$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6966423c-fa27-4cd5-898f-a147e75cdcb6.roa File: 6966423c-fa27-4cd5-898f-a147e75cdcb6.roa (raw, json) Hash identifier: uM63O+vzdByPZVRsBQy7jTd7nPD7UmyeNWMtyrfxNZg= Subject key identifier: 73:DE:0F:1D:51:56:E0:FA:E5:EA:36:36:84:72:57:30:22:85:C7:B3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6E1A23008B134A72C816023C231927846EFA64E0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6966423c-fa27-4cd5-898f-a147e75cdcb6.roa Signing time: Tue 16 Jul 2024 00:00:00 +0000 ROA not before: Tue 16 Jul 2024 00:00:00 +0000 ROA not after: Tue 20 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:1a:23:00:8b:13:4a:72:c8:16:02:3c:23:19:27:84:6e:fa:64:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 16 00:00:00 2024 GMT Not After : Aug 20 23:59:59 2024 GMT Subject: serialNumber=0895aa7b49641f8340debb262cf574e9fa861c6309ebc7b6c8a72b06cb3ea99d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:15:31:7f:71:2d:8d:04:3c:e4:07:14:f8:0a: e8:f6:05:bd:7e:e0:c3:f5:c4:e5:67:10:c6:d1:1e: 5e:c4:c2:8d:a4:1b:fc:d6:cd:69:ba:f5:35:2a:a4: 3f:16:89:51:ba:fb:8f:8a:f5:ca:f6:cf:9d:44:40: f1:3f:d9:c1:a3:26:ef:cf:e7:4a:e4:1f:e6:dd:55: 41:f1:cb:3d:a6:b5:d6:5e:e7:28:30:4f:6f:d3:75: 8e:1e:89:2e:ee:fc:f5:7c:e8:91:fb:1a:ce:d1:d4: a2:65:15:37:3c:04:28:de:b0:0a:12:87:50:56:ee: 3e:e8:f0:55:d1:92:39:4d:02:09:24:ac:53:09:09: 3e:5f:1f:1b:a0:ce:2f:da:bd:4a:e3:06:dc:77:e9: c6:5b:8a:52:26:7a:55:3f:5a:31:57:69:6c:de:b7: a9:54:63:ba:f6:e1:ef:0c:cb:0a:e4:b4:9c:63:9c: 1a:89:a5:30:14:82:5b:6e:fd:6f:db:fd:28:59:2b: 3a:ed:cc:8a:53:ac:77:fe:38:6b:44:8a:90:51:c2: 07:71:37:0e:91:8c:64:8f:c1:27:34:06:e4:d2:c7: 13:f4:fb:1c:c8:13:2c:2e:b6:07:87:0d:65:c6:04: 77:f5:36:4f:b2:e6:dd:8b:4e:58:a1:e6:73:3e:92: 57:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:DE:0F:1D:51:56:E0:FA:E5:EA:36:36:84:72:57:30:22:85:C7:B3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6966423c-fa27-4cd5-898f-a147e75cdcb6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:a000::/40 Signature Algorithm: sha256WithRSAEncryption 8f:23:8a:ea:f7:71:34:71:86:0c:34:c9:de:e5:2c:4a:37:5d: fa:e2:47:b2:0e:8a:be:37:e7:ef:28:c1:c1:dc:bd:6d:d6:87: c2:41:1e:71:17:6f:d2:3b:ba:25:07:3d:e3:ab:26:33:ec:4b: 42:75:5c:69:a9:bf:38:bd:2d:b0:16:6b:4b:d5:e4:75:ec:84: e5:30:de:1d:0c:ef:a4:16:0e:f7:e0:ed:da:49:70:59:ce:13: 09:e6:8e:2c:3b:8f:11:23:df:72:66:42:a4:dc:50:95:fa:87: 2c:b5:7f:c9:33:e9:5c:74:af:f6:c6:ab:89:2b:ae:b6:af:1b: 13:3f:f1:75:24:36:10:c5:98:ac:87:73:46:95:26:e0:67:b9: 16:d1:1d:07:25:9f:9a:94:31:18:ce:32:7e:53:2a:7a:97:25: a5:27:21:3f:c4:5f:5d:0d:36:fc:bf:fb:f5:3d:09:f9:e5:52: fe:35:e6:54:df:60:9d:ca:8f:49:28:f2:83:00:df:d9:e4:4a: 53:70:48:65:9b:20:88:7a:2a:33:ed:97:7e:a7:b6:03:db:75: 97:b8:14:12:62:d2:f9:54:b0:1d:60:26:7c:e2:68:ee:f6:25: ca:18:86:bb:8c:a9:e5:b5:45:1c:22:4b:c1:75:5f:28:61:f2: 13:80:a3:b5 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUbhojAIsTSnLIFgI8IxknhG76ZOAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcxNjAwMDAwMFoX DTI0MDgyMDIzNTk1OVowejFJMEcGA1UEBRNAMDg5NWFhN2I0OTY0MWY4MzQwZGVi YjI2MmNmNTc0ZTlmYTg2MWM2MzA5ZWJjN2I2YzhhNzJiMDZjYjNlYTk5ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRUxf3EtjQQ85AcU+Aro9gW9fuDD 9cTlZxDG0R5exMKNpBv81s1puvU1KqQ/FolRuvuPivXK9s+dREDxP9nBoybvz+dK 5B/m3VVB8cs9prXWXucoME9v03WOHoku7vz1fOiR+xrO0dSiZRU3PAQo3rAKEodQ Vu4+6PBV0ZI5TQIJJKxTCQk+Xx8boM4v2r1K4wbcd+nGW4pSJnpVP1oxV2ls3rep VGO69uHvDMsK5LScY5waiaUwFIJbbv1v2/0oWSs67cyKU6x3/jhrRIqQUcIHcTcO kYxkj8EnNAbk0scT9PscyBMsLrYHhw1lxgR39TZPsubdi05YoeZzPpJXhwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHPeDx1RVuD65eo2NoRyVzAihcezMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY5NjY0MjNjLWZhMjctNGNkNS04OThmLWExNDdlNzVjZGNiNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauaAwDQYJKoZIhvcNAQELBQADggEBAI8jiur3cTRxhgw0yd7l LEo3XfriR7IOir435+8owcHcvW3Wh8JBHnEXb9I7uiUHPeOrJjPsS0J1XGmpvzi9 LbAWa0vV5HXshOUw3h0M76QWDvfg7dpJcFnOEwnmjiw7jxEj33JmQqTcUJX6hyy1 f8kz6Vx0r/bGq4krrravGxM/8XUkNhDFmKyHc0aVJuBnuRbRHQcln5qUMRjOMn5T KnqXJaUnIT/EX10NNvy/+/U9CfnlUv415lTfYJ3Kj0ko8oMA39nkSlNwSGWbIIh6 KjPtl36ntgPbdZe4FBJi0vlUsB1gJnziaO72JcoYhruMqeW1RRwiS8F1Xyhh8hOA o7U= -----END CERTIFICATE-----Generated at Fri Jul 26 02:06:15 2024 by rpki-client on console-fra.rpki-client.org