$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/86c08b39-5a49-4ee9-baad-a93e86d62b0a.roa File: 86c08b39-5a49-4ee9-baad-a93e86d62b0a.roa (raw, json) Hash identifier: QLBtpIjL3Wo4jjt4zTlR7vev5TSq0Wed57kZfInaD+E= Subject key identifier: DA:CC:3D:47:F3:D3:50:98:B6:C7:EC:D9:63:FB:DB:EB:36:FD:CF:9E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0BC58D45E4E5588FBD9F3366235E3DE48797EE5F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/86c08b39-5a49-4ee9-baad-a93e86d62b0a.roa Signing time: Mon 18 Sep 2023 00:00:00 +0000 ROA not before: Mon 18 Sep 2023 00:00:00 +0000 ROA not after: Mon 23 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 20 Sep 2023 03:07:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:c5:8d:45:e4:e5:58:8f:bd:9f:33:66:23:5e:3d:e4:87:97:ee:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 18 00:00:00 2023 GMT Not After : Oct 23 23:59:59 2023 GMT Subject: serialNumber=40b9821d3962a38025c0ec899fe7382b10b51f90a522dfdc918141a699cf5028, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:51:2e:be:3f:bb:aa:98:d3:21:cc:60:59:44: 41:79:44:e5:56:3c:de:fc:2d:b6:32:ba:bb:97:7e: 83:96:a2:ed:a5:d3:f3:41:07:37:64:33:0c:a5:d3: 3c:fd:7c:59:ab:16:bf:aa:f9:a4:51:2d:4e:9a:0c: 34:f1:c2:53:ee:5b:b0:b3:69:82:04:bb:f5:82:1c: 9d:92:d2:da:55:43:d6:69:24:c5:52:8a:b7:3c:32: c7:52:e9:cf:78:ca:d2:89:c4:74:7b:8f:24:b4:67: 05:14:04:15:10:0d:88:7d:b2:27:95:b2:a6:5a:81: e9:5b:3e:f9:5e:20:8f:52:1f:d5:7d:6f:46:50:36: de:da:86:56:e8:c8:27:c3:2f:c1:c7:a7:a0:4b:fa: 21:ee:7c:38:b8:b5:75:1f:e9:a7:41:03:c2:ed:05: 04:04:a1:9e:5a:fe:2a:d8:2a:bc:4e:43:55:50:87: 51:fc:05:c0:85:5e:22:22:02:27:c2:d4:4e:37:4b: 76:93:47:aa:a8:4f:9c:19:de:fb:9f:7b:31:a1:25: ca:fd:bd:d7:17:2d:94:dc:94:ab:23:f3:73:50:9a: c0:df:8c:39:61:d8:46:a7:e7:51:94:9b:7d:90:e0: 27:86:b8:7c:f0:8d:d9:9e:dd:37:83:c4:d9:f5:c9: ee:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:CC:3D:47:F3:D3:50:98:B6:C7:EC:D9:63:FB:DB:EB:36:FD:CF:9E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/86c08b39-5a49-4ee9-baad-a93e86d62b0a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:f000::/40 Signature Algorithm: sha256WithRSAEncryption 76:b7:79:06:f8:08:34:98:67:50:b3:dd:64:ad:46:08:b2:61: 41:8b:00:ef:8f:10:81:08:eb:7c:19:b7:2e:5d:c2:1b:7c:f0: 6f:70:01:33:7e:19:ff:ff:33:b8:d9:e0:05:62:5d:98:92:02: 7f:c2:b1:ef:18:7e:7a:62:e9:c7:3e:06:31:9b:cd:96:6e:4f: 11:c9:b8:36:90:c7:87:c9:7e:f3:5f:8d:1d:be:35:1c:e3:93: 29:c7:cf:09:83:6f:69:2a:6b:1a:d3:f8:b8:b9:c2:2e:d0:d1: 3a:99:19:31:e8:54:35:9f:e0:96:04:f4:01:be:19:9b:f9:30: ca:a6:cf:8e:ea:06:ad:76:42:b9:36:e1:77:b3:3c:0a:bc:ab: 2d:26:5a:9b:fc:55:49:31:27:2f:e4:38:26:04:fb:5e:f3:fe: e9:f4:09:ac:e9:97:43:d6:d3:f5:b7:10:3d:85:56:79:1c:e8: b9:a7:2f:03:2e:28:c4:f4:31:ec:6c:41:23:b9:0e:fb:0b:2b: 9c:19:19:d6:4c:d2:da:f4:28:a4:a0:04:73:14:03:a3:58:f2: c9:bc:17:12:94:86:39:86:d8:f5:ff:b6:67:84:79:cf:b7:a5: 4d:1d:9a:cf:3e:bf:51:bf:14:d6:52:95:38:9a:a3:cb:70:c2: 8a:f0:30:05 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUC8WNReTlWI+9nzNmI1495IeX7l8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkxODAwMDAwMFoX DTIzMTAyMzIzNTk1OVowejFJMEcGA1UEBRNANDBiOTgyMWQzOTYyYTM4MDI1YzBl Yzg5OWZlNzM4MmIxMGI1MWY5MGE1MjJkZmRjOTE4MTQxYTY5OWNmNTAyODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1lEuvj+7qpjTIcxgWURBeUTlVjze /C22Mrq7l36DlqLtpdPzQQc3ZDMMpdM8/XxZqxa/qvmkUS1Omgw08cJT7luws2mC BLv1ghydktLaVUPWaSTFUoq3PDLHUunPeMrSicR0e48ktGcFFAQVEA2IfbInlbKm WoHpWz75XiCPUh/VfW9GUDbe2oZW6Mgnwy/Bx6egS/oh7nw4uLV1H+mnQQPC7QUE BKGeWv4q2Cq8TkNVUIdR/AXAhV4iIgInwtRON0t2k0eqqE+cGd77n3sxoSXK/b3X Fy2U3JSrI/NzUJrA34w5YdhGp+dRlJt9kOAnhrh88I3Znt03g8TZ9cnuNQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNrMPUfz01CYtsfs2WP72+s2/c+eMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg2YzA4YjM5LTVhNDktNGVlOS1iYWFkLWE5M2U4NmQ2MmIwYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8fAwDQYJKoZIhvcNAQELBQADggEBAHa3eQb4CDSYZ1Cz3WSt RgiyYUGLAO+PEIEI63wZty5dwht88G9wATN+Gf//M7jZ4AViXZiSAn/Cse8Yfnpi 6cc+BjGbzZZuTxHJuDaQx4fJfvNfjR2+NRzjkynHzwmDb2kqaxrT+Li5wi7Q0TqZ GTHoVDWf4JYE9AG+GZv5MMqmz47qBq12Qrk24XezPAq8qy0mWpv8VUkxJy/kOCYE +17z/un0Cazpl0PW0/W3ED2FVnkc6LmnLwMuKMT0MexsQSO5DvsLK5wZGdZM0tr0 KKSgBHMUA6NY8sm8FxKUhjmG2PX/tmeEec+3pU0dms8+v1G/FNZSlTiao8twworw MAU= -----END CERTIFICATE-----Generated at Mon Sep 18 15:24:45 2023 by rpki-client on console-fra.rpki-client.org