$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/813fd8db-c853-44b7-bd55-127e1e4f5d24.roa File: 813fd8db-c853-44b7-bd55-127e1e4f5d24.roa (raw, json) Hash identifier: OlrgJZXaC/WSpU8aHy9C4oSfBuqkgwCxAfcMUcc8tXw= Subject key identifier: 3D:6F:A7:07:2B:88:D3:83:52:84:72:38:BB:EA:3E:46:7D:DF:BC:B5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 24652D40B0255BB4F54F3EDB77CCB185500E371D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/813fd8db-c853-44b7-bd55-127e1e4f5d24.roa Signing time: Mon 18 Sep 2023 00:00:00 +0000 ROA not before: Mon 18 Sep 2023 00:00:00 +0000 ROA not after: Mon 23 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf0:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 20 Sep 2023 03:07:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:65:2d:40:b0:25:5b:b4:f5:4f:3e:db:77:cc:b1:85:50:0e:37:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 18 00:00:00 2023 GMT Not After : Oct 23 23:59:59 2023 GMT Subject: serialNumber=13fe3ab32fb923a484ef5051adcc904b0f8151f847fb8d0adb28cfa93524d808, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:e0:c4:89:61:9e:e7:dd:a8:6c:80:65:46:75: 8d:5b:38:ba:70:04:52:65:c9:a7:82:9d:12:55:15: 00:99:44:8b:4b:7f:60:06:a2:fb:98:f3:31:14:04: 8d:bc:fa:b8:72:bf:5e:06:25:bf:67:22:7a:8f:9d: 50:0d:cb:a4:bb:a1:f6:da:ef:15:06:5a:17:25:40: 46:ba:7a:52:69:fb:b0:1d:74:34:21:c4:d0:b9:ca: 2c:a4:bc:f0:ce:20:ab:b0:2e:54:67:1a:b7:72:34: 65:ea:84:2e:73:ff:74:90:8d:d2:c0:5f:e9:4d:2c: 04:2b:88:7c:3d:eb:16:8f:e2:a0:ed:52:fc:94:9e: 62:ab:bf:d4:01:67:4e:9c:8a:77:f5:35:2e:4a:96: 0f:db:6a:5a:0f:3f:4d:56:13:76:e7:6a:c0:c4:ab: 8a:30:23:05:95:71:97:ad:36:24:9a:6a:76:9d:44: f9:40:f9:70:80:17:ee:05:ef:99:be:39:10:e3:ec: 15:43:ff:98:49:2b:f4:f7:05:a3:7f:5a:b2:85:24: a5:85:a6:14:c3:56:f9:f2:15:07:cf:30:35:1b:e0: 90:3e:4c:85:97:c8:5c:60:7a:db:85:ef:06:36:a2: 0d:8b:85:79:32:8a:d2:da:3a:03:90:fc:9b:5c:49: 3e:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:6F:A7:07:2B:88:D3:83:52:84:72:38:BB:EA:3E:46:7D:DF:BC:B5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/813fd8db-c853-44b7-bd55-127e1e4f5d24.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf0:9000::/40 Signature Algorithm: sha256WithRSAEncryption 2d:e4:a9:19:78:7d:40:7d:65:fc:18:47:cc:61:b3:4d:41:eb: 45:c3:62:12:4b:85:0f:b1:31:7c:1b:7c:5f:a3:b2:3e:5e:a8: 0f:f5:98:8d:ac:a6:f0:38:03:93:b0:db:52:6b:06:bd:6b:af: ff:a4:ed:52:85:d2:57:ad:fc:61:b0:af:23:91:1c:f8:a1:72: ad:c0:06:77:ce:e9:8f:8b:5f:1e:b6:70:4e:3f:27:58:3b:35: 55:95:cb:39:fe:e1:30:71:88:8e:ab:b6:a9:ae:60:5f:b7:b1: 28:4b:ee:f7:15:ae:7c:59:56:cd:df:54:10:5d:00:32:63:cd: 7f:c9:d4:68:77:c4:f8:21:a8:38:1d:ba:fe:4c:dd:85:23:ce: 51:19:5f:ed:c0:7c:c8:5a:66:c7:2e:d8:e7:a7:b8:93:e3:0e: 5d:1e:ba:59:9c:c1:0e:47:0c:0b:44:50:b9:56:4e:10:e5:9a: 80:fb:eb:04:29:36:6a:5b:38:66:2c:cc:ce:64:f7:7f:c9:3d: c0:06:d4:4c:0b:ee:01:06:8b:0a:06:f2:e3:65:a8:7b:35:f7: 29:46:b3:48:28:af:90:14:55:98:42:0d:93:fe:65:8d:92:47: 2d:14:54:d0:5a:69:4d:0e:0d:37:55:2c:bd:1d:4f:86:e9:eb: e5:af:52:25 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJGUtQLAlW7T1Tz7bd8yxhVAONx0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkxODAwMDAwMFoX DTIzMTAyMzIzNTk1OVowejFJMEcGA1UEBRNAMTNmZTNhYjMyZmI5MjNhNDg0ZWY1 MDUxYWRjYzkwNGIwZjgxNTFmODQ3ZmI4ZDBhZGIyOGNmYTkzNTI0ZDgwODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeDEiWGe592obIBlRnWNWzi6cARS Zcmngp0SVRUAmUSLS39gBqL7mPMxFASNvPq4cr9eBiW/ZyJ6j51QDcuku6H22u8V BloXJUBGunpSafuwHXQ0IcTQucospLzwziCrsC5UZxq3cjRl6oQuc/90kI3SwF/p TSwEK4h8PesWj+Kg7VL8lJ5iq7/UAWdOnIp39TUuSpYP22paDz9NVhN252rAxKuK MCMFlXGXrTYkmmp2nUT5QPlwgBfuBe+ZvjkQ4+wVQ/+YSSv09wWjf1qyhSSlhaYU w1b58hUHzzA1G+CQPkyFl8hcYHrbhe8GNqINi4V5MorS2joDkPybXEk+PQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFD1vpwcriNODUoRyOLvqPkZ937y1MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzgxM2ZkOGRiLWM4NTMtNDRiNy1iZDU1LTEyN2UxZTRmNWQyNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8JAwDQYJKoZIhvcNAQELBQADggEBAC3kqRl4fUB9ZfwYR8xh s01B60XDYhJLhQ+xMXwbfF+jsj5eqA/1mI2spvA4A5Ow21JrBr1rr/+k7VKF0let /GGwryORHPihcq3ABnfO6Y+LXx62cE4/J1g7NVWVyzn+4TBxiI6rtqmuYF+3sShL 7vcVrnxZVs3fVBBdADJjzX/J1Gh3xPghqDgduv5M3YUjzlEZX+3AfMhaZscu2Oen uJPjDl0eulmcwQ5HDAtEULlWThDlmoD76wQpNmpbOGYszM5k93/JPcAG1EwL7gEG iwoG8uNlqHs19ylGs0gor5AUVZhCDZP+ZY2SRy0UVNBaaU0ODTdVLL0dT4bp6+Wv UiU= -----END CERTIFICATE-----Generated at Mon Sep 18 15:24:45 2023 by rpki-client on console-fra.rpki-client.org