$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/794feada-3f8b-4a7b-8954-992fddba3191.roa File: 794feada-3f8b-4a7b-8954-992fddba3191.roa (raw, json) Hash identifier: NKxZS0Hfr9M+JYv4OGj/NPPC7Xa1K09r/+hjIi1uvW8= Subject key identifier: E5:60:A7:E8:9D:44:81:26:E2:CE:E7:6A:A7:E3:C0:8E:31:00:19:0E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0760FB160831EC2DC3617CB4972A3E403D618C41 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/794feada-3f8b-4a7b-8954-992fddba3191.roa Signing time: Sat 06 Apr 2024 00:00:00 +0000 ROA not before: Sat 06 Apr 2024 00:00:00 +0000 ROA not after: Sat 11 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 22 Apr 2024 00:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:60:fb:16:08:31:ec:2d:c3:61:7c:b4:97:2a:3e:40:3d:61:8c:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 6 00:00:00 2024 GMT Not After : May 11 23:59:59 2024 GMT Subject: serialNumber=5d6b6f9b16fff8e843e9b7a6961c8bedaec72a393555eed6f610e7b6e89fb30f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:d4:8b:e1:0e:be:8d:45:97:12:fe:84:b3:8e: 50:2f:35:e2:ba:5d:5e:29:16:3e:e9:bb:8e:ad:de: 45:d3:03:a0:e0:7c:a8:cb:f4:f9:52:0f:9c:1c:5c: f7:0b:8e:17:51:27:37:55:12:4b:e3:e5:be:7e:1e: b9:e0:bb:ba:2e:25:08:b6:97:fb:d3:48:49:8d:da: 49:20:f8:b1:61:db:89:c3:e1:19:a7:5f:95:69:97: a3:c0:3b:1b:7e:af:32:95:db:d2:5a:53:af:c0:74: 7f:8a:60:dc:c5:b1:fb:db:e1:b6:a7:ef:ed:22:71: 0f:5e:8b:d5:70:68:62:c1:64:a7:ef:33:ee:fc:aa: 28:67:49:9f:7b:0d:5c:9e:cd:4c:fb:ab:af:f6:e7: 9f:c8:01:65:7a:c3:c4:e9:4d:64:14:af:d7:04:b6: 92:43:1d:18:c2:24:7f:0d:b2:e6:a6:03:eb:86:75: 83:20:b7:82:a2:03:7c:ce:7a:32:e5:31:ef:a2:1a: b8:4e:78:88:db:7d:49:cf:d3:2f:65:9d:1c:43:b0: e4:be:1b:c2:09:c0:50:ae:f2:ff:54:10:13:a3:9e: 0b:2b:bb:d9:c6:a8:46:f8:aa:f5:be:45:ce:6e:f5: 9b:94:7e:6b:5b:12:15:e0:9d:ae:e2:f8:bb:9a:48: 0e:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:60:A7:E8:9D:44:81:26:E2:CE:E7:6A:A7:E3:C0:8E:31:00:19:0E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/794feada-3f8b-4a7b-8954-992fddba3191.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:a000::/40 Signature Algorithm: sha256WithRSAEncryption 7d:4c:2c:fe:62:0b:9d:71:ad:ce:63:ea:db:b1:cd:55:ef:8a: d8:15:dc:62:c0:a1:e2:76:eb:0e:77:77:18:bf:be:26:ba:44: d1:96:60:52:60:75:4b:c1:64:b9:cc:b3:7d:60:ac:a2:f4:f8: ec:0b:01:ba:c1:81:40:e3:fe:e8:1b:81:f5:48:0d:64:c3:08: 23:15:1a:b6:12:e5:e8:6f:a1:b8:e7:02:81:f5:e6:dc:d4:03: 6e:6d:41:38:b5:d7:d8:47:7a:fc:78:02:0f:5f:0d:71:03:a1: d1:cd:2f:ad:1d:49:37:a2:d2:51:4a:e2:0c:af:c5:8e:eb:7e: 00:ce:c4:6d:4e:b3:57:50:7a:ee:51:10:b6:82:53:59:50:cf: b6:ad:84:80:d5:4f:03:26:90:80:cb:6c:94:da:4d:c8:3a:83: 1a:bb:a9:a5:e5:8b:92:0c:0b:ba:43:24:cf:58:39:87:86:e8: 37:02:24:e4:6b:5e:4f:c3:57:47:46:7b:0b:62:d6:29:ea:ea: 16:83:ae:e2:d9:3b:77:84:ca:69:47:a0:7b:4d:6f:f1:cf:dc: 36:d4:41:11:6d:45:05:6a:11:12:dc:1f:23:c8:1d:85:be:b2: 74:d4:0d:83:80:d5:f4:1c:82:fd:a4:d1:25:77:ad:2d:d4:bd: 17:52:de:64 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUB2D7Fggx7C3DYXy0lyo+QD1hjEEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQwNjAwMDAwMFoX DTI0MDUxMTIzNTk1OVowejFJMEcGA1UEBRNANWQ2YjZmOWIxNmZmZjhlODQzZTli N2E2OTYxYzhiZWRhZWM3MmEzOTM1NTVlZWQ2ZjYxMGU3YjZlODlmYjMwZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNSL4Q6+jUWXEv6Es45QLzXiul1e KRY+6buOrd5F0wOg4Hyoy/T5Ug+cHFz3C44XUSc3VRJL4+W+fh654Lu6LiUItpf7 00hJjdpJIPixYduJw+EZp1+VaZejwDsbfq8yldvSWlOvwHR/imDcxbH72+G2p+/t InEPXovVcGhiwWSn7zPu/KooZ0mfew1cns1M+6uv9uefyAFlesPE6U1kFK/XBLaS Qx0YwiR/DbLmpgPrhnWDILeCogN8znoy5THvohq4TniI231Jz9MvZZ0cQ7DkvhvC CcBQrvL/VBATo54LK7vZxqhG+Kr1vkXObvWblH5rWxIV4J2u4vi7mkgO3wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOVgp+idRIEm4s7naqfjwI4xABkOMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc5NGZlYWRhLTNmOGItNGE3Yi04OTU0LTk5MmZkZGJhMzE5MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8aAwDQYJKoZIhvcNAQELBQADggEBAH1MLP5iC51xrc5j6tux zVXvitgV3GLAoeJ26w53dxi/via6RNGWYFJgdUvBZLnMs31grKL0+OwLAbrBgUDj /ugbgfVIDWTDCCMVGrYS5ehvobjnAoH15tzUA25tQTi119hHevx4Ag9fDXEDodHN L60dSTei0lFK4gyvxY7rfgDOxG1Os1dQeu5RELaCU1lQz7athIDVTwMmkIDLbJTa Tcg6gxq7qaXli5IMC7pDJM9YOYeG6DcCJORrXk/DV0dGewti1inq6haDruLZO3eE ymlHoHtNb/HP3DbUQRFtRQVqERLcHyPIHYW+snTUDYOA1fQcgv2k0SV3rS3UvRdS 3mQ= -----END CERTIFICATE-----Generated at Thu Apr 18 03:48:26 2024 by rpki-client on console-fra.rpki-client.org