$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67271318-4a3b-4256-a685-4530831f03f1.roa File: 67271318-4a3b-4256-a685-4530831f03f1.roa (raw, json) Hash identifier: m2syFcrdtuc8bDwbUvua7S23lGUBUhPzZzKNMlzUBKE= Subject key identifier: 67:BC:F5:F4:D7:0E:D7:3A:D9:F9:9C:97:F8:D2:66:9C:08:FF:71:8C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 753A08CDD7AE8CB05016AB1DE6C4E32DA4AC1C2C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67271318-4a3b-4256-a685-4530831f03f1.roa Signing time: Tue 23 Apr 2024 00:00:00 +0000 ROA not before: Tue 23 Apr 2024 00:00:00 +0000 ROA not after: Tue 28 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:c800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 09 May 2024 00:01:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:3a:08:cd:d7:ae:8c:b0:50:16:ab:1d:e6:c4:e3:2d:a4:ac:1c:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 23 00:00:00 2024 GMT Not After : May 28 23:59:59 2024 GMT Subject: serialNumber=58e878ac900baa67efee65d42335711d9ce736916025416b2ca4937c348bdea5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:fa:15:0f:03:b0:8d:12:ad:56:ea:a0:03:7a: 04:d3:b2:78:89:f6:50:74:14:ab:03:a9:7c:de:4f: 78:e3:23:07:60:79:c1:6e:9a:64:60:d9:dd:c4:66: 4f:65:ba:12:d9:b5:63:bb:d7:c8:89:d2:47:2e:c0: 0d:1d:7e:cb:5c:72:1d:27:90:6b:79:9d:c9:77:43: 1c:19:66:64:45:ca:47:00:21:7b:e0:69:7a:be:69: ab:a4:59:f3:e5:75:db:68:b7:2b:b9:50:db:55:32: 9d:03:a3:3f:b4:cb:dd:28:8a:b1:9f:3c:8c:a9:cc: 4f:24:06:76:d7:8c:5d:83:71:7f:9e:00:9a:06:ab: 70:73:f1:14:73:39:23:19:8a:7d:8d:25:5b:a5:88: 10:81:ac:3f:07:c8:e4:82:ec:09:ca:35:c5:1b:e6: 20:46:4e:cf:4c:b5:e1:7f:b9:25:83:29:06:fd:03: f8:f1:dd:c7:73:43:93:81:2a:4e:10:8e:d7:75:fb: af:80:99:ef:67:6e:d4:00:81:02:1a:49:dc:a7:31: 80:14:b4:cc:8c:b0:46:bc:17:f6:d0:73:11:1f:6d: d8:ce:3b:47:18:78:91:ea:37:2c:72:95:0a:eb:60: 4c:22:ef:59:8a:0e:50:e2:76:85:98:8f:75:29:e3: a5:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:BC:F5:F4:D7:0E:D7:3A:D9:F9:9C:97:F8:D2:66:9C:08:FF:71:8C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67271318-4a3b-4256-a685-4530831f03f1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:c800::/40 Signature Algorithm: sha256WithRSAEncryption 49:50:2d:e8:59:be:8b:e7:7f:a6:6d:cc:bd:1e:64:a3:21:a9: 26:6d:98:68:c2:ef:1f:32:a4:07:f0:ba:90:25:3e:27:a9:90: 13:6f:eb:dd:3d:6f:3c:bd:e2:d3:33:d2:f6:ef:df:8c:23:79: e9:80:b0:52:29:51:4a:a2:79:10:9d:af:2b:1d:77:d3:80:30: e1:00:4d:15:5b:7b:2a:30:cb:ae:cb:99:c6:45:c0:eb:88:a8: 1d:8b:6a:c4:6a:a0:bb:6d:2e:80:03:a2:d1:3a:ad:a3:92:db: 64:f2:3a:1a:1f:0c:55:01:38:7d:98:c6:a7:f8:c8:a0:a4:89: 84:8d:53:62:d7:19:3c:1e:4b:9f:f6:97:6b:3d:15:30:8e:69: 83:e4:fd:32:b7:f0:62:22:33:91:1a:9e:14:8f:79:71:0a:66: 1d:24:22:18:3f:f3:e8:2d:89:64:44:42:68:f2:7c:c0:32:56: da:61:9b:19:74:7e:36:50:7c:8e:b7:15:52:6e:8c:f7:52:65: 4f:0a:0f:fb:f6:31:71:7b:b3:18:86:94:62:44:f6:1a:6d:16: d4:6c:25:5b:84:e6:ce:57:d3:97:d8:5d:95:12:b1:25:85:9e: 95:0e:19:78:b6:e1:3e:eb:e7:ef:b1:9b:41:15:af:ba:ed:68: f8:ff:6c:97 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUdToIzdeujLBQFqsd5sTjLaSsHCwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQyMzAwMDAwMFoX DTI0MDUyODIzNTk1OVowejFJMEcGA1UEBRNANThlODc4YWM5MDBiYWE2N2VmZWU2 NWQ0MjMzNTcxMWQ5Y2U3MzY5MTYwMjU0MTZiMmNhNDkzN2MzNDhiZGVhNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvoVDwOwjRKtVuqgA3oE07J4ifZQ dBSrA6l83k944yMHYHnBbppkYNndxGZPZboS2bVju9fIidJHLsANHX7LXHIdJ5Br eZ3Jd0McGWZkRcpHACF74Gl6vmmrpFnz5XXbaLcruVDbVTKdA6M/tMvdKIqxnzyM qcxPJAZ214xdg3F/ngCaBqtwc/EUczkjGYp9jSVbpYgQgaw/B8jkguwJyjXFG+Yg Rk7PTLXhf7klgykG/QP48d3Hc0OTgSpOEI7XdfuvgJnvZ27UAIECGkncpzGAFLTM jLBGvBf20HMRH23YzjtHGHiR6jcscpUK62BMIu9Zig5Q4naFmI91KeOlywIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGe89fTXDtc62fmcl/jSZpwI/3GMMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY3MjcxMzE4LTRhM2ItNDI1Ni1hNjg1LTQ1MzA4MzFmMDNmMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+8gwDQYJKoZIhvcNAQELBQADggEBAElQLehZvovnf6ZtzL0e ZKMhqSZtmGjC7x8ypAfwupAlPiepkBNv6909bzy94tMz0vbv34wjeemAsFIpUUqi eRCdrysdd9OAMOEATRVbeyowy67LmcZFwOuIqB2LasRqoLttLoADotE6raOS22Ty OhofDFUBOH2Yxqf4yKCkiYSNU2LXGTweS5/2l2s9FTCOaYPk/TK38GIiM5EanhSP eXEKZh0kIhg/8+gtiWREQmjyfMAyVtphmxl0fjZQfI63FVJujPdSZU8KD/v2MXF7 sxiGlGJE9hptFtRsJVuE5s5X05fYXZUSsSWFnpUOGXi24T7r5++xm0EVr7rtaPj/ bJc= -----END CERTIFICATE-----Generated at Sun May 5 01:20:20 2024 by rpki-client on console-fra.rpki-client.org