$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6b336b02-f773-4fbb-bbc4-a1149b172ad2.roa File: 6b336b02-f773-4fbb-bbc4-a1149b172ad2.roa (raw, json) Hash identifier: Zn4xHnzC5n/u/WZpy6eA9nVoDZor7yOXVqspu0GnDno= Subject key identifier: AD:5A:66:33:20:03:B5:55:39:CA:F4:28:3B:16:4D:BA:8B:98:4A:B7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7A293CC0B00450D758A8162F85CA5D7DAAC60BCD Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6b336b02-f773-4fbb-bbc4-a1149b172ad2.roa Signing time: Fri 22 Sep 2023 00:00:00 +0000 ROA not before: Fri 22 Sep 2023 00:00:00 +0000 ROA not after: Fri 27 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daa0:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Sep 2023 12:02:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:29:3c:c0:b0:04:50:d7:58:a8:16:2f:85:ca:5d:7d:aa:c6:0b:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 22 00:00:00 2023 GMT Not After : Oct 27 23:59:59 2023 GMT Subject: serialNumber=2a42fe4f997a83d12569f05ff5703076fb0e673fcabb66050b60aedb423605d7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:9e:7f:16:40:92:6f:db:7d:b9:e7:2d:8c:3f: 25:a2:8d:26:ac:ae:59:bf:70:ac:bc:89:62:3b:a8: ca:4f:88:3b:bc:9a:61:48:d7:1b:da:33:29:78:d9: d8:57:fa:0a:8c:44:38:56:34:5e:ce:ae:92:9f:63: e3:37:d8:7f:c2:5d:e9:81:db:66:85:a1:ba:7c:4e: 5f:69:47:3b:ac:5b:98:4c:94:50:ce:8c:bc:74:1a: 1f:4c:60:38:6e:34:7f:d6:ee:71:ad:da:50:9c:19: b1:98:06:dc:59:9a:bb:12:fe:37:e9:04:15:a5:31: dc:97:90:93:e0:2a:eb:c4:03:7a:af:55:32:f2:e4: 4e:cb:54:ce:75:c8:1b:30:b6:86:d5:ca:86:85:35: d0:08:b1:c1:b3:a5:d1:63:08:b6:4a:f7:07:71:35: c3:6d:88:03:c4:db:08:e7:05:c9:5f:67:e1:05:ae: 87:3c:70:6e:f4:50:80:b5:30:b7:94:dc:25:17:37: 8c:13:93:55:60:1a:45:cc:f1:d0:bc:63:f0:43:47: 34:d2:f6:da:e5:61:5a:e9:84:d2:3b:b8:cc:54:4b: 8a:ea:77:a1:89:9e:cb:84:06:5a:f0:9f:08:8c:97: 23:ea:d1:fc:07:16:7d:ad:c1:9d:b6:ee:95:07:c2: 81:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:5A:66:33:20:03:B5:55:39:CA:F4:28:3B:16:4D:BA:8B:98:4A:B7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6b336b02-f773-4fbb-bbc4-a1149b172ad2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daa0:b000::/40 Signature Algorithm: sha256WithRSAEncryption c5:3f:91:5e:68:6c:71:bf:26:19:23:b1:fc:26:08:fb:c5:30: af:6d:d3:76:57:56:86:77:18:1b:73:c4:66:5f:77:36:0c:35: bd:a4:21:08:9e:f7:ea:82:ab:b7:db:fa:68:41:03:8f:83:75: 7d:ab:a4:24:fe:92:97:64:f8:be:07:ce:68:51:5f:48:76:d5: 5e:b1:3c:f1:4d:51:20:d6:7f:6c:be:a9:9b:d1:2e:4d:ed:e8: 03:2f:95:e8:ae:1d:fd:69:ec:24:45:e0:ae:91:8f:10:19:fb: 03:16:59:0c:db:cc:f1:68:3d:b9:18:6c:a0:b3:35:5b:a0:2f: 1a:ce:57:15:50:c1:3d:8f:8b:94:c8:4b:c0:11:59:f2:68:37: 5f:97:b3:64:f4:3b:ed:a4:75:38:61:be:1a:8b:c7:aa:34:be: 5c:05:91:54:2a:5c:da:7f:3d:1e:57:75:2c:a7:8d:25:4b:5b: e8:d9:8f:be:93:e5:06:03:66:43:a0:a3:5d:ee:36:34:87:0a: a3:71:ca:54:6e:38:5d:65:d6:ed:70:3d:d0:51:cd:cb:dc:ef: a0:7a:d7:a5:c6:d0:b2:c4:44:da:6e:59:cb:91:32:e8:65:e6: 81:04:7c:b7:a1:02:71:a5:15:ed:69:03:88:c2:eb:ce:db:ab: 00:e4:be:19 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUeik8wLAEUNdYqBYvhcpdfarGC80wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkyMjAwMDAwMFoX DTIzMTAyNzIzNTk1OVowejFJMEcGA1UEBRNAMmE0MmZlNGY5OTdhODNkMTI1Njlm MDVmZjU3MDMwNzZmYjBlNjczZmNhYmI2NjA1MGI2MGFlZGI0MjM2MDVkNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyp5/FkCSb9t9uectjD8loo0mrK5Z v3CsvIliO6jKT4g7vJphSNcb2jMpeNnYV/oKjEQ4VjRezq6Sn2PjN9h/wl3pgdtm haG6fE5faUc7rFuYTJRQzoy8dBofTGA4bjR/1u5xrdpQnBmxmAbcWZq7Ev436QQV pTHcl5CT4CrrxAN6r1Uy8uROy1TOdcgbMLaG1cqGhTXQCLHBs6XRYwi2SvcHcTXD bYgDxNsI5wXJX2fhBa6HPHBu9FCAtTC3lNwlFzeME5NVYBpFzPHQvGPwQ0c00vba 5WFa6YTSO7jMVEuK6nehiZ7LhAZa8J8IjJcj6tH8BxZ9rcGdtu6VB8KBKwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFK1aZjMgA7VVOcr0KDsWTbqLmEq3MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzZiMzM2YjAyLWY3NzMtNGZiYi1iYmM0LWExMTQ5YjE3MmFkMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaoLAwDQYJKoZIhvcNAQELBQADggEBAMU/kV5obHG/Jhkjsfwm CPvFMK9t03ZXVoZ3GBtzxGZfdzYMNb2kIQie9+qCq7fb+mhBA4+DdX2rpCT+kpdk +L4HzmhRX0h21V6xPPFNUSDWf2y+qZvRLk3t6AMvleiuHf1p7CRF4K6RjxAZ+wMW WQzbzPFoPbkYbKCzNVugLxrOVxVQwT2Pi5TIS8ARWfJoN1+Xs2T0O+2kdThhvhqL x6o0vlwFkVQqXNp/PR5XdSynjSVLW+jZj76T5QYDZkOgo13uNjSHCqNxylRuOF1l 1u1wPdBRzcvc76B616XG0LLERNpuWcuRMuhl5oEEfLehAnGlFe1pA4jC687bqwDk vhk= -----END CERTIFICATE-----Generated at Fri Sep 22 00:27:51 2023 by rpki-client on console-ams.rpki-client.org