$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/71870024-8ed4-4150-a104-52f4b8c56809.roa File: 71870024-8ed4-4150-a104-52f4b8c56809.roa (raw, json) Hash identifier: 8YvYG3hDUv8UfOJIIhqzGCVhSWJgH55zyzbWledKgkA= Subject key identifier: A4:74:37:CC:53:58:45:F8:47:06:8C:A3:43:9D:1E:0C:0D:7D:EB:55 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2ED1F59CC721ACE3450D52D5C07944CEB76D417C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/71870024-8ed4-4150-a104-52f4b8c56809.roa Signing time: Tue 23 Apr 2024 00:00:00 +0000 ROA not before: Tue 23 Apr 2024 00:00:00 +0000 ROA not after: Tue 28 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab8:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 05 May 2024 15:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:d1:f5:9c:c7:21:ac:e3:45:0d:52:d5:c0:79:44:ce:b7:6d:41:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 23 00:00:00 2024 GMT Not After : May 28 23:59:59 2024 GMT Subject: serialNumber=63c840e96f65548d1c1a03920ebcf7dd5c637b3dd6e843fd13757b572def8d6f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:60:f7:43:66:ea:59:a9:0c:9f:0c:c2:c7:4a: 40:91:10:69:f7:8b:da:2c:57:05:80:d3:fd:86:72: 18:bf:e7:ea:2f:b3:47:b5:c8:a4:8f:1e:89:7a:f0: 55:0e:6e:cc:5f:c0:43:e3:ba:d7:8e:a9:f8:0b:dd: fa:e6:53:e0:10:45:59:56:ce:43:4b:5b:f7:39:37: ba:2b:7f:3a:37:42:33:de:41:f6:d5:79:96:e0:8e: a3:bd:99:86:79:98:dd:2a:2c:5c:32:24:15:f3:f8: 7e:19:60:a0:d0:ef:a6:af:ae:9f:94:c2:e0:95:00: 2e:56:5e:5b:67:05:85:45:87:68:6b:eb:39:8a:ea: 35:02:95:26:2e:b4:5b:83:b6:d7:66:fd:bf:e4:93: 91:ef:ba:17:e9:eb:a0:dd:2f:77:3a:e7:49:d1:cf: f5:c6:fe:98:1e:5f:1a:9c:68:7f:42:4f:8b:3e:70: ec:a4:16:ad:73:9b:45:ef:d0:28:e8:e8:1b:86:c6: 31:f2:63:71:e9:ac:7f:74:eb:e1:e9:fd:29:34:bb: c1:dc:e7:54:fb:ce:e6:2f:a5:09:95:a8:94:f0:52: 5f:29:1b:93:81:f7:c8:fd:27:60:07:ae:22:13:55: b8:99:1a:96:1f:3d:03:74:a1:b8:23:04:1c:64:e1: 12:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:74:37:CC:53:58:45:F8:47:06:8C:A3:43:9D:1E:0C:0D:7D:EB:55 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/71870024-8ed4-4150-a104-52f4b8c56809.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab8:2000::/40 Signature Algorithm: sha256WithRSAEncryption bc:34:5b:fb:26:b5:84:37:0e:3a:57:9f:07:6f:e4:92:46:47: df:7d:41:d8:01:d1:72:af:65:ee:de:70:61:2e:15:cb:89:76: f7:73:5a:c4:de:5a:5f:94:7b:b7:ce:4d:e2:4c:d0:4d:48:54: 24:a7:be:6a:5b:b9:36:95:d8:d7:aa:13:b8:e3:c1:42:85:fa: 52:3e:d9:bb:04:a2:81:bc:a0:1c:df:f2:fa:54:9a:66:93:c2: 32:87:84:d4:78:ea:06:61:03:37:af:66:10:a9:af:79:7d:26: fc:ba:b5:a3:a3:71:48:dd:a8:66:08:2f:5c:5e:35:de:5f:2c: b0:c1:2a:de:74:99:67:f0:01:44:3c:d0:93:2f:e7:1c:1d:57: 91:c1:9c:3d:fe:09:d3:b7:51:92:ac:66:85:0a:72:1a:f0:41: 31:83:01:80:67:ed:61:47:bf:9f:72:3f:d5:e0:28:42:6c:ac: 31:f7:7e:a4:24:3c:76:ca:aa:bf:d3:ad:73:08:fb:52:d0:b5: d2:a4:c3:03:d3:11:a8:46:60:71:de:d0:d6:96:b5:07:79:20: 93:5e:a3:de:46:81:84:f3:cf:58:b3:de:f0:b3:8e:39:b2:51: 96:99:48:c4:8e:ba:bf:62:54:4c:b0:84:a8:22:39:3e:c4:3e: f1:89:91:8c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIULtH1nMchrONFDVLVwHlEzrdtQXwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQyMzAwMDAwMFoX DTI0MDUyODIzNTk1OVowejFJMEcGA1UEBRNANjNjODQwZTk2ZjY1NTQ4ZDFjMWEw MzkyMGViY2Y3ZGQ1YzYzN2IzZGQ2ZTg0M2ZkMTM3NTdiNTcyZGVmOGQ2ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1mD3Q2bqWakMnwzCx0pAkRBp94va LFcFgNP9hnIYv+fqL7NHtcikjx6JevBVDm7MX8BD47rXjqn4C9365lPgEEVZVs5D S1v3OTe6K386N0Iz3kH21XmW4I6jvZmGeZjdKixcMiQV8/h+GWCg0O+mr66flMLg lQAuVl5bZwWFRYdoa+s5iuo1ApUmLrRbg7bXZv2/5JOR77oX6eug3S93OudJ0c/1 xv6YHl8anGh/Qk+LPnDspBatc5tF79Ao6OgbhsYx8mNx6ax/dOvh6f0pNLvB3OdU +87mL6UJlaiU8FJfKRuTgffI/SdgB64iE1W4mRqWHz0DdKG4IwQcZOESPQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKR0N8xTWEX4RwaMo0OdHgwNfetVMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzcxODcwMDI0LThlZDQtNDE1MC1hMTA0LTUyZjRiOGM1NjgwOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauCAwDQYJKoZIhvcNAQELBQADggEBALw0W/smtYQ3DjpXnwdv 5JJGR999QdgB0XKvZe7ecGEuFcuJdvdzWsTeWl+Ue7fOTeJM0E1IVCSnvmpbuTaV 2NeqE7jjwUKF+lI+2bsEooG8oBzf8vpUmmaTwjKHhNR46gZhAzevZhCpr3l9Jvy6 taOjcUjdqGYIL1xeNd5fLLDBKt50mWfwAUQ80JMv5xwdV5HBnD3+CdO3UZKsZoUK chrwQTGDAYBn7WFHv59yP9XgKEJsrDH3fqQkPHbKqr/TrXMI+1LQtdKkwwPTEahG YHHe0NaWtQd5IJNeo95GgYTzz1iz3vCzjjmyUZaZSMSOur9iVEywhKgiOT7EPvGJ kYw= -----END CERTIFICATE-----Generated at Thu May 2 14:40:18 2024 by rpki-client on console-ams.rpki-client.org