$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/86c08b39-5a49-4ee9-baad-a93e86d62b0a.roa File: 86c08b39-5a49-4ee9-baad-a93e86d62b0a.roa (raw, json) Hash identifier: v1dOHQc7bAIZ0B2k/rVQlllPsN6ztIMruWe5wh7ixzQ= Subject key identifier: 8A:09:8A:04:C3:B0:A1:0A:59:94:41:87:7B:1B:6B:4D:C3:FB:F4:D4 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4D22C289E93B45C52C5B0862642A0758C0C22653 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/86c08b39-5a49-4ee9-baad-a93e86d62b0a.roa Signing time: Tue 12 Mar 2024 00:00:00 +0000 ROA not before: Tue 12 Mar 2024 00:00:00 +0000 ROA not after: Tue 16 Apr 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Mar 2024 12:02:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:22:c2:89:e9:3b:45:c5:2c:5b:08:62:64:2a:07:58:c0:c2:26:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 12 00:00:00 2024 GMT Not After : Apr 16 23:59:59 2024 GMT Subject: serialNumber=f5b3d9ef336a6eb9e08bea65f4b000efd0b58996214e404a26aefdc08458dd28, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:ad:75:36:06:2a:fb:fd:79:73:fe:96:9e:d0: 8e:49:a8:ff:ac:5b:5f:41:91:77:f2:94:2b:d9:90: a5:2c:91:f9:f0:7d:b8:ee:43:cd:5f:24:0c:1b:6b: 3c:32:dd:c2:3e:99:d6:ff:f9:95:b5:f1:20:29:69: f6:fd:e5:1e:1c:03:ff:e3:d1:b6:31:6f:c4:43:e9: 14:89:53:d2:17:a5:8f:51:ca:c3:e3:39:64:5e:30: 96:d9:66:5a:88:fe:ea:7a:c6:60:b3:ca:60:02:29: 9c:ee:4d:d8:84:0e:46:9c:1d:3c:a2:e6:db:8f:2b: 48:a0:e6:8a:dc:87:17:03:0e:f6:64:7d:51:3f:d5: 83:82:17:6e:aa:11:3a:2e:ac:84:55:9a:77:1d:bc: 4f:9e:4b:72:2f:9d:e6:2f:2f:29:75:b4:a0:95:93: 26:ec:cd:ef:4d:fc:63:a7:e8:04:fd:48:b9:96:a2: f0:44:dc:1d:a6:b4:0c:3c:03:49:d1:a8:a8:1c:33: f1:f4:c2:01:70:fd:53:88:a9:8c:8a:72:55:55:74: ed:e1:37:3a:75:03:4d:ac:b6:6c:77:d2:78:c8:98: 37:3c:8b:d8:0f:bf:a4:ba:d7:eb:56:d8:8d:40:a3: cb:d5:01:22:61:d4:40:e6:cf:61:0e:cf:64:75:5f: 4e:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:09:8A:04:C3:B0:A1:0A:59:94:41:87:7B:1B:6B:4D:C3:FB:F4:D4 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/86c08b39-5a49-4ee9-baad-a93e86d62b0a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:f000::/40 Signature Algorithm: sha256WithRSAEncryption 2f:e0:0b:44:ff:92:f4:78:86:47:25:16:7f:4b:7e:46:7a:30: d7:8c:92:bd:3e:67:06:c2:e1:b2:bc:76:70:8a:cd:ee:cd:d0: 15:dc:59:b3:d9:5c:9a:77:67:d2:ce:6a:1c:0a:20:4a:e1:fb: 65:97:8b:ba:75:5c:cf:d0:03:7c:a0:86:ce:b8:cb:7c:d6:37: ae:b5:2e:31:df:12:6d:7c:77:b8:e6:c8:00:60:df:54:5c:48: d9:83:64:c4:dc:3f:5e:6b:07:9f:cb:46:1a:e5:98:26:ee:04: 78:a1:ae:71:b2:a3:0c:27:00:bc:e9:bf:b8:1a:89:ae:ab:e8: e0:f1:d1:d3:58:2c:e9:ac:03:d6:99:9f:f6:35:1c:08:0c:48: 4a:71:26:ce:5f:9e:8c:6d:b9:6c:95:61:28:dd:98:0b:49:99: 77:26:ad:0b:0d:2a:b7:3a:01:5d:c3:56:b3:04:92:49:d2:b0: dc:0e:91:f9:3f:eb:46:98:ad:c8:42:8e:6d:45:f5:24:10:7e: 85:5a:5d:09:15:dd:b6:14:35:ee:a0:ca:c2:92:fc:56:74:91: 4a:94:69:ee:b5:f9:60:c6:87:80:45:ba:1e:ef:87:99:ba:3a: 2b:94:07:02:5a:48:57:82:52:b3:1e:64:f8:3d:e1:a2:aa:23: 3a:84:a8:8d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUTSLCiek7RcUsWwhiZCoHWMDCJlMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDMxMjAwMDAwMFoX DTI0MDQxNjIzNTk1OVowejFJMEcGA1UEBRNAZjViM2Q5ZWYzMzZhNmViOWUwOGJl YTY1ZjRiMDAwZWZkMGI1ODk5NjIxNGU0MDRhMjZhZWZkYzA4NDU4ZGQyODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoa11NgYq+/15c/6WntCOSaj/rFtf QZF38pQr2ZClLJH58H247kPNXyQMG2s8Mt3CPpnW//mVtfEgKWn2/eUeHAP/49G2 MW/EQ+kUiVPSF6WPUcrD4zlkXjCW2WZaiP7qesZgs8pgAimc7k3YhA5GnB08oubb jytIoOaK3IcXAw72ZH1RP9WDghduqhE6LqyEVZp3HbxPnktyL53mLy8pdbSglZMm 7M3vTfxjp+gE/Ui5lqLwRNwdprQMPANJ0aioHDPx9MIBcP1TiKmMinJVVXTt4Tc6 dQNNrLZsd9J4yJg3PIvYD7+kutfrVtiNQKPL1QEiYdRA5s9hDs9kdV9OeQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIoJigTDsKEKWZRBh3sba03D+/TUMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg2YzA4YjM5LTVhNDktNGVlOS1iYWFkLWE5M2U4NmQ2MmIwYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8fAwDQYJKoZIhvcNAQELBQADggEBAC/gC0T/kvR4hkclFn9L fkZ6MNeMkr0+ZwbC4bK8dnCKze7N0BXcWbPZXJp3Z9LOahwKIErh+2WXi7p1XM/Q A3yghs64y3zWN661LjHfEm18d7jmyABg31RcSNmDZMTcP15rB5/LRhrlmCbuBHih rnGyowwnALzpv7gaia6r6ODx0dNYLOmsA9aZn/Y1HAgMSEpxJs5fnoxtuWyVYSjd mAtJmXcmrQsNKrc6AV3DVrMEkknSsNwOkfk/60aYrchCjm1F9SQQfoVaXQkV3bYU Ne6gysKS/FZ0kUqUae61+WDGh4BFuh7vh5m6OiuUBwJaSFeCUrMeZPg94aKqIzqE qI0= -----END CERTIFICATE-----Generated at Thu Mar 28 00:59:36 2024 by rpki-client on console-fra.rpki-client.org