$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/66c75786-d155-4d77-8244-4d1048cecdfa.roa File: 66c75786-d155-4d77-8244-4d1048cecdfa.roa (raw, json) Hash identifier: z208PqNboPt8wmnNWapa94tSZdowPgTh4NxDfBVkv8o= Subject key identifier: 1D:B8:08:DD:0A:E9:AB:04:18:D4:4A:A2:CF:9D:1E:01:6A:25:61:31 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3EF56194B21DF8AF915D74954573989895219108 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/66c75786-d155-4d77-8244-4d1048cecdfa.roa Signing time: Wed 10 Apr 2024 00:00:00 +0000 ROA not before: Wed 10 Apr 2024 00:00:00 +0000 ROA not after: Wed 15 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 07 May 2024 00:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:f5:61:94:b2:1d:f8:af:91:5d:74:95:45:73:98:98:95:21:91:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 10 00:00:00 2024 GMT Not After : May 15 23:59:59 2024 GMT Subject: serialNumber=5518d2f4f32d8adc24815c145174440f41907c38e8f43d52ee7867703aa4c5d1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:1e:5e:4e:03:55:7d:c6:4d:bb:d1:33:94:34: 40:b8:ec:12:8a:a7:5e:9b:2e:f6:a4:60:f7:1d:4f: 00:12:b7:43:c5:61:20:61:c7:c7:43:32:7d:28:f5: fd:f8:10:4d:4a:a3:c7:1a:dd:5a:ee:a7:5f:ab:cc: d3:31:56:65:d7:c0:79:c5:e6:db:c8:f5:aa:e8:6e: 1c:f8:44:14:a8:9f:10:78:ad:fb:50:81:9f:b7:b5: b9:ce:69:36:9b:43:60:70:e4:a1:07:2b:88:ff:43: bc:f9:e9:f9:bf:c9:46:96:01:17:04:d6:a4:8d:ef: b5:ff:82:3c:c4:bc:86:30:e9:1e:cb:34:0b:7a:1f: 01:10:20:98:12:42:6b:e2:3d:70:b3:08:97:d1:59: 8a:ec:50:73:40:02:05:b4:bb:b2:1f:80:7d:c1:96: 46:3b:a2:9d:35:d7:82:c0:e4:d2:c1:3e:d2:a5:6c: 5a:72:8a:f8:58:b7:1d:76:e5:67:eb:ac:69:f4:e7: 3d:d0:c3:2c:12:9d:29:a9:88:1a:09:dc:9a:09:48: 26:8b:9f:ce:5b:f1:37:89:ac:d8:03:74:57:1a:93: 07:d7:c6:bd:65:70:b3:3d:6c:a2:e0:7a:06:a6:ff: 73:28:16:b2:1d:53:ab:d1:b6:91:b3:56:b7:bc:26: 39:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:B8:08:DD:0A:E9:AB:04:18:D4:4A:A2:CF:9D:1E:01:6A:25:61:31 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/66c75786-d155-4d77-8244-4d1048cecdfa.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:800::/40 Signature Algorithm: sha256WithRSAEncryption c4:da:f5:0b:bd:80:81:1e:3b:5f:c6:d7:d8:f1:2b:75:22:c7: 72:cc:29:d4:08:07:fc:25:7e:cf:b6:c9:ce:e9:42:ad:84:a7: 60:ab:18:da:95:44:a5:f7:81:f1:9f:9f:4c:1a:b0:8d:43:88: 8d:6d:3c:eb:30:8e:13:9f:92:d1:0d:ff:f7:52:d3:b5:8e:ec: 4e:c2:43:c8:b9:63:89:8e:cf:eb:cc:0e:74:ff:ab:71:63:91: 13:a8:70:bb:3a:c4:0f:9c:56:fb:a3:2c:6f:e8:0c:d1:4f:7b: 8d:9f:15:2a:be:2b:53:6a:2a:1b:2b:f5:c8:1a:db:99:af:7e: b1:8d:c5:24:70:af:03:c7:1b:96:f7:f5:37:8f:e5:87:73:0a: 16:5e:97:47:df:cf:dd:f4:97:2e:f7:0a:83:9d:d2:5b:cc:2f: 41:0d:72:4f:8f:7e:d9:02:73:8a:11:5f:36:23:6d:d1:47:06: 45:08:7d:e9:28:6d:ea:08:61:db:97:6e:fd:92:4d:55:78:4e: 13:a6:50:91:07:ae:1f:5f:c5:e2:ad:86:5f:45:d3:7f:42:95: 56:b4:07:a0:76:7f:dc:d5:cc:f3:5e:e3:b0:a5:87:3f:ce:2f: 43:54:be:84:f3:15:5e:3b:97:73:0d:be:13:96:8e:60:58:93: e7:d7:9c:35 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPvVhlLId+K+RXXSVRXOYmJUhkQgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQxMDAwMDAwMFoX DTI0MDUxNTIzNTk1OVowejFJMEcGA1UEBRNANTUxOGQyZjRmMzJkOGFkYzI0ODE1 YzE0NTE3NDQ0MGY0MTkwN2MzOGU4ZjQzZDUyZWU3ODY3NzAzYWE0YzVkMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyB5eTgNVfcZNu9EzlDRAuOwSiqde my72pGD3HU8AErdDxWEgYcfHQzJ9KPX9+BBNSqPHGt1a7qdfq8zTMVZl18B5xebb yPWq6G4c+EQUqJ8QeK37UIGft7W5zmk2m0NgcOShByuI/0O8+en5v8lGlgEXBNak je+1/4I8xLyGMOkeyzQLeh8BECCYEkJr4j1wswiX0VmK7FBzQAIFtLuyH4B9wZZG O6KdNdeCwOTSwT7SpWxacor4WLcdduVn66xp9Oc90MMsEp0pqYgaCdyaCUgmi5/O W/E3iazYA3RXGpMH18a9ZXCzPWyi4HoGpv9zKBayHVOr0baRs1a3vCY54wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFB24CN0K6asEGNRKos+dHgFqJWExMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY2Yzc1Nzg2LWQxNTUtNGQ3Ny04MjQ0LTRkMTA0OGNlY2RmYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+wgwDQYJKoZIhvcNAQELBQADggEBAMTa9Qu9gIEeO1/G19jx K3Uix3LMKdQIB/wlfs+2yc7pQq2Ep2CrGNqVRKX3gfGfn0wasI1DiI1tPOswjhOf ktEN//dS07WO7E7CQ8i5Y4mOz+vMDnT/q3FjkROocLs6xA+cVvujLG/oDNFPe42f FSq+K1NqKhsr9cga25mvfrGNxSRwrwPHG5b39TeP5YdzChZel0ffz930ly73CoOd 0lvML0ENck+PftkCc4oRXzYjbdFHBkUIfekobeoIYduXbv2STVV4ThOmUJEHrh9f xeKthl9F039ClVa0B6B2f9zVzPNe47Clhz/OL0NUvoTzFV47l3MNvhOWjmBYk+fX nDU= -----END CERTIFICATE-----Generated at Fri May 3 00:27:27 2024 by rpki-client on console-fra.rpki-client.org