYz/Z8Z87vQ414JgD1n2VemoW16T845pNLKzOdMSI+DhGusSVNE+NFF87F0 soc= -----END CERTIFICATE-----Generated at Thu Apr 25 00:30:39 2024 by rpki-client on console-fra.rpki-client.org