$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8c5d1ede-16f9-48c3-9629-bbfb05d99ba7.roa File: 8c5d1ede-16f9-48c3-9629-bbfb05d99ba7.roa (raw, json) Hash identifier: TJ+47huDrG6TSaMaRWSecgrHC7NMzMQGVJo9M2Sc4Do= Subject key identifier: 75:57:37:DB:06:6C:29:4D:7C:1A:A0:A9:C5:07:6A:DD:18:F8:EA:12 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 42F5C163DB44BF2600011D3244EB014526A726 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8c5d1ede-16f9-48c3-9629-bbfb05d99ba7.roa Signing time: Wed 17 Apr 2024 00:00:00 +0000 ROA not before: Wed 17 Apr 2024 00:00:00 +0000 ROA not after: Wed 22 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:8800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 05 May 2024 15:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:f5:c1:63:db:44:bf:26:00:01:1d:32:44:eb:01:45:26:a7:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 17 00:00:00 2024 GMT Not After : May 22 23:59:59 2024 GMT Subject: serialNumber=79a409acbe9d759d41dbac62260c3e5e3332d471649c902380293c82c0623786, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:f0:f9:b0:e9:5d:f1:5e:1a:f7:83:e0:5d:ef: aa:4e:fb:69:cd:28:7c:ec:1b:3f:0b:24:e1:7f:14: 97:43:22:71:d8:31:e9:b6:a3:32:f7:0d:fe:0d:15: fe:d2:94:a0:de:fe:1e:17:ae:b6:9e:83:ab:82:9a: 3c:ff:91:bf:dc:1a:df:09:06:c0:99:d0:43:91:4e: 3a:26:28:07:0b:a4:d0:b2:55:56:2a:7c:90:cf:fb: 7b:56:dd:16:f2:f0:3f:7f:2a:bb:85:37:9d:45:e0: 71:db:da:3b:bd:1a:ad:e6:5c:e4:54:89:a2:6e:06: 15:74:16:53:4f:8f:15:78:28:c2:22:f7:10:6a:66: a1:09:50:28:8a:c9:da:c5:44:a9:53:fc:65:24:f1: f9:5c:96:d6:b2:50:43:b0:3e:f1:98:0a:56:f4:1a: 5f:d6:77:22:8f:85:56:9d:c1:33:9d:16:15:1e:b0: 54:7b:38:96:4e:59:2d:bb:52:73:f5:cf:9f:4d:74: 8f:22:49:5b:c7:c5:6f:28:41:a2:c2:e0:9a:13:21: 07:43:9f:aa:af:a8:63:2a:26:c9:5a:f5:eb:ef:0b: 20:15:83:5f:3d:98:6b:52:6a:ea:16:6a:6a:1b:ca: 3a:ba:c0:1f:c7:12:b6:fa:e8:4d:c6:68:2b:96:66: a0:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:57:37:DB:06:6C:29:4D:7C:1A:A0:A9:C5:07:6A:DD:18:F8:EA:12 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8c5d1ede-16f9-48c3-9629-bbfb05d99ba7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:8800::/40 Signature Algorithm: sha256WithRSAEncryption 9f:51:89:51:e7:56:d8:bf:38:a0:b1:3b:9f:de:35:ad:d1:1a: ee:24:11:ed:af:12:a4:fd:32:a7:5b:5d:98:f6:23:82:70:b1: 91:b9:da:bd:70:0a:17:8b:c0:54:29:ea:c4:af:b4:8b:02:44: 93:31:82:eb:04:e4:b0:40:bd:a6:6d:84:ad:14:ac:d6:c7:6e: 44:1d:7e:60:99:47:d5:3a:f2:71:67:3e:a9:3c:06:00:7e:02: