$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6a952ae5-20a0-4370-99d5-bfa0be40b40a.roa File: 6a952ae5-20a0-4370-99d5-bfa0be40b40a.roa (raw, json) Hash identifier: sxmAPpQIl9PZHTynMAYiyg+LQcYn6tBcfXrYF5/FZkQ= Subject key identifier: 16:98:34:F0:A9:2F:64:98:F7:96:40:13:C4:A4:B0:31:68:55:80:A1 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5739E27801594128656EB548B2C68BF9D051F7FA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6a952ae5-20a0-4370-99d5-bfa0be40b40a.roa Signing time: Thu 02 May 2024 00:00:00 +0000 ROA not before: Thu 02 May 2024 00:00:00 +0000 ROA not after: Thu 06 Jun 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 May 2024 00:10:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:39:e2:78:01:59:41:28:65:6e:b5:48:b2:c6:8b:f9:d0:51:f7:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 2 00:00:00 2024 GMT Not After : Jun 6 23:59:59 2024 GMT Subject: serialNumber=7dcf441dfa2fad7e37efbb7152aedd869b945440401b28f44b858755938cd61a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:64:a6:e4:1f:60:12:93:cf:41:0b:39:14:eb: 40:a2:ec:0f:67:44:3c:54:9f:f4:ad:3d:c0:c7:1d: 97:2f:7f:7f:73:fd:ac:69:e1:f0:9d:5f:2f:60:9c: cf:c5:e5:9b:8e:dd:1d:d5:84:c8:06:a5:c4:46:d4: 22:ed:7e:66:40:cf:6a:86:00:29:df:26:02:79:8d: 0c:77:77:8d:7c:8c:5a:a8:50:6f:cf:a0:d6:62:31: 01:54:1a:3f:82:2c:64:58:7f:f4:bf:6d:49:da:34: 2a:44:42:ac:91:26:92:b5:c2:7f:73:b4:76:c3:34: 07:19:78:89:14:a4:ef:1f:ca:3c:13:80:d0:e2:fc: 78:f7:39:37:bf:cc:3c:be:aa:43:9c:f5:60:90:c3: 33:44:25:b1:6f:cc:13:f6:b6:83:c1:90:b6:82:78: 2f:b5:97:63:5c:29:95:5d:82:da:7c:ea:2a:52:46: da:c7:66:e6:c5:83:1a:11:d1:8d:6a:84:18:51:37: dd:19:21:ee:a2:b2:f3:3e:24:c1:ea:40:27:51:ac: 15:e9:84:04:76:78:1f:96:5e:ed:7f:c0:2f:a1:06: 96:53:46:47:49:b7:e8:a8:b4:1e:42:42:98:0b:c0: 0e:09:59:96:6c:87:6b:5d:31:6d:1b:d3:c9:33:4f: 64:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:98:34:F0:A9:2F:64:98:F7:96:40:13:C4:A4:B0:31:68:55:80:A1 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6a952ae5-20a0-4370-99d5-bfa0be40b40a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:7000::/40 Signature Algorithm: sha256WithRSAEncryption 0b:03:eb:52:b1:40:52:ca:24:09:50:ce:ec:3f:9c:c3:d1:c6: a2:dc:81:b6:59:27:f3:ec:73:e6:56:03:c1:52:4a:34:37:66: 37:3f:65:15:77:44:e3:fc:09:94:55:ad:d8:f1:2f:7b:ae:f1: cd:05:f3:ba:cc:6c:bf:79:72:b0:07:86:23:d4:a2:07:c2:03: 5b:64:19:82:8c:1b:ad:5a:6d:56:ff:f0:54:da:e4:74:b1:30: e2:2a:ae:d3:b2:d4:1c:a9:78:b1:e9:ef:71:73:a2:45:de:3f: a8:71:c0:e6:82:83:bc:40:41:85:5f:a8:e2:d5:ae:ba:3b:1b: a5:e2:08:da:fb:ee:1e:ec:3b:88:d1:43:24:20:62:7d:7b:b8: 16:66:40:45:32:ca:bf:c2:d2:bf:62:7c:63:be:a4:ad:bb:c5: d6:2f:47:9d:ae:c0:99:40:f4:db:01:00:3b:fc:c8:60:da:6e: 42:8e:1d:b0:2e:5c:10:d8:63:fd:e1:a4:3d:09:46:a9:ed:c7: 2b:ae:f8:6f:fd:b4:91:e9:39:36:36:c3:23:85:4e:f4:e6:50: 74:4e:26:a6:8a:5f:75:af:9c:70:12:1e:e9:40:dc:93:ec:42: 5b:57:18:57:4e:a8:0a:c4:fb:04:3f:58:81:b1:7a:4d:6c:58: 56:b5:f1:9a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUVznieAFZQShlbrVIssaL+dBR9/owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUwMjAwMDAwMFoX DTI0MDYwNjIzNTk1OVowejFJMEcGA1UEBRNAN2RjZjQ0MWRmYTJmYWQ3ZTM3ZWZi YjcxNTJhZWRkODY5Yjk0NTQ0MDQwMWIyOGY0NGI4NTg3NTU5MzhjZDYxYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3mSm5B9gEpPPQQs5FOtAouwPZ0Q8 VJ/0rT3Axx2XL39/c/2saeHwnV8vYJzPxeWbjt0d1YTIBqXERtQi7X5mQM9qhgAp 3yYCeY0Md3eNfIxaqFBvz6DWYjEBVBo/gixkWH/0v21J2jQqREKskSaStcJ/c7R2 wzQHGXiJFKTvH8o8E4DQ4vx49zk3v8w8vqpDnPVgkMMzRCWxb8wT9raDwZC2gngv tZdjXCmVXYLafOoqUkbax2bmxYMaEdGNaoQYUTfdGSHuorLzPiTB6kAnUawV6YQE dngfll7tf8AvoQaWU0ZHSbfoqLQeQkKYC8AOCVmWbIdrXTFtG9PJM09k9wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBaYNPCpL2SY95ZAE8SksDFoVYChMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzZhOTUyYWU1LTIwYTAtNDM3MC05OWQ1LWJmYTBiZTQwYjQwYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauXAwDQYJKoZIhvcNAQELBQADggEBAAsD61KxQFLKJAlQzuw/ nMPRxqLcgbZZJ/Psc+ZWA8FSSjQ3Zjc/ZRV3ROP8CZRVrdjxL3uu8c0F87rMbL95 crAHhiPUogfCA1tkGYKMG61abVb/8FTa5HSxMOIqrtOy1BypeLHp73FzokXeP6hx wOaCg7xAQYVfqOLVrro7G6XiCNr77h7sO4jRQyQgYn17uBZmQEUyyr/C0r9ifGO+ pK27xdYvR52uwJlA9NsBADv8yGDabkKOHbAuXBDYY/3hpD0JRqntxyuu+G/9tJHp OTY2wyOFTvTmUHROJqaKX3WvnHASHulA3JPsQltXGFdOqArE+wQ/WIGxek1sWFa1 8Zo= -----END CERTIFICATE-----Generated at Sat May 18 05:19:51 2024 by rpki-client on console-fra.rpki-client.org