$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/64aa810d-cc7f-45fe-b794-d290c3a511c5.roa File: 64aa810d-cc7f-45fe-b794-d290c3a511c5.roa (raw, json) Hash identifier: AnVdqzNeaRqpyKd1l+3UoX5zMb0x7h3tc+Ko5PFtRxw= Subject key identifier: C5:08:7A:FB:ED:F9:06:86:87:8B:96:10:1A:1C:7E:71:8F:23:E9:15 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4851AECD57C10BEE5836E1289969C6C0B2EF389C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/64aa810d-cc7f-45fe-b794-d290c3a511c5.roa Signing time: Sat 06 Apr 2024 00:00:00 +0000 ROA not before: Sat 06 Apr 2024 00:00:00 +0000 ROA not after: Sat 11 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Apr 2024 00:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:51:ae:cd:57:c1:0b:ee:58:36:e1:28:99:69:c6:c0:b2:ef:38:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 6 00:00:00 2024 GMT Not After : May 11 23:59:59 2024 GMT Subject: serialNumber=299af57b1973e03971cce1b4984a7f7769c4b315e2e05601522f3432d61b5a9e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:c0:3c:5b:e9:ab:75:a0:10:83:71:57:c5:4b: 04:2d:ea:11:97:76:72:a4:0c:a4:94:11:40:9a:53: d9:3a:18:91:fd:a0:aa:b4:93:44:ce:37:48:1e:20: 35:ef:36:db:b1:ec:bb:58:9f:27:c6:3b:ab:4d:65: 59:71:4c:28:0c:bb:0c:d8:1e:da:e5:25:d7:01:01: ef:0d:48:fe:6a:3a:ed:ea:0f:a9:80:e1:ae:3f:83: b4:da:06:77:43:89:46:f0:b2:14:57:eb:c4:ed:cc: b6:7d:eb:83:ce:44:4f:eb:99:0b:96:a9:fb:bb:58: f7:82:c3:cb:ef:6d:d3:64:2e:79:5a:a7:4f:1f:04: 04:74:c6:2a:e2:07:b1:f5:cb:c2:3d:28:e4:83:25: 27:8b:d5:c2:49:13:97:bc:cd:1d:e0:0d:50:73:9d: 75:6a:d8:94:ca:94:94:89:ea:b2:68:88:e8:ce:05: 21:bf:25:2d:86:de:85:3f:c8:99:d1:8c:31:7f:40: 8a:d5:e0:70:18:35:71:0e:ee:b7:88:5f:ff:6a:69: 34:2d:eb:55:8c:58:13:67:ab:6c:48:c3:b1:ce:a0: 8d:ca:30:d1:dd:75:cc:fa:4f:d6:25:9c:90:b7:20: 50:47:2f:ac:b9:df:e7:c9:fe:9a:a8:08:6d:ee:12: 38:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:08:7A:FB:ED:F9:06:86:87:8B:96:10:1A:1C:7E:71:8F:23:E9:15 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/64aa810d-cc7f-45fe-b794-d290c3a511c5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:e000::/40 Signature Algorithm: sha256WithRSAEncryption a2:93:0d:eb:41:e2:5d:01:a2:5d:39:24:37:b1:d7:4a:ca:7e: 70:13:0f:8d:5b:b8:b5:54:dc:60:b2:fd:c0:0c:8b:4a:46:a3: 39:78:d8:47:5a:05:b5:73:5a:27:50:c2:99:4a:92:c1:a6:cc: a3:dc:2b:a1:20:ff:f1:7e:0f:72:34:69:4a:c7:3a:48:9b:af: 43:01:8e:0e:c5:bc:7d:98:6f:17:51:5f:ea:37:cc:e9:58:f0: 3d:4a:5e:af:05:f9:1e:c1:f5:32:33:92:23:4e:1c:36:47:67: 69:1c:1b:57:3a:49:87:3b:cc:94:b5:b3:a6:f5:26:ec:4a:37: d5:99:cb:4b:60:c8:4b:c7:ed:27:0c:0c:52:a6:b0:10:df:74: 63:f6:a2:4d:9c:b1:b3:9b:9a:3f:27:23:5e:9b:56:b7:c7:1c: 58:fe:e7:ac:a1:03:e1:d0:af:f2:ca:06:49:b9:d1:0e:05:ed: 0b:45:8b:56:f4:23:74:36:ab:b4:5a:75:c7:b4:93:6a:d3:e6: 50:48:e4:ff:ee:f3:59:e9:a7:0e:f8:9f:56:52:4e:1a:55:b2: 59:07:17:4d:2e:fe:f4:0b:69:29:a9:24:56:c7:f9:fc:5d:84: 78:da:ef:ea:72:29:98:fb:b8:13:b0:1d:01:c7:b9:fc:cf:3b: 29:1e:d0:0e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUSFGuzVfBC+5YNuEomWnGwLLvOJwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQwNjAwMDAwMFoX DTI0MDUxMTIzNTk1OVowejFJMEcGA1UEBRNAMjk5YWY1N2IxOTczZTAzOTcxY2Nl MWI0OTg0YTdmNzc2OWM0YjMxNWUyZTA1NjAxNTIyZjM0MzJkNjFiNWE5ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4cA8W+mrdaAQg3FXxUsELeoRl3Zy pAyklBFAmlPZOhiR/aCqtJNEzjdIHiA17zbbsey7WJ8nxjurTWVZcUwoDLsM2B7a 5SXXAQHvDUj+ajrt6g+pgOGuP4O02gZ3Q4lG8LIUV+vE7cy2feuDzkRP65kLlqn7 u1j3gsPL723TZC55WqdPHwQEdMYq4gex9cvCPSjkgyUni9XCSROXvM0d4A1Qc511 atiUypSUieqyaIjozgUhvyUtht6FP8iZ0Ywxf0CK1eBwGDVxDu63iF//amk0LetV jFgTZ6tsSMOxzqCNyjDR3XXM+k/WJZyQtyBQRy+sud/nyf6aqAht7hI4vwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMUIevvt+QaGh4uWEBocfnGPI+kVMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY0YWE4MTBkLWNjN2YtNDVmZS1iNzk0LWQyOTBjM2E1MTFjNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8eAwDQYJKoZIhvcNAQELBQADggEBAKKTDetB4l0Bol05JDex 10rKfnATD41buLVU3GCy/cAMi0pGozl42EdaBbVzWidQwplKksGmzKPcK6Eg//F+ D3I0aUrHOkibr0MBjg7FvH2YbxdRX+o3zOlY8D1KXq8F+R7B9TIzkiNOHDZHZ2kc G1c6SYc7zJS1s6b1JuxKN9WZy0tgyEvH7ScMDFKmsBDfdGP2ok2csbObmj8nI16b VrfHHFj+56yhA+HQr/LKBkm50Q4F7QtFi1b0I3Q2q7Radce0k2rT5lBI5P/u81np pw74n1ZSThpVslkHF00u/vQLaSmpJFbH+fxdhHja7+pyKZj7uBOwHQHHufzPOyke 0A4= -----END CERTIFICATE-----Generated at Thu Apr 25 00:30:39 2024 by rpki-client on console-fra.rpki-client.org