$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/70933784-e712-42ef-a2e9-f2175b4ced03.roa File: 70933784-e712-42ef-a2e9-f2175b4ced03.roa (raw, json) Hash identifier: EIjhEA0NegNpNNyjwBJjlDTziR/rB3NOM0bfWTbf+Zw= Subject key identifier: 81:65:92:0B:57:1B:06:C5:C9:82:A8:1C:89:AB:85:BD:3D:CE:A9:E0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 59745E707714198661B210474539BF0EEE043565 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/70933784-e712-42ef-a2e9-f2175b4ced03.roa Signing time: Sat 06 Apr 2024 00:00:00 +0000 ROA not before: Sat 06 Apr 2024 00:00:00 +0000 ROA not after: Sat 11 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da19::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 23 Apr 2024 00:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:74:5e:70:77:14:19:86:61:b2:10:47:45:39:bf:0e:ee:04:35:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 6 00:00:00 2024 GMT Not After : May 11 23:59:59 2024 GMT Subject: serialNumber=63d88c90c04a115de78fd66cf3a2b352e3b18bd8707abffc2d6cc8a365bf92b6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:8a:83:17:2f:46:cf:fa:f1:a3:85:18:a7:9d: 1e:cc:69:3d:89:25:98:f8:a2:91:d4:83:8a:dc:96: 41:b3:ab:0e:6e:79:4f:6a:6d:ba:33:ef:68:1b:ce: 1c:c4:23:59:47:ee:d6:d2:8d:03:db:7c:3d:6c:9a: 49:3d:9e:7a:0b:d4:e7:2a:0b:89:3b:aa:99:4c:7f: c8:0e:89:21:f6:fa:56:0c:72:ef:25:0d:e4:71:96: d9:16:58:2b:9d:14:0f:66:d0:2f:e8:e8:96:5f:43: 9b:ca:9f:97:e0:83:90:54:53:60:80:dc:cc:7d:54: 44:ba:4e:bb:ef:42:d9:f6:22:e3:b6:d8:59:ba:68: 09:6a:0d:a4:fe:70:8e:e7:1c:2a:fd:fa:07:77:19: cb:27:98:6a:ad:35:7c:54:8e:01:ea:b4:87:88:6c: 2d:39:a8:89:67:91:e6:96:18:46:1b:fc:d4:1b:82: c4:a0:f4:bf:45:80:11:17:43:9a:de:8d:e3:5c:61: 43:e2:a0:e3:3c:1e:6d:c3:a2:83:92:7f:ec:da:d3: a2:c6:7e:0b:d1:96:36:cc:3f:96:58:c5:57:cb:e9: d6:fe:e8:7f:cf:f4:f2:6d:dd:81:94:35:14:65:50: d3:ba:14:a7:55:01:84:39:bd:25:5e:b4:83:35:1c: 19:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:65:92:0B:57:1B:06:C5:C9:82:A8:1C:89:AB:85:BD:3D:CE:A9:E0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/70933784-e712-42ef-a2e9-f2175b4ced03.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da19::/36 Signature Algorithm: sha256WithRSAEncryption 37:da:a9:10:dd:40:2a:7b:c3:3b:95:b5:a9:30:0b:c0:d1:5a: f9:e5:26:1e:bb:38:f3:e2:17:79:c2:d3:38:51:24:a8:c2:3d: 17:76:57:ee:b7:03:8a:88:a9:19:c6:ab:52:69:71:0a:56:da: da:0b:68:0c:c1:ca:1f:e0:62:ee:fe:fb:a2:d5:f9:8d:07:94: 4b:c6:94:f1:84:53:1c:06:51:05:c0:97:52:18:25:06:8f:6c: 51:5e:43:bd:b0:06:f2:c9:b2:6f:a8:77:82:21:55:c9:3a:5f: 75:d7:2f:54:a7:90:48:a4:fb:a2:8e:aa:f2:65:50:54:25:e2: ec:c6:7b:ac:60:ff:ea:b5:25:9e:76:0a:50:2d:34:87:ce:b8: 54:2d:66:32:fd:8f:37:a7:a3:98:e0:96:31:5b:f3:5c:0b:66: 81:c8:1d:c4:64:aa:aa:7d:29:66:c9:f4:7d:ad:c3:9e:ae:45: 41:6a:a3:9c:d8:19:97:ce:db:f4:ec:ff:3e:e1:9f:92:03:b3: 74:c8:b1:40:cc:65:47:90:21:e8:2a:e0:14:d3:0f:5d:0c:42: 47:cc:55:fa:b2:c3:31:fd:fa:7b:38:f7:55:0d:8d:3e:39:9c: b6:2c:ac:83:96:e8:06:59:a2:1f:c6:bf:11:34:51:9e:4a:17: f7:9f:a0:b7 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUWXRecHcUGYZhshBHRTm/Du4ENWUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQwNjAwMDAwMFoX DTI0MDUxMTIzNTk1OVowejFJMEcGA1UEBRNANjNkODhjOTBjMDRhMTE1ZGU3OGZk NjZjZjNhMmIzNTJlM2IxOGJkODcwN2FiZmZjMmQ2Y2M4YTM2NWJmOTJiNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoqDFy9Gz/rxo4UYp50ezGk9iSWY +KKR1IOK3JZBs6sObnlPam26M+9oG84cxCNZR+7W0o0D23w9bJpJPZ56C9TnKguJ O6qZTH/IDokh9vpWDHLvJQ3kcZbZFlgrnRQPZtAv6OiWX0Obyp+X4IOQVFNggNzM fVREuk6770LZ9iLjtthZumgJag2k/nCO5xwq/foHdxnLJ5hqrTV8VI4B6rSHiGwt OaiJZ5HmlhhGG/zUG4LEoPS/RYARF0Oa3o3jXGFD4qDjPB5tw6KDkn/s2tOixn4L 0ZY2zD+WWMVXy+nW/uh/z/Tybd2BlDUUZVDTuhSnVQGEOb0lXrSDNRwZ+QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIFlkgtXGwbFyYKoHImrhb09zqngMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzcwOTMzNzg0LWU3MTItNDJlZi1hMmU5LWYyMTc1YjRjZWQwMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaGQAwDQYJKoZIhvcNAQELBQADggEBADfaqRDdQCp7wzuVtakw C8DRWvnlJh67OPPiF3nC0zhRJKjCPRd2V+63A4qIqRnGq1JpcQpW2toLaAzByh/g Yu7++6LV+Y0HlEvGlPGEUxwGUQXAl1IYJQaPbFFeQ72wBvLJsm+od4IhVck6X3XX L1SnkEik+6KOqvJlUFQl4uzGe6xg/+q1JZ52ClAtNIfOuFQtZjL9jzeno5jgljFb 81wLZoHIHcRkqqp9KWbJ9H2tw56uRUFqo5zYGZfO2/Ts/z7hn5IDs3TIsUDMZUeQ Iegq4BTTD10MQkfMVfqywzH9+ns491UNjT45nLYsrIOW6AZZoh/GvxE0UZ5KF/ef oLc= -----END CERTIFICATE-----Generated at Fri Apr 19 00:30:57 2024 by rpki-client on console-fra.rpki-client.org