$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67b122dd-c584-4c2f-ac76-fb1a660b79da.roa File: 67b122dd-c584-4c2f-ac76-fb1a660b79da.roa (raw, json) Hash identifier: iAeCDLZdyJcjBQQsWv/8zlAYTAgMsEyYjpYUc745MJ4= Subject key identifier: 31:49:40:FB:9E:F2:28:09:CC:C9:A7:9C:63:30:C2:ED:8B:7A:9C:51 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2E64D8CF6CE922E3BE5B48B97921DA0B75BE1D4F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67b122dd-c584-4c2f-ac76-fb1a660b79da.roa Signing time: Wed 24 Apr 2024 00:00:00 +0000 ROA not before: Wed 24 Apr 2024 00:00:00 +0000 ROA not after: Wed 29 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da28::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 28 Apr 2024 00:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:64:d8:cf:6c:e9:22:e3:be:5b:48:b9:79:21:da:0b:75:be:1d:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 24 00:00:00 2024 GMT Not After : May 29 23:59:59 2024 GMT Subject: serialNumber=dad8360bc71b864ba1e4f262a3ad9cb35b822fa239724c99ff89be5f02e7ede7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:fd:1c:0c:93:7b:b5:66:54:40:b3:ad:f5:f8: 86:e3:04:08:a7:fb:51:45:59:55:3f:5c:ec:c2:30: fb:f8:e9:a5:f8:01:4b:18:ee:1a:1d:95:de:ee:9e: 26:0a:fe:59:e3:f2:15:b7:a9:48:9f:19:5b:c1:e4: e5:56:74:7e:8f:6b:7a:3b:99:16:48:3e:5b:38:51: 9a:61:de:89:c8:5a:13:7a:e5:4f:3f:a2:db:5f:e6: dd:f3:8c:d9:0b:c2:cc:57:e1:fc:de:cb:b0:f4:4f: b8:4f:04:1b:cf:d5:4c:79:1c:53:6d:ea:52:5d:ef: d6:cb:c2:f1:de:d0:6e:6f:03:1a:00:77:ea:05:03: 3c:04:52:03:03:bb:0f:40:0c:a6:df:0e:bc:20:db: b9:04:32:c8:83:5e:47:bf:cc:fa:62:21:9b:5c:14: 7a:43:50:3e:0f:c5:b7:44:09:8b:8d:5d:3a:3d:13: 77:ed:7c:c3:cd:75:63:1d:eb:d4:4c:73:8b:57:a2: 1f:b6:ec:66:bf:cb:27:d1:df:b0:47:ca:d7:2d:49: 82:10:7c:17:57:b6:54:68:68:4c:39:cf:a9:26:23: a8:ec:56:de:0e:a9:98:e0:f8:77:22:7c:f1:97:75: c1:00:61:d6:9b:23:fe:63:09:f5:54:7d:8f:bf:1d: cf:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:49:40:FB:9E:F2:28:09:CC:C9:A7:9C:63:30:C2:ED:8B:7A:9C:51 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67b122dd-c584-4c2f-ac76-fb1a660b79da.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da28::/36 Signature Algorithm: sha256WithRSAEncryption 43:c5:d7:49:63:2d:a2:6d:f7:36:0e:22:c8:1b:32:00:f0:d8: aa:c0:13:c5:de:a0:3d:3c:fb:91:2c:02:98:3c:55:de:87:07: 16:5d:e5:f3:b6:0f:c8:cf:46:5e:4d:7b:b0:89:34:cb:b7:1b: a0:89:7a:c3:e5:12:53:3e:23:6d:f5:03:c6:cc:a1:12:f0:83: 1c:16:47:c6:59:f2:ba:8b:53:8e:82:e9:0e:ea:77:ea:8f:57: 1b:1a:bb:4d:63:4a:d2:98:82:a7:6d:fa:12:87:31:85:50:08: 7b:1e:7b:c3:5e:db:63:f7:7d:7b:ec:79:d0:8c:1c:2f:b0:57: 27:b9:37:d6:4c:cd:07:88:55:c9:21:ff:49:32:6c:ae:1e:cb: 58:14:67:13:c0:d2:07:67:ba:ef:56:d3:30:83:a7:54:2d:44: 0d:12:bf:df:a0:18:53:8d:3b:21:26:83:df:fc:d9:cf:76:9d: 7e:3b:d6:f2:6b:d9:6e:91:e9:a3:e4:2d:5a:a5:20:2e:07:d2: f8:ca:13:a5:80:20:68:0f:00:ae:50:08:20:f1:8d:ef:a3:dc: 51:9e:f5:6a:22:8e:07:6c:a9:cf:8c:db:16:cf:c6:53:1f:d0: 21:3f:a0:e9:28:40:2f:51:df:46:67:5d:db:b0:1c:cd:32:30: 11:68:7c:75 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIULmTYz2zpIuO+W0i5eSHaC3W+HU8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQyNDAwMDAwMFoX DTI0MDUyOTIzNTk1OVowejFJMEcGA1UEBRNAZGFkODM2MGJjNzFiODY0YmExZTRm MjYyYTNhZDljYjM1YjgyMmZhMjM5NzI0Yzk5ZmY4OWJlNWYwMmU3ZWRlNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/0cDJN7tWZUQLOt9fiG4wQIp/tR RVlVP1zswjD7+Oml+AFLGO4aHZXe7p4mCv5Z4/IVt6lInxlbweTlVnR+j2t6O5kW SD5bOFGaYd6JyFoTeuVPP6LbX+bd84zZC8LMV+H83suw9E+4TwQbz9VMeRxTbepS Xe/Wy8Lx3tBubwMaAHfqBQM8BFIDA7sPQAym3w68INu5BDLIg15Hv8z6YiGbXBR6 Q1A+D8W3RAmLjV06PRN37XzDzXVjHevUTHOLV6Iftuxmv8sn0d+wR8rXLUmCEHwX V7ZUaGhMOc+pJiOo7FbeDqmY4Ph3Inzxl3XBAGHWmyP+Ywn1VH2Pvx3PwwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDFJQPue8igJzMmnnGMwwu2LepxRMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY3YjEyMmRkLWM1ODQtNGMyZi1hYzc2LWZiMWE2NjBiNzlkYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaKAAwDQYJKoZIhvcNAQELBQADggEBAEPF10ljLaJt9zYOIsgb MgDw2KrAE8XeoD08+5EsApg8Vd6HBxZd5fO2D8jPRl5Ne7CJNMu3G6CJesPlElM+ I231A8bMoRLwgxwWR8ZZ8rqLU46C6Q7qd+qPVxsau01jStKYgqdt+hKHMYVQCHse e8Ne22P3fXvsedCMHC+wVye5N9ZMzQeIVckh/0kybK4ey1gUZxPA0gdnuu9W0zCD p1QtRA0Sv9+gGFONOyEmg9/82c92nX471vJr2W6R6aPkLVqlIC4H0vjKE6WAIGgP AK5QCCDxje+j3FGe9Woijgdsqc+M2xbPxlMf0CE/oOkoQC9R30ZnXduwHM0yMBFo fHU= -----END CERTIFICATE-----Generated at Wed Apr 24 05:31:46 2024 by rpki-client on console-fra.rpki-client.org