$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67b122dd-c584-4c2f-ac76-fb1a660b79da.roa File: 67b122dd-c584-4c2f-ac76-fb1a660b79da.roa (raw, json) Hash identifier: PBIxbzIrAazhIn26/13angveb/A5vgFIZUyQTiH87h0= Subject key identifier: 17:79:8A:42:0C:CE:37:EF:57:6B:AC:BB:A9:90:33:89:B2:AB:12:19 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 04760835D9B2330A4B5422F0D8172070A3222F18 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67b122dd-c584-4c2f-ac76-fb1a660b79da.roa Signing time: Mon 11 Sep 2023 00:00:00 +0000 ROA not before: Mon 11 Sep 2023 00:00:00 +0000 ROA not after: Mon 16 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da28::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 Sep 2023 03:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:76:08:35:d9:b2:33:0a:4b:54:22:f0:d8:17:20:70:a3:22:2f:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 11 00:00:00 2023 GMT Not After : Oct 16 23:59:59 2023 GMT Subject: serialNumber=c91cd3703a0f5b8438b4f28124510c39c468de18b6482a19b102f5c0204fa566, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:50:1c:fc:aa:e8:ca:45:80:ea:ae:64:86:1b: 99:b8:40:5e:06:00:c0:ab:98:5d:2b:3f:20:ab:8f: 6e:86:9c:ca:3e:6b:f6:dd:f8:b5:14:68:63:89:a8: f0:57:a9:e6:d7:91:76:60:4d:d1:a2:ef:07:e3:bf: 1c:d8:1b:e8:5c:49:45:90:b0:10:aa:68:ed:44:d4: 8b:cb:e1:1c:d8:45:65:5d:e0:03:d9:84:d2:cd:3b: 9b:e4:08:c6:ec:3f:49:f4:a5:17:8d:67:87:8c:34: 72:82:e2:7b:d9:1f:c4:c1:59:8d:1d:b7:80:a5:7b: 9c:b8:96:d3:84:0f:3b:91:26:c8:03:8e:cf:43:b7: b1:e6:e5:b3:17:1c:9d:fa:f5:5a:57:30:01:b3:03: b5:22:26:7b:20:ff:a5:86:d3:31:b5:eb:7a:3d:8e: 97:63:e6:cb:53:da:0d:cd:b6:57:47:de:34:0b:31: f9:3c:03:22:74:19:4e:d3:b1:1c:ea:41:e2:01:6d: e1:14:ba:09:64:89:bd:40:05:37:75:6e:5f:03:74: fc:8b:b5:ba:73:ce:f4:0a:a4:9a:b2:7d:c1:a2:04: f7:2c:ef:8c:61:2a:b1:e3:de:ee:bc:83:80:6d:40: 3e:ef:a8:53:c7:f5:b4:c2:3e:8c:91:73:7b:aa:f9: 87:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:79:8A:42:0C:CE:37:EF:57:6B:AC:BB:A9:90:33:89:B2:AB:12:19 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67b122dd-c584-4c2f-ac76-fb1a660b79da.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da28::/36 Signature Algorithm: sha256WithRSAEncryption 5a:21:1c:24:77:c0:e8:b4:84:e3:a9:47:5b:b3:76:05:21:b5: 57:9c:eb:f7:bc:33:40:b8:e2:c4:d9:67:e6:db:35:ac:00:83: 44:12:92:e7:f6:93:68:aa:be:f4:a9:a2:0e:4c:2c:5e:0a:62: d2:b2:51:19:93:23:0f:fb:e4:8b:55:aa:5e:3d:2a:6e:22:03: 84:68:43:de:0a:66:1e:e4:a3:11:fd:9d:09:7d:c9:63:db:36: 4a:91:aa:4a:0e:3e:d2:ae:95:06:31:ed:47:1f:6d:ac:6b:9e: 31:b7:67:1d:d3:10:e1:3e:c0:05:eb:a1:77:14:ad:71:22:ea: 92:ac:22:bb:18:6d:b8:25:ab:35:b4:7a:0f:21:f8:62:0b:3e: 58:c3:9b:8c:ca:71:1a:15:ab:e3:0f:30:db:32:be:c5:0b:e1: ae:9f:f3:d0:fc:76:d6:8e:f1:de:a4:01:97:20:c8:25:d7:06: 4e:0e:4e:7d:13:3b:48:a7:6f:c7:ca:e6:4d:d9:74:52:4f:d1: c5:92:3f:fa:5e:56:17:21:5a:b7:e9:7d:96:80:f7:d1:8f:1c: 38:63:e8:fd:0b:5d:16:b1:a2:2d:23:2c:bb:c3:9f:98:b8:56: d0:b6:92:6a:63:ce:d4:b7:44:6d:a1:bc:77:92:03:17:f0:fc: eb:80:7b:bc -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUBHYINdmyMwpLVCLw2BcgcKMiLxgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkxMTAwMDAwMFoX DTIzMTAxNjIzNTk1OVowejFJMEcGA1UEBRNAYzkxY2QzNzAzYTBmNWI4NDM4YjRm MjgxMjQ1MTBjMzljNDY4ZGUxOGI2NDgyYTE5YjEwMmY1YzAyMDRmYTU2NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFAc/KroykWA6q5khhuZuEBeBgDA q5hdKz8gq49uhpzKPmv23fi1FGhjiajwV6nm15F2YE3Rou8H478c2BvoXElFkLAQ qmjtRNSLy+Ec2EVlXeAD2YTSzTub5AjG7D9J9KUXjWeHjDRyguJ72R/EwVmNHbeA pXucuJbThA87kSbIA47PQ7ex5uWzFxyd+vVaVzABswO1IiZ7IP+lhtMxtet6PY6X Y+bLU9oNzbZXR940CzH5PAMidBlO07Ec6kHiAW3hFLoJZIm9QAU3dW5fA3T8i7W6 c870CqSasn3BogT3LO+MYSqx497uvIOAbUA+76hTx/W0wj6MkXN7qvmHXwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBd5ikIMzjfvV2usu6mQM4myqxIZMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY3YjEyMmRkLWM1ODQtNGMyZi1hYzc2LWZiMWE2NjBiNzlkYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaKAAwDQYJKoZIhvcNAQELBQADggEBAFohHCR3wOi0hOOpR1uz dgUhtVec6/e8M0C44sTZZ+bbNawAg0QSkuf2k2iqvvSpog5MLF4KYtKyURmTIw/7 5ItVql49Km4iA4RoQ94KZh7koxH9nQl9yWPbNkqRqkoOPtKulQYx7UcfbaxrnjG3 Zx3TEOE+wAXroXcUrXEi6pKsIrsYbbglqzW0eg8h+GILPljDm4zKcRoVq+MPMNsy vsUL4a6f89D8dtaO8d6kAZcgyCXXBk4OTn0TO0inb8fK5k3ZdFJP0cWSP/peVhch WrfpfZaA99GPHDhj6P0LXRaxoi0jLLvDn5i4VtC2kmpjztS3RG2hvHeSAxfw/OuA e7w= -----END CERTIFICATE-----Generated at Mon Sep 11 15:39:31 2023 by rpki-client on console-ams.rpki-client.org