aa:3e:45:03:4d:c5:58:08:fc:9d:4c:b7:2b:98:a4:35:8c:32: 4c:54:1b:d6:73:2c:64:26:58:78:81:e9:6d:bc:c9:a2:b7:dd: 14:70:f3:59:cb:14:25:e4:6b:dd:10:22:38:e3:2c:bb:4f:2d: d8:0b:46:5d:4d:04:c9:04:ac:39:3f:70:3f:95:e3:13:3b:00: c8:3a:79:1c:ec:c0:89:dd:65:65:01:df:46:63:a5:4c:d3:58: d9:44:2b:34:dd:aa:90:7c:66:09:ea:73:bb:73:14:1e:d7:0b: 44:61:17:93:69:79:55:74:65:96:ee:b5:58:2a:f5:50:5d:3e: 77:85:e7:86:94:80:c7:ac:13:19:b4:a8:33:72:50:4a:1b:d7: cf:3f:7a:09:a8:5d:bf:8b:f8:6f:f8:2f:33:0c:6d:48:23:f6: 3f:2c:a6:1f -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgITQvXBY9tEvyYAAR0yROsBRSanJjANBgkqhkiG9w0BAQsF ADBKMRUwEwYDVQQDEwxBOTFGNjM1RjAwMDAxMTAvBgNVBAUTKDQwNzY4MjU1MjRE MkM2NkQyRTEwNDM2RkU2NUU5M0U4QzFCRDRBMzcwHhcNMjQwNDE3MDAwMDAwWhcN MjQwNTIyMjM1OTU5WjB6MUkwRwYDVQQFE0A3OWE0MDlhY2JlOWQ3NTlkNDFkYmFj NjIyNjBjM2U1ZTMzMzJkNDcxNjQ5YzkwMjM4MDI5M2M4MmMwNjIzNzg2MS0wKwYD VQQDEyRjMGJmMGZlOC03MTdjLTRmNzItOWI0NS1jOWM1MTkxMzJhODEwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD8Pmw6V3xXhr3g+Bd76pO+2nNKHzs Gz8LJOF/FJdDInHYMem2ozL3Df4NFf7SlKDe/h4Xrraeg6uCmjz/kb/cGt8JBsCZ 0EORTjomKAcLpNCyVVYqfJDP+3tW3Rby8D9/KruFN51F4HHb2ju9Gq3mXORUiaJu BhV0FlNPjxV4KMIi9xBqZqEJUCiKydrFRKlT/GUk8flcltayUEOwPvGYClb0Gl/W dyKPhVadwTOdFhUesFR7OJZOWS27UnP1z59NdI8iSVvHxW8oQaLC4JoTIQdDn6qv qGMqJsla9evvCyAVg189mGtSauoWamobyjq6wB/HErb66E3GaCuWZqArAgMBAAGj ggJKMIICRjAdBgNVHQ4EFgQUdVc32wZsKU18GqCpxQdq3Rj46hIwHwYDVR0jBBgw FoAUQHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUF BwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBv c2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RT eG0wdUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEv OGM1ZDFlZGUtMTZmOS00OGMzLTk2MjktYmJmYjA1ZDk5YmE3LnJvYTCBlQYDVR0f BIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFt YXpvbmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUw YmVjOTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3Js MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E AgACMAgDBgAkBtryiDANBgkqhkiG9w0BAQsFAAOCAQEAn1GJUedW2L84oLE7n941 rdEa7iQR7a8SpP0yp1tdmPYjgnCxkbnavXAKF4vAVCnqxK+0iwJEkzGC6wTksEC9 pm2ErRSs1sduRB1+YJlH1TrycWc+qTwGAH4Cqj5FA03FWAj8nUy3K5ikNYwyTFQb 1nMsZCZYeIHpbbzJorfdFHDzWcsUJeRr3RAiOOMsu08t2AtGXU0EyQSsOT9wP5Xj EzsAyDp5HOzAid1lZQHfRmOlTNNY2UQrNN2qkHxmCepzu3MUHtcLRGEXk2l5VXRl lu61WCr1UF0+d4XnhpSAx6wTGbSoM3JQShvXzz96Cahdv4v4b/gvMwxtSCP2Pyym Hw== -----END CERTIFICATE-----Generated at Thu May 2 14:32:52 2024 by rpki-client on console-fra.rpki-client.org