$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8e24ca53-b855-4655-a239-6bd059a83f61.roa File: 8e24ca53-b855-4655-a239-6bd059a83f61.roa (raw, json) Hash identifier: wLoimD1siiJCY4uxy4k/xrAC9FRp4Kgw0Ee1w4zhLMw= Subject key identifier: 40:DC:58:AD:93:A4:31:86:E3:D4:90:F9:10:4C:29:F8:D5:72:6B:E6 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 42BA7E3FF33323815659F96AEE3EE419B34553AB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8e24ca53-b855-4655-a239-6bd059a83f61.roa Signing time: Tue 16 Jul 2024 00:00:00 +0000 ROA not before: Tue 16 Jul 2024 00:00:00 +0000 ROA not after: Tue 20 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:ba:7e:3f:f3:33:23:81:56:59:f9:6a:ee:3e:e4:19:b3:45:53:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 16 00:00:00 2024 GMT Not After : Aug 20 23:59:59 2024 GMT Subject: serialNumber=1392c2a43eb6e0f676e3ea5d5ba8d18936ac60c24ce17d757c0dad8e2e0dd8bb, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:0a:14:11:3a:42:5d:dc:07:16:ad:f6:eb:a4: 9c:29:eb:06:15:11:85:78:55:2d:78:a1:ba:a2:43: 18:a0:6c:26:24:3e:83:d7:16:f6:d5:92:aa:0c:c5: ce:84:3c:2e:9e:80:78:e3:0e:2a:2a:11:e0:bc:d5: b4:b2:57:90:d9:67:e9:61:19:ce:a8:09:0a:7b:3e: d4:43:0d:2b:5d:56:2a:74:a0:fa:b4:d4:2c:e8:b3: c4:29:33:0b:a5:d5:16:7a:f2:55:95:25:8b:b4:79: fe:0c:06:48:aa:f4:e5:ce:4e:82:eb:5a:db:7f:2f: 57:a6:a1:41:f6:4e:d4:f9:01:04:cf:60:25:9f:cf: 70:e0:e9:e9:59:f1:c5:4c:3c:6c:eb:5b:2a:cc:cd: 7b:b8:d7:d5:1e:55:0d:55:a5:ba:13:07:a9:5f:67: 6a:24:a1:ff:53:ae:ae:f4:42:b7:4a:38:80:c0:d8: bf:49:06:f6:9e:a0:a9:cb:12:e6:6e:b1:49:2a:82: a8:42:8d:df:b4:61:aa:52:55:fa:35:1a:c9:8f:85: 72:7b:45:6f:b7:b7:f8:9e:f8:3b:07:e5:59:e9:a9: 3f:95:48:f1:e0:6d:cb:69:1d:29:be:da:41:8c:fd: fa:d8:23:db:e8:a7:de:e6:47:37:aa:a0:ec:0d:93: f5:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:DC:58:AD:93:A4:31:86:E3:D4:90:F9:10:4C:29:F8:D5:72:6B:E6 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8e24ca53-b855-4655-a239-6bd059a83f61.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:6000::/40 Signature Algorithm: sha256WithRSAEncryption 2f:18:76:65:d8:29:f3:5a:da:5b:b1:59:ed:21:44:32:7b:3f: 83:68:a4:3a:78:0d:35:ca:51:c0:df:50:2e:c7:b3:10:f1:42: 1f:50:7f:74:4c:da:fb:11:5d:45:f0:b2:47:c8:af:c8:4e:f2: 5a:63:42:5e:ae:35:f0:f3:92:9c:cf:ae:59:58:2c:2a:68:b8: 07:12:bd:3b:79:2d:d2:10:8b:1c:0f:d4:8e:0f:79:42:15:c2: 4e:e9:69:0e:db:73:7f:4c:2f:ff:1e:db:5c:ce:ad:91:91:78: df:fe:9a:51:27:d9:a2:26:2b:af:40:e5:23:91:80:36:da:12: 88:03:5c:56:e9:1b:bb:73:9b:2c:07:da:91:fe:8c:38:0d:78: c2:f5:c8:99:82:f2:0e:2a:4f:c7:6e:30:39:32:76:46:1f:58: c4:a1:25:5b:4a:fe:22:e5:9f:7e:67:78:ef:2c:57:e6:b0:7e: c2:a8:4f:f6:a6:6d:85:4f:a2:42:f5:c8:ba:b4:c2:31:c1:98: 9c:eb:d4:be:e5:cb:19:ba:70:ba:bb:c0:ff:84:89:43:fa:48: 0f:d7:09:0e:05:58:01:71:fd:36:d9:39:91:15:2a:4c:64:4b: 5e:91:fc:ef:d5:36:14:6d:43:5a:06:be:cd:24:5b:68:69:8d: 88:b0:3b:b6 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQrp+P/MzI4FWWflq7j7kGbNFU6swDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcxNjAwMDAwMFoX DTI0MDgyMDIzNTk1OVowejFJMEcGA1UEBRNAMTM5MmMyYTQzZWI2ZTBmNjc2ZTNl YTVkNWJhOGQxODkzNmFjNjBjMjRjZTE3ZDc1N2MwZGFkOGUyZTBkZDhiYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwoUETpCXdwHFq3266ScKesGFRGF eFUteKG6okMYoGwmJD6D1xb21ZKqDMXOhDwunoB44w4qKhHgvNW0sleQ2WfpYRnO qAkKez7UQw0rXVYqdKD6tNQs6LPEKTMLpdUWevJVlSWLtHn+DAZIqvTlzk6C61rb fy9XpqFB9k7U+QEEz2Aln89w4OnpWfHFTDxs61sqzM17uNfVHlUNVaW6EwepX2dq JKH/U66u9EK3SjiAwNi/SQb2nqCpyxLmbrFJKoKoQo3ftGGqUlX6NRrJj4Vye0Vv t7f4nvg7B+VZ6ak/lUjx4G3LaR0pvtpBjP362CPb6Kfe5kc3qqDsDZP1hQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEDcWK2TpDGG49SQ+RBMKfjVcmvmMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhlMjRjYTUzLWI4NTUtNDY1NS1hMjM5LTZiZDA1OWE4M2Y2MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9GAwDQYJKoZIhvcNAQELBQADggEBAC8YdmXYKfNa2luxWe0h RDJ7P4NopDp4DTXKUcDfUC7HsxDxQh9Qf3RM2vsRXUXwskfIr8hO8lpjQl6uNfDz kpzPrllYLCpouAcSvTt5LdIQixwP1I4PeUIVwk7paQ7bc39ML/8e21zOrZGReN/+ mlEn2aImK69A5SORgDbaEogDXFbpG7tzmywH2pH+jDgNeML1yJmC8g4qT8duMDky dkYfWMShJVtK/iLln35neO8sV+awfsKoT/ambYVPokL1yLq0wjHBmJzr1L7lyxm6 cLq7wP+EiUP6SA/XCQ4FWAFx/TbZOZEVKkxkS16R/O/VNhRtQ1oGvs0kW2hpjYiw O7Y= -----END CERTIFICATE-----Generated at Fri Jul 26 02:06:16 2024 by rpki-client on console-fra.rpki-client.org