$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6a952ae5-20a0-4370-99d5-bfa0be40b40a.roa File: 6a952ae5-20a0-4370-99d5-bfa0be40b40a.roa (raw, json) Hash identifier: EFq8ZGwZOVBb/rmkBlA4yIM5WEVaX974R4T3ADLE6zc= Subject key identifier: 65:40:C9:B0:CF:89:37:F9:D6:8B:F0:76:A4:C1:7C:74:58:1B:81:E1 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7322EF19BF6CEF4508D852EC02D859AB3CD1F8C1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6a952ae5-20a0-4370-99d5-bfa0be40b40a.roa Signing time: Tue 16 Jul 2024 00:00:00 +0000 ROA not before: Tue 16 Jul 2024 00:00:00 +0000 ROA not after: Tue 20 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:22:ef:19:bf:6c:ef:45:08:d8:52:ec:02:d8:59:ab:3c:d1:f8:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 16 00:00:00 2024 GMT Not After : Aug 20 23:59:59 2024 GMT Subject: serialNumber=5ca23348a35096fd1c79124779e5e31dab9a7093fcbbc80a9d49bb867144c85e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:41:d8:cb:56:9e:78:f1:87:80:4b:11:f1:f4: a5:c9:4d:6f:a7:ce:e1:c3:8a:83:b0:82:83:ca:ef: 14:49:30:3b:81:a2:1a:c9:0e:25:95:21:d6:ed:57: 50:50:64:7b:cf:88:1e:70:61:75:e3:b3:42:52:13: 2d:93:67:10:79:12:75:1f:bc:4c:3c:7c:72:af:18: 16:f2:c2:ee:e0:d6:a9:c0:4f:c6:c0:58:de:a2:42: f5:09:3c:02:e6:5a:dd:6b:9d:a8:32:a2:e2:18:84: 16:37:71:0e:d6:f7:08:32:b6:c2:63:8d:e3:1f:49: 59:0b:79:ee:72:bf:bd:71:26:cf:f1:79:d1:64:84: 47:c6:10:31:7a:78:56:86:a5:07:a2:9e:32:9f:1a: 29:e1:b2:6b:b2:02:91:c9:3b:99:5a:63:af:02:e7: 08:2d:10:0c:23:df:95:ca:82:8f:a2:f9:21:aa:9e: 7b:de:63:51:e1:10:cb:19:9a:de:d7:d3:7f:3b:f0: 99:9d:b8:3d:d7:a1:a1:a6:d6:91:f8:fa:33:b2:cd: 1c:7e:b8:0c:27:f4:5a:0b:4f:52:58:4f:c6:22:bc: 3e:80:13:c4:8f:2e:dd:fb:6e:88:e4:7b:5d:c3:b1: 21:12:00:e2:85:ee:27:77:0d:69:39:21:f4:f5:a3: 72:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:40:C9:B0:CF:89:37:F9:D6:8B:F0:76:A4:C1:7C:74:58:1B:81:E1 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6a952ae5-20a0-4370-99d5-bfa0be40b40a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:7000::/40 Signature Algorithm: sha256WithRSAEncryption aa:91:85:c1:4e:32:9e:77:d1:d0:7a:42:34:f8:3f:a8:a7:c9: 32:81:08:84:4e:3d:18:f2:d9:ef:bd:4b:29:2b:a4:a6:f5:a6: 35:bb:d7:0d:89:c4:df:90:48:bd:04:d5:6d:bc:00:51:e8:b5: 50:56:7d:65:26:53:19:88:dd:3c:f3:2c:e1:45:02:6f:07:f3: 33:dd:13:90:f7:20:9b:95:d3:c9:20:ed:37:b4:25:a7:db:f9: ea:b6:1b:4a:9f:18:7d:1c:36:1f:4a:26:f8:3b:61:19:27:d7: e8:1b:5d:c1:5e:c1:19:1a:da:e2:c5:92:81:a2:9e:ee:3f:c9: 59:22:d6:78:42:85:e1:ed:f7:b9:d2:f8:49:cd:53:a1:44:0f: 78:2b:73:33:cd:1c:c2:85:38:5e:95:98:8b:d6:e4:8e:21:f0: d6:d2:bc:73:c4:46:c7:7d:4b:e7:bd:d7:ec:e7:65:9a:30:3c: b7:72:1c:b6:d4:83:b6:3e:b9:bc:84:da:3f:38:86:39:31:04: 17:0b:a0:c6:14:bc:4e:96:40:9c:44:97:c4:52:41:90:f3:34: 99:c1:94:b3:a2:97:6c:47:f7:2b:8d:7d:06:ec:7b:b7:98:07: 56:3c:cb:d2:cd:e7:59:1f:86:23:53:a3:06:f0:7c:f5:b7:f9: 7b:91:df:96 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUcyLvGb9s70UI2FLsAthZqzzR+MEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcxNjAwMDAwMFoX DTI0MDgyMDIzNTk1OVowejFJMEcGA1UEBRNANWNhMjMzNDhhMzUwOTZmZDFjNzkx MjQ3NzllNWUzMWRhYjlhNzA5M2ZjYmJjODBhOWQ0OWJiODY3MTQ0Yzg1ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUHYy1aeePGHgEsR8fSlyU1vp87h w4qDsIKDyu8USTA7gaIayQ4llSHW7VdQUGR7z4gecGF147NCUhMtk2cQeRJ1H7xM PHxyrxgW8sLu4NapwE/GwFjeokL1CTwC5lrda52oMqLiGIQWN3EO1vcIMrbCY43j H0lZC3nucr+9cSbP8XnRZIRHxhAxenhWhqUHop4ynxop4bJrsgKRyTuZWmOvAucI LRAMI9+VyoKPovkhqp573mNR4RDLGZre19N/O/CZnbg916GhptaR+Pozss0cfrgM J/RaC09SWE/GIrw+gBPEjy7d+26I5Htdw7EhEgDihe4ndw1pOSH09aNydQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGVAybDPiTf51ovwdqTBfHRYG4HhMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzZhOTUyYWU1LTIwYTAtNDM3MC05OWQ1LWJmYTBiZTQwYjQwYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauXAwDQYJKoZIhvcNAQELBQADggEBAKqRhcFOMp530dB6QjT4 P6inyTKBCIROPRjy2e+9SykrpKb1pjW71w2JxN+QSL0E1W28AFHotVBWfWUmUxmI 3TzzLOFFAm8H8zPdE5D3IJuV08kg7Te0Jafb+eq2G0qfGH0cNh9KJvg7YRkn1+gb XcFewRka2uLFkoGinu4/yVki1nhCheHt97nS+EnNU6FED3grczPNHMKFOF6VmIvW 5I4h8NbSvHPERsd9S+e91+znZZowPLdyHLbUg7Y+ubyE2j84hjkxBBcLoMYUvE6W QJxEl8RSQZDzNJnBlLOil2xH9yuNfQbse7eYB1Y8y9LN51kfhiNTowbwfPW3+XuR 35Y= -----END CERTIFICATE-----Generated at Fri Jul 26 01:58:40 2024 by rpki-client on console-ams.rpki-client.org