$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/667bae0e-6025-4a25-a289-cdb2e802f6fe.roa File: 667bae0e-6025-4a25-a289-cdb2e802f6fe.roa (raw, json) Hash identifier: rpF8osRGDCkHA9cb6IwlLwcE/B2caor7LRhRajbbJek= Subject key identifier: CC:B5:8D:4D:D6:68:EC:4A:65:08:C3:2F:A1:FA:35:A9:3F:CE:E2:34 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7B5FACD12B202C63DFB0CA57AC27901C4D87F232 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/667bae0e-6025-4a25-a289-cdb2e802f6fe.roa Signing time: Fri 22 Sep 2023 00:00:00 +0000 ROA not before: Fri 22 Sep 2023 00:00:00 +0000 ROA not after: Fri 27 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da12::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Sep 2023 12:02:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:5f:ac:d1:2b:20:2c:63:df:b0:ca:57:ac:27:90:1c:4d:87:f2:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 22 00:00:00 2023 GMT Not After : Oct 27 23:59:59 2023 GMT Subject: serialNumber=3ecb115d52b2b74d791e1b7683133b3672a425e62caad13573b97a078901585c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:f3:05:f7:4f:1f:23:d4:12:64:02:e3:8c:17: 2c:4a:09:ae:4d:e9:ba:90:c7:a9:54:c2:39:68:29: 5a:fa:e2:48:49:af:83:74:0f:24:6f:2e:72:00:4c: ff:8c:e0:d3:b0:86:f5:f8:1f:a6:2d:ad:3b:4b:ac: fd:7c:97:21:be:fc:9e:ac:f9:03:37:c8:cb:8c:f8: 62:14:eb:bd:38:0b:81:0f:78:9f:0b:74:65:c1:0b: 68:e1:a3:ac:c4:55:ed:e5:94:08:1e:38:56:d0:04: ee:62:cd:e8:8c:59:7c:e5:05:fc:b7:53:22:7e:7d: 25:4a:41:7c:ee:e0:29:10:11:6b:b4:7b:84:a7:28: d4:ee:f5:b2:6a:7c:84:ae:c6:97:01:c8:d2:39:66: e9:ae:02:28:d5:55:f0:8c:41:1f:04:80:ac:34:8e: dc:f9:a8:8f:80:dd:c6:93:de:ee:07:07:00:6a:f1: ec:1d:55:8c:96:87:90:81:fd:58:7c:0b:6f:00:c6: 0e:32:c0:60:0d:02:04:09:ee:b9:c0:3a:79:54:b5: cd:75:37:61:24:ae:a1:6e:cc:0d:54:bb:90:bc:f4: 77:30:b7:33:68:ef:5d:46:90:8f:d9:e1:a5:e3:b0: 67:fa:1d:35:7b:c4:9c:ee:1f:29:a6:6b:0d:91:3e: d8:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:B5:8D:4D:D6:68:EC:4A:65:08:C3:2F:A1:FA:35:A9:3F:CE:E2:34 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/667bae0e-6025-4a25-a289-cdb2e802f6fe.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da12::/36 Signature Algorithm: sha256WithRSAEncryption 7d:2b:a5:fd:67:e1:0f:33:91:9e:3f:97:7b:3a:dc:af:82:f0: 1c:b1:7c:8c:e2:40:df:6a:a3:21:d0:5d:29:70:c6:54:e5:af: 5a:33:d2:59:27:66:4d:6a:27:7d:f1:5a:59:3f:96:47:ce:7a: be:8b:6c:02:a5:63:b5:f9:c6:19:3e:51:2f:79:9e:27:2f:12: d8:c1:06:7d:1d:0f:cb:85:04:b8:56:86:fd:f2:68:fd:54:8c: 0f:01:06:a7:d0:b6:ee:87:db:62:9f:50:a5:15:c1:ec:d5:fe: f7:c2:bf:66:e9:ab:51:01:02:56:9d:64:4b:3e:9a:55:fa:9c: be:3c:7d:57:69:6b:bd:86:d1:c0:04:3b:e6:76:2d:36:9c:b9: 8c:96:37:59:1b:e3:30:4f:5a:9b:04:07:8b:d8:47:42:3c:71: 41:05:23:1d:fd:1c:e5:52:36:7c:8e:c9:d5:30:e5:ed:30:75: 64:a2:bc:70:60:96:b3:5b:13:73:f8:bc:86:a2:32:50:54:a0: 7b:52:fa:55:fb:68:6d:6a:71:f3:c7:20:23:6a:34:ce:b8:8d: 4f:77:73:c1:f0:96:5c:9c:90:5a:1c:2c:a9:a8:ce:ab:59:a3: cb:c2:79:c9:4d:dc:8a:d1:4a:59:3e:25:50:18:c2:85:c7:e2: ca:8a:e2:ae -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUe1+s0SsgLGPfsMpXrCeQHE2H8jIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkyMjAwMDAwMFoX DTIzMTAyNzIzNTk1OVowejFJMEcGA1UEBRNAM2VjYjExNWQ1MmIyYjc0ZDc5MWUx Yjc2ODMxMzNiMzY3MmE0MjVlNjJjYWFkMTM1NzNiOTdhMDc4OTAxNTg1YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2vMF908fI9QSZALjjBcsSgmuTem6 kMepVMI5aCla+uJISa+DdA8kby5yAEz/jODTsIb1+B+mLa07S6z9fJchvvyerPkD N8jLjPhiFOu9OAuBD3ifC3RlwQto4aOsxFXt5ZQIHjhW0ATuYs3ojFl85QX8t1Mi fn0lSkF87uApEBFrtHuEpyjU7vWyanyErsaXAcjSOWbprgIo1VXwjEEfBICsNI7c +aiPgN3Gk97uBwcAavHsHVWMloeQgf1YfAtvAMYOMsBgDQIECe65wDp5VLXNdTdh JK6hbswNVLuQvPR3MLczaO9dRpCP2eGl47Bn+h01e8Sc7h8ppmsNkT7YGQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMy1jU3WaOxKZQjDL6H6Nak/zuI0MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY2N2JhZTBlLTYwMjUtNGEyNS1hMjg5LWNkYjJlODAyZjZmZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaEgAwDQYJKoZIhvcNAQELBQADggEBAH0rpf1n4Q8zkZ4/l3s6 3K+C8ByxfIziQN9qoyHQXSlwxlTlr1oz0lknZk1qJ33xWlk/lkfOer6LbAKlY7X5 xhk+US95nicvEtjBBn0dD8uFBLhWhv3yaP1UjA8BBqfQtu6H22KfUKUVwezV/vfC v2bpq1EBAladZEs+mlX6nL48fVdpa72G0cAEO+Z2LTacuYyWN1kb4zBPWpsEB4vY R0I8cUEFIx39HOVSNnyOydUw5e0wdWSivHBglrNbE3P4vIaiMlBUoHtS+lX7aG1q cfPHICNqNM64jU93c8HwllyckFocLKmozqtZo8vCeclN3IrRSlk+JVAYwoXH4sqK 4q4= -----END CERTIFICATE-----Generated at Fri Sep 22 00:30:05 2023 by rpki-client on console-fra.rpki-client.org