$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7af6d5b6-fa6f-4ab7-8316-c73abac19389.roa File: 7af6d5b6-fa6f-4ab7-8316-c73abac19389.roa (raw, json) Hash identifier: RgHZYBJBOPhCjxFbvAuk6F/m5E6kBpaHlnVvhPo3/Kk= Subject key identifier: 7B:73:ED:BF:0A:18:D1:8C:82:3A:BD:51:FB:E7:97:26:99:D8:8A:5D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7DEB767A95463AFCC852DA85D02A4A77D175059E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7af6d5b6-fa6f-4ab7-8316-c73abac19389.roa Signing time: Thu 02 May 2024 00:00:00 +0000 ROA not before: Thu 02 May 2024 00:00:00 +0000 ROA not after: Thu 06 Jun 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:c800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 May 2024 00:10:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:eb:76:7a:95:46:3a:fc:c8:52:da:85:d0:2a:4a:77:d1:75:05:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 2 00:00:00 2024 GMT Not After : Jun 6 23:59:59 2024 GMT Subject: serialNumber=ad42ec66ea1205c1585dbd92bda115d0d483421d4ddb9c82665e951e018d1bc5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:b9:78:d5:11:98:63:e1:eb:62:7f:cd:da:8b: 37:d3:97:ba:a4:ab:db:a1:f7:e6:ac:3c:1b:bc:1b: 03:76:4f:d1:62:eb:fc:c0:d4:ee:91:c6:ca:79:2a: 05:36:d6:39:c3:51:b0:5f:62:37:7f:e0:45:56:a7: c5:22:9a:b2:58:11:b5:cf:c9:a8:41:ea:1b:60:72: 2d:dc:c8:5c:37:d7:6f:ea:e8:72:44:b9:20:42:9e: 32:41:4e:88:12:ef:3c:91:d0:c8:0a:30:a0:e6:00: 2e:d2:ce:d0:fb:47:dd:d5:31:13:48:bb:21:12:97: 61:c8:12:64:1f:31:9e:ca:8e:97:f9:12:21:d2:ae: de:e7:e9:3d:cd:ee:d4:96:04:b9:62:7e:23:1c:e8: 8f:5b:d9:78:1c:15:9c:82:5d:e5:65:3b:52:18:e9: f4:0c:3f:99:3e:cf:af:38:30:bb:53:69:5c:aa:69: 5b:2f:7f:01:7e:c9:97:ba:d6:ff:de:e0:5b:89:89: 81:1e:d1:ea:83:00:6a:22:29:a8:98:70:82:d5:8c: cd:4c:39:eb:96:ba:0a:09:2d:f5:a7:74:5c:e0:f9: 39:9c:64:bb:15:a7:13:e9:3f:b9:86:fa:36:ca:26: c7:b7:dc:e9:09:eb:ee:e7:38:78:4f:fe:7d:b8:9a: 20:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:73:ED:BF:0A:18:D1:8C:82:3A:BD:51:FB:E7:97:26:99:D8:8A:5D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7af6d5b6-fa6f-4ab7-8316-c73abac19389.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:c800::/40 Signature Algorithm: sha256WithRSAEncryption a6:5d:63:6c:20:98:e7:9a:6e:de:7f:6c:7f:d9:1c:38:6e:bb: bc:51:7f:7a:c9:7d:de:15:e7:be:97:1f:48:85:dd:2a:b3:8b: 11:2c:31:dc:0c:fc:f8:fc:e4:04:f2:20:d4:a9:61:0d:d9:b3: 61:19:78:0f:e0:e3:55:16:8e:69:9a:75:f8:6c:61:85:72:88: 57:3d:06:c6:e0:12:40:0c:27:a7:99:69:2c:8c:7a:54:11:30: a8:87:c8:de:36:ee:d1:0c:13:a1:9f:f3:bf:e2:02:dc:f4:87: 28:fd:70:19:87:b9:a2:6c:08:28:92:e1:ca:66:ce:23:50:56: a7:9a:04:b0:cf:96:44:6f:b1:14:6b:00:c2:ad:3c:be:ca:4b: a7:c1:ad:c0:04:9b:d0:a5:e7:aa:80:e2:15:00:46:92:a0:a5: a4:17:0a:59:64:79:60:57:a4:fb:b1:42:1e:7a:03:20:8c:79: c9:1f:00:c0:17:23:93:de:80:06:71:03:c8:20:42:da:b6:b0: 0b:92:57:f3:ba:75:03:ef:ba:ba:92:52:13:48:43:45:b0:e6: a5:95:01:59:ab:9c:f7:04:ee:13:f4:4a:84:a1:e4:d3:10:d0: 67:a5:79:d9:0a:07:7b:6e:3a:1e:2f:c3:50:1b:3f:61:a0:73: b7:73:fd:0d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUfet2epVGOvzIUtqF0CpKd9F1BZ4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUwMjAwMDAwMFoX DTI0MDYwNjIzNTk1OVowejFJMEcGA1UEBRNAYWQ0MmVjNjZlYTEyMDVjMTU4NWRi ZDkyYmRhMTE1ZDBkNDgzNDIxZDRkZGI5YzgyNjY1ZTk1MWUwMThkMWJjNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Ll41RGYY+HrYn/N2os305e6pKvb offmrDwbvBsDdk/RYuv8wNTukcbKeSoFNtY5w1GwX2I3f+BFVqfFIpqyWBG1z8mo QeobYHIt3MhcN9dv6uhyRLkgQp4yQU6IEu88kdDICjCg5gAu0s7Q+0fd1TETSLsh EpdhyBJkHzGeyo6X+RIh0q7e5+k9ze7UlgS5Yn4jHOiPW9l4HBWcgl3lZTtSGOn0 DD+ZPs+vODC7U2lcqmlbL38BfsmXutb/3uBbiYmBHtHqgwBqIimomHCC1YzNTDnr lroKCS31p3Rc4Pk5nGS7FacT6T+5hvo2yibHt9zpCevu5zh4T/59uJogIwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHtz7b8KGNGMgjq9UfvnlyaZ2IpdMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzdhZjZkNWI2LWZhNmYtNGFiNy04MzE2LWM3M2FiYWMxOTM4OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOMgwDQYJKoZIhvcNAQELBQADggEBAKZdY2wgmOeabt5/bH/Z HDhuu7xRf3rJfd4V576XH0iF3SqzixEsMdwM/Pj85ATyINSpYQ3Zs2EZeA/g41UW jmmadfhsYYVyiFc9BsbgEkAMJ6eZaSyMelQRMKiHyN427tEME6Gf87/iAtz0hyj9 cBmHuaJsCCiS4cpmziNQVqeaBLDPlkRvsRRrAMKtPL7KS6fBrcAEm9Cl56qA4hUA RpKgpaQXCllkeWBXpPuxQh56AyCMeckfAMAXI5PegAZxA8ggQtq2sAuSV/O6dQPv urqSUhNIQ0Ww5qWVAVmrnPcE7hP0SoSh5NMQ0GeledkKB3tuOh4vw1AbP2Ggc7dz /Q0= -----END CERTIFICATE-----Generated at Sat May 18 05:19:52 2024 by rpki-client on console-fra.rpki-client.org