$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/71870024-8ed4-4150-a104-52f4b8c56809.roa File: 71870024-8ed4-4150-a104-52f4b8c56809.roa (raw, json) Hash identifier: +MLHtA7ZqQiJLofEoT1BP0DpXLDlBvc8EnmA6md+1ZI= Subject key identifier: F6:54:75:C3:2F:E4:82:52:C2:AC:73:AC:EB:84:17:CE:50:49:20:AA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0BDE26EE943CDF6B3FB312424690775DDF1342E4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/71870024-8ed4-4150-a104-52f4b8c56809.roa Signing time: Mon 08 Jul 2024 00:00:00 +0000 ROA not before: Mon 08 Jul 2024 00:00:00 +0000 ROA not after: Mon 12 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab8:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:de:26:ee:94:3c:df:6b:3f:b3:12:42:46:90:77:5d:df:13:42:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 8 00:00:00 2024 GMT Not After : Aug 12 23:59:59 2024 GMT Subject: serialNumber=f9e8898f45454bcbe3a9bca2797e70af9822bb55a2bc072d529c1b4d766361b8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:29:cb:57:c5:d6:1d:d9:82:f8:fd:e1:1c:0c: e4:db:50:12:90:ff:96:73:f6:a2:ab:aa:4c:9f:12: e3:73:74:de:4a:47:ef:d3:cb:fa:61:47:f1:c7:3e: 12:e8:b3:88:98:fe:f8:27:bd:0d:24:a5:44:0c:b2: 12:6d:e5:09:09:0d:93:b9:17:75:b2:ea:54:26:f1: 66:6d:b0:12:91:57:d5:41:39:b1:56:4c:3e:a0:c0: ec:70:61:3d:9d:05:0b:b0:2f:c4:17:fc:e9:5c:a6: 0f:88:9b:6c:27:01:43:2f:e6:cc:f1:e7:fd:21:2c: 91:0e:c7:4a:b5:c9:5a:a0:ec:1a:f0:02:1f:4a:04: 68:d5:25:93:ae:d7:4f:3e:a5:c2:e5:b2:d2:f0:36: 84:fc:b7:93:9a:60:ba:34:4c:bb:97:d8:d6:10:12: c4:31:87:58:15:d5:9c:66:3c:3d:af:fd:56:ed:a8: 16:89:ad:d1:0e:b1:35:6a:dc:8d:13:c4:09:7d:71: 49:dd:1c:3c:ec:e2:11:9f:ff:d5:e9:d6:bc:07:33: d2:f5:5f:ea:be:da:7c:f4:96:aa:ac:10:36:f1:17: 81:d5:44:07:7e:f3:61:53:a8:34:c9:ba:8e:93:0d: 56:99:04:dd:11:be:93:a4:f9:e9:38:87:13:62:6d: 43:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:54:75:C3:2F:E4:82:52:C2:AC:73:AC:EB:84:17:CE:50:49:20:AA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/71870024-8ed4-4150-a104-52f4b8c56809.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab8:2000::/40 Signature Algorithm: sha256WithRSAEncryption 6c:25:f3:85:97:83:6a:dc:ed:5f:e2:0f:ea:ff:04:50:8c:c5: 04:ba:62:ec:ad:aa:22:02:3d:b5:83:03:20:94:06:db:a7:5c: 64:60:c8:65:97:75:0a:f2:d8:ec:cb:4f:91:e7:96:e5:87:d0: 64:bd:87:74:d6:49:05:ba:31:88:74:50:b7:38:39:20:00:dc: 7d:e1:c0:cb:1e:41:55:19:98:61:e2:7c:99:41:8d:19:ba:e9: 54:36:1c:ba:09:23:dd:81:bb:3e:60:23:57:75:f8:30:5a:01: 78:d4:71:32:07:10:5f:4e:91:d5:9c:3e:65:bd:38:db:b8:6f: b0:2e:2f:fa:a7:b7:f6:46:28:03:d0:9a:44:c8:09:04:30:80: 66:f5:f0:be:ca:f7:89:b4:8b:a8:18:36:8f:1b:88:d3:fa:e1: 43:80:b3:a7:ea:be:48:3f:b8:2f:8c:8f:ea:10:28:af:c5:d0: 14:df:b7:4d:24:d2:8d:e0:bb:0c:1b:50:ba:ec:14:d8:a7:14: ca:7b:87:53:c5:48:09:cc:ab:46:5b:a5:8c:09:28:dc:ff:54: 5d:cb:a1:42:90:ea:3d:91:ae:6f:8e:19:48:82:e2:9e:e2:1a: bc:99:b1:d4:62:64:2e:8d:d2:f1:8b:d9:36:cc:db:81:44:3d: b7:bb:d4:28 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUC94m7pQ832s/sxJCRpB3Xd8TQuQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcwODAwMDAwMFoX DTI0MDgxMjIzNTk1OVowejFJMEcGA1UEBRNAZjllODg5OGY0NTQ1NGJjYmUzYTli Y2EyNzk3ZTcwYWY5ODIyYmI1NWEyYmMwNzJkNTI5YzFiNGQ3NjYzNjFiODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAminLV8XWHdmC+P3hHAzk21ASkP+W c/aiq6pMnxLjc3TeSkfv08v6YUfxxz4S6LOImP74J70NJKVEDLISbeUJCQ2TuRd1 supUJvFmbbASkVfVQTmxVkw+oMDscGE9nQULsC/EF/zpXKYPiJtsJwFDL+bM8ef9 ISyRDsdKtclaoOwa8AIfSgRo1SWTrtdPPqXC5bLS8DaE/LeTmmC6NEy7l9jWEBLE MYdYFdWcZjw9r/1W7agWia3RDrE1atyNE8QJfXFJ3Rw87OIRn//V6da8BzPS9V/q vtp89JaqrBA28ReB1UQHfvNhU6g0ybqOkw1WmQTdEb6TpPnpOIcTYm1DMwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPZUdcMv5IJSwqxzrOuEF85QSSCqMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzcxODcwMDI0LThlZDQtNDE1MC1hMTA0LTUyZjRiOGM1NjgwOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauCAwDQYJKoZIhvcNAQELBQADggEBAGwl84WXg2rc7V/iD+r/ BFCMxQS6YuytqiICPbWDAyCUBtunXGRgyGWXdQry2OzLT5HnluWH0GS9h3TWSQW6 MYh0ULc4OSAA3H3hwMseQVUZmGHifJlBjRm66VQ2HLoJI92Buz5gI1d1+DBaAXjU cTIHEF9OkdWcPmW9ONu4b7AuL/qnt/ZGKAPQmkTICQQwgGb18L7K94m0i6gYNo8b iNP64UOAs6fqvkg/uC+Mj+oQKK/F0BTft00k0o3guwwbULrsFNinFMp7h1PFSAnM q0ZbpYwJKNz/VF3LoUKQ6j2Rrm+OGUiC4p7iGryZsdRiZC6N0vGL2TbM24FEPbe7 1Cg= -----END CERTIFICATE-----Generated at Fri Jul 26 02:06:16 2024 by rpki-client on console-fra.rpki-client.org