$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67271318-4a3b-4256-a685-4530831f03f1.roa File: 67271318-4a3b-4256-a685-4530831f03f1.roa (raw, json) Hash identifier: /AvgmQRtXmGhuUNC9ZbPMZFjOHXx0PGabycNc43E+Ug= Subject key identifier: 92:98:B2:F3:85:BC:B4:62:64:C2:48:AC:DB:85:EC:4A:6D:33:F6:73 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 34737D027966CBC58214AC05F4ED0809C25B5C3B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67271318-4a3b-4256-a685-4530831f03f1.roa Signing time: Mon 08 Jul 2024 00:00:00 +0000 ROA not before: Mon 08 Jul 2024 00:00:00 +0000 ROA not after: Mon 12 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:c800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:73:7d:02:79:66:cb:c5:82:14:ac:05:f4:ed:08:09:c2:5b:5c:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 8 00:00:00 2024 GMT Not After : Aug 12 23:59:59 2024 GMT Subject: serialNumber=1ec0637ca8213b3b1e0aeb11d4658801797156365f19f53e454e5794b86978f6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:78:ec:a3:91:ea:b5:6f:8e:be:73:f5:6b:58: 1c:cb:2d:01:07:14:01:a9:15:45:82:b2:61:8a:32: eb:e9:7d:60:f9:d8:b0:9e:b7:6f:4c:d2:5b:04:76: 77:16:b9:3e:a5:5c:f2:b2:eb:97:7c:05:45:97:5a: 41:29:47:3b:01:1e:76:c0:57:1b:81:6a:9b:c0:aa: 4a:fa:72:66:1d:d6:24:d9:95:d5:1c:2e:4e:4b:86: dc:1e:73:27:81:cc:9c:9d:df:3f:52:fb:32:2e:73: fb:d6:34:c1:ec:53:9d:df:74:ed:66:eb:7d:6a:7c: 98:ac:91:cd:50:89:83:c7:a9:f6:78:7e:95:0a:14: dc:42:13:a0:46:c4:ec:71:a1:3e:61:cd:1d:53:53: f9:60:fd:10:5f:c2:53:91:07:51:ee:71:e3:3e:b4: 2c:58:40:3b:39:ed:b2:bc:4b:2a:23:b6:f6:83:fc: f0:ef:df:1c:5e:23:a7:78:cc:ce:d9:84:6a:02:c8: 46:a3:f2:90:81:69:9a:69:e4:51:79:b2:83:b1:af: 8e:40:8c:80:66:4b:d5:34:20:e5:05:ee:d2:6b:ba: 09:e1:72:03:85:ec:c4:df:35:7e:97:b2:f9:19:64: bf:4a:f8:ac:a5:66:83:8a:a5:81:ab:3a:1f:a7:f3: 60:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:98:B2:F3:85:BC:B4:62:64:C2:48:AC:DB:85:EC:4A:6D:33:F6:73 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67271318-4a3b-4256-a685-4530831f03f1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:c800::/40 Signature Algorithm: sha256WithRSAEncryption b8:ee:6c:68:e9:f6:56:fb:32:f6:db:c3:cc:46:e0:ea:9d:d2: 7e:71:2f:f7:5b:90:40:7f:16:ae:2b:5c:75:e8:24:4f:66:09: d9:bb:78:95:a8:f7:54:a8:f9:ed:d0:d3:08:86:54:0d:01:b7: 17:5d:66:69:8f:ab:6d:96:e4:4f:2b:d5:b0:f9:52:92:94:5c: 75:34:ec:53:7c:9e:8c:2d:30:0e:1d:db:ae:b5:8d:a3:d6:0b: 1d:f2:af:76:d9:1c:cb:2b:ad:99:17:a3:68:48:76:e3:fb:ab: 8b:9f:97:24:4c:24:08:d1:f3:60:42:bf:a9:0a:dc:ad:63:2a: b3:c2:83:34:5b:b4:2a:74:59:f0:b7:e9:0d:57:6f:2e:be:95: 77:95:82:c2:e6:57:44:8e:35:06:5d:3d:f1:a8:8c:c2:07:79: 03:c3:ae:50:96:1f:98:f1:80:ac:f0:df:f7:74:36:02:d4:d8: 0d:d1:9e:9d:9b:3b:31:4b:f0:bf:38:71:0d:bb:48:f0:34:32: 38:f1:51:65:2d:98:e0:12:cb:5f:44:4c:47:08:c0:d1:8a:09: b0:49:c1:1c:c1:62:0f:91:1f:7c:ae:1b:49:66:b1:04:2a:38: 62:5a:6b:16:d9:be:9a:5e:e8:ac:b9:86:61:2a:1e:6e:34:48: 51:6a:fa:92 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUNHN9Anlmy8WCFKwF9O0ICcJbXDswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcwODAwMDAwMFoX DTI0MDgxMjIzNTk1OVowejFJMEcGA1UEBRNAMWVjMDYzN2NhODIxM2IzYjFlMGFl YjExZDQ2NTg4MDE3OTcxNTYzNjVmMTlmNTNlNDU0ZTU3OTRiODY5NzhmNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHjso5HqtW+OvnP1a1gcyy0BBxQB qRVFgrJhijLr6X1g+diwnrdvTNJbBHZ3Frk+pVzysuuXfAVFl1pBKUc7AR52wFcb gWqbwKpK+nJmHdYk2ZXVHC5OS4bcHnMngcycnd8/UvsyLnP71jTB7FOd33TtZut9 anyYrJHNUImDx6n2eH6VChTcQhOgRsTscaE+Yc0dU1P5YP0QX8JTkQdR7nHjPrQs WEA7Oe2yvEsqI7b2g/zw798cXiOneMzO2YRqAshGo/KQgWmaaeRRebKDsa+OQIyA ZkvVNCDlBe7Sa7oJ4XIDhezE3zV+l7L5GWS/SvispWaDiqWBqzofp/NghQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJKYsvOFvLRiZMJIrNuF7EptM/ZzMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY3MjcxMzE4LTRhM2ItNDI1Ni1hNjg1LTQ1MzA4MzFmMDNmMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+8gwDQYJKoZIhvcNAQELBQADggEBALjubGjp9lb7Mvbbw8xG 4Oqd0n5xL/dbkEB/Fq4rXHXoJE9mCdm7eJWo91So+e3Q0wiGVA0BtxddZmmPq22W 5E8r1bD5UpKUXHU07FN8nowtMA4d2661jaPWCx3yr3bZHMsrrZkXo2hIduP7q4uf lyRMJAjR82BCv6kK3K1jKrPCgzRbtCp0WfC36Q1Xby6+lXeVgsLmV0SONQZdPfGo jMIHeQPDrlCWH5jxgKzw3/d0NgLU2A3Rnp2bOzFL8L84cQ27SPA0MjjxUWUtmOAS y19ETEcIwNGKCbBJwRzBYg+RH3yuG0lmsQQqOGJaaxbZvppe6Ky5hmEqHm40SFFq +pI= -----END CERTIFICATE-----Generated at Fri Jul 26 01:58:40 2024 by rpki-client on console-ams.rpki-client.org