$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/78343754-5d6e-4ded-9b4c-d9d70b6ccac8.roa File: 78343754-5d6e-4ded-9b4c-d9d70b6ccac8.roa (raw, json) Hash identifier: zrOrvlDRucnGXgGt/q2Th4yCM33IFPhxhD4kXex92bs= Subject key identifier: 1A:82:37:84:58:FE:00:91:D0:26:AE:53:7A:23:B5:93:79:1E:79:05 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1FDF55CAB19913891F39156751364EBBFA16C363 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/78343754-5d6e-4ded-9b4c-d9d70b6ccac8.roa Signing time: Tue 09 Jul 2024 00:00:00 +0000 ROA not before: Tue 09 Jul 2024 00:00:00 +0000 ROA not after: Tue 13 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf5:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 31 Jul 2024 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:df:55:ca:b1:99:13:89:1f:39:15:67:51:36:4e:bb:fa:16:c3:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 9 00:00:00 2024 GMT Not After : Aug 13 23:59:59 2024 GMT Subject: serialNumber=3d0063e8683d509ee40af685ed3f0dac09333caeadb7fc9b707f88efcd53f515, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:89:5f:f2:cd:4d:66:6b:68:de:cb:2e:fe:11: 0e:c0:8e:43:4c:5d:e9:1f:fa:a5:56:16:61:af:12: 28:82:4b:61:ab:60:3d:15:dd:e8:bc:bf:f7:0b:21: ac:d0:b6:1a:0e:69:04:94:52:5a:aa:97:66:bc:53: 45:04:53:d4:ce:38:d5:0a:5b:0e:59:43:3a:0a:fc: c4:e9:ff:1f:71:48:19:63:44:74:cd:0a:53:af:99: 47:1d:13:3c:a3:e0:d7:31:1b:01:f8:72:05:7c:d8: 37:c2:55:17:e0:0b:40:08:62:6e:a6:c9:85:a8:f7: e5:25:34:82:97:cb:de:21:7e:29:44:17:c0:50:3f: 98:e2:9a:de:c1:7c:64:bd:7d:f6:89:6c:4f:1f:01: 1c:24:a3:65:9e:4f:41:25:f9:64:bd:52:2a:56:7a: ef:da:b6:76:93:a7:b9:0c:5c:c0:3a:ac:a0:f1:d4: 62:96:26:a1:17:37:1a:c5:4f:b6:93:13:93:4f:61: 14:7f:ed:ae:3b:89:3e:fe:1f:1f:04:81:4e:4d:1d: be:25:e9:b1:98:67:05:25:a2:4a:4f:7f:19:59:64: e1:3c:49:34:9d:35:a0:69:81:7f:ee:2a:db:85:c7: 4b:6b:5b:a5:b5:32:df:de:9c:e4:4d:3c:81:df:c9: e3:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:82:37:84:58:FE:00:91:D0:26:AE:53:7A:23:B5:93:79:1E:79:05 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/78343754-5d6e-4ded-9b4c-d9d70b6ccac8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf5:9000::/40 Signature Algorithm: sha256WithRSAEncryption 47:3d:d1:83:05:4f:37:d0:9e:bd:3d:79:05:b0:d6:34:bb:9d: 30:9f:16:c2:23:6e:79:a8:d8:e9:b0:23:4e:ff:5c:c4:0e:2a: 16:f7:87:a1:94:23:42:82:28:af:c1:bf:56:3f:ad:4d:58:bd: 7c:e1:d1:87:59:6f:ae:63:18:01:35:f6:69:b8:e1:f2:66:ab: 71:3c:a5:ec:db:e2:3a:9a:2b:2a:52:94:df:5b:73:17:28:52: 7f:24:4d:6c:08:bf:18:50:da:33:bf:2b:4a:75:0a:a2:ab:df: dd:e1:bd:74:95:34:28:bb:4d:be:a3:50:9b:0a:61:3e:94:9d: 98:17:84:96:82:98:ea:a3:35:dd:db:9d:8f:77:81:94:95:37: 10:d7:79:5f:f6:1d:6b:e7:25:7d:fc:80:9a:5d:bd:e0:ce:9a: 68:c7:a3:79:03:6f:1d:c7:00:54:e8:e9:a1:b1:6b:8f:72:85: 9c:a3:68:fc:00:b9:e5:a3:37:bb:7d:20:04:1d:ad:d2:c3:d4: 70:e3:2c:43:e1:3d:b9:d4:38:5c:8c:5c:44:dd:43:d3:4c:82: af:0d:14:8c:cc:a1:04:f8:6c:80:20:b9:5c:c9:4d:16:6b:1b: d0:66:41:b8:9a:eb:68:17:e1:f2:e8:3b:a9:4d:66:d1:ec:37: 5f:32:18:04 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUH99VyrGZE4kfORVnUTZOu/oWw2MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcwOTAwMDAwMFoX DTI0MDgxMzIzNTk1OVowejFJMEcGA1UEBRNAM2QwMDYzZTg2ODNkNTA5ZWU0MGFm Njg1ZWQzZjBkYWMwOTMzM2NhZWFkYjdmYzliNzA3Zjg4ZWZjZDUzZjUxNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Ilf8s1NZmto3ssu/hEOwI5DTF3p H/qlVhZhrxIogkthq2A9Fd3ovL/3CyGs0LYaDmkElFJaqpdmvFNFBFPUzjjVClsO WUM6CvzE6f8fcUgZY0R0zQpTr5lHHRM8o+DXMRsB+HIFfNg3wlUX4AtACGJupsmF qPflJTSCl8veIX4pRBfAUD+Y4prewXxkvX32iWxPHwEcJKNlnk9BJflkvVIqVnrv 2rZ2k6e5DFzAOqyg8dRiliahFzcaxU+2kxOTT2EUf+2uO4k+/h8fBIFOTR2+Jemx mGcFJaJKT38ZWWThPEk0nTWgaYF/7irbhcdLa1ultTLf3pzkTTyB38njZQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBqCN4RY/gCR0CauU3ojtZN5HnkFMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc4MzQzNzU0LTVkNmUtNGRlZC05YjRjLWQ5ZDcwYjZjY2FjOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9ZAwDQYJKoZIhvcNAQELBQADggEBAEc90YMFTzfQnr09eQWw 1jS7nTCfFsIjbnmo2OmwI07/XMQOKhb3h6GUI0KCKK/Bv1Y/rU1YvXzh0YdZb65j GAE19mm44fJmq3E8pezb4jqaKypSlN9bcxcoUn8kTWwIvxhQ2jO/K0p1CqKr393h vXSVNCi7Tb6jUJsKYT6UnZgXhJaCmOqjNd3bnY93gZSVNxDXeV/2HWvnJX38gJpd veDOmmjHo3kDbx3HAFTo6aGxa49yhZyjaPwAueWjN7t9IAQdrdLD1HDjLEPhPbnU OFyMXETdQ9NMgq8NFIzMoQT4bIAguVzJTRZrG9BmQbia62gX4fLoO6lNZtHsN18y GAQ= -----END CERTIFICATE-----Generated at Sat Jul 27 00:57:55 2024 by rpki-client on console-ams.rpki-client.org