$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8fd06079-670b-45e2-8241-18b7a6b8c031.roa File: 8fd06079-670b-45e2-8241-18b7a6b8c031.roa (raw, json) Hash identifier: yOYWOF2m4e6Yz7moo92+O8TMHyxDhF4pbtZKsMRJjNY= Subject key identifier: C1:79:93:39:ED:F9:52:F8:D3:D0:8B:E2:02:AD:FC:54:52:D3:22:73 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 660D1132DA514E62944304DEE9D515797470CD68 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8fd06079-670b-45e2-8241-18b7a6b8c031.roa Signing time: Tue 16 Jul 2024 00:00:00 +0000 ROA not before: Tue 16 Jul 2024 00:00:00 +0000 ROA not after: Tue 20 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:4800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:0d:11:32:da:51:4e:62:94:43:04:de:e9:d5:15:79:74:70:cd:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 16 00:00:00 2024 GMT Not After : Aug 20 23:59:59 2024 GMT Subject: serialNumber=427bce911a74306c1d9347b6239e4b636b7caa303596f1d0f68cbda4dff0dca6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:11:32:5c:d9:0d:e3:9f:14:c9:0f:70:aa:26: 0a:41:be:67:dc:cb:9f:bf:93:ba:7c:74:bb:5e:2d: e2:02:ab:84:7f:52:88:73:b5:cf:42:3e:71:60:0a: a3:86:82:8e:c2:bc:59:20:fb:10:9f:37:ab:0b:e2: dd:fb:3e:80:77:13:26:e0:56:9d:6c:e7:a9:ef:e9: 1e:6f:9e:64:d0:cd:3f:ab:60:fa:c2:bf:77:16:e2: 45:2e:2d:51:20:e3:45:fa:0b:65:69:9a:a9:a5:24: da:57:ae:b9:cf:f7:80:d0:12:10:d1:d1:7b:b2:e4: bb:18:d6:7b:8f:b9:4a:9d:ee:b4:ad:27:ce:19:c3: 35:5d:f6:b8:c6:14:49:89:0a:1f:cf:db:bc:c5:14: 8f:3b:8f:c1:42:35:38:bb:5b:d3:fb:3b:09:97:4a: 0b:c3:d2:99:c7:f9:a9:fb:12:50:a3:ce:b2:f5:42: 62:51:dd:45:50:dc:3b:39:05:41:50:99:4e:df:b3: 73:31:93:f1:a2:bb:b9:54:fa:19:7e:28:27:d6:73: d2:d2:30:84:93:f9:14:ff:03:5d:6e:44:10:60:bd: b8:6a:79:1c:71:ca:25:43:a8:37:84:85:4a:96:5b: 35:f9:ea:5f:40:76:2f:9d:ca:9e:e4:dd:ae:63:59: a4:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:79:93:39:ED:F9:52:F8:D3:D0:8B:E2:02:AD:FC:54:52:D3:22:73 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8fd06079-670b-45e2-8241-18b7a6b8c031.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:4800::/40 Signature Algorithm: sha256WithRSAEncryption 39:78:d9:bb:03:68:6f:ec:8d:93:bc:6e:af:d0:f6:c4:a0:b1: f2:57:85:b5:98:7f:9e:89:fa:43:dc:02:6c:44:05:eb:77:11: 22:d3:ae:6f:8a:b4:b3:89:6d:bb:96:0c:78:b4:17:ae:c3:ee: fc:5d:5f:fb:5b:a5:c2:e6:0c:77:a7:0b:d7:97:5c:e8:5e:9b: 26:1d:76:87:54:56:20:2f:26:ff:97:bf:cc:c1:ac:f7:b5:c5: 1e:68:f9:a9:ec:8e:58:52:ef:47:3e:68:63:95:04:b8:64:ac: 14:85:c3:e2:de:6d:ca:60:26:14:f6:d9:7c:82:f2:c1:e1:c7: 0e:da:cc:1b:2f:74:60:4d:b1:24:bf:77:35:14:cb:48:a0:31: 7f:e9:35:e0:d0:7a:47:ca:8e:b6:77:63:d1:3c:b9:eb:b5:b3: 3a:bd:08:7f:6c:46:1d:c5:23:a2:7b:2b:53:4e:57:3d:17:1e: e1:5b:0a:e4:40:d8:bd:da:68:15:1e:2f:da:21:f5:c6:83:18: c3:1e:bb:44:53:e6:80:ca:49:df:98:90:6f:8d:cb:81:4a:2f: 8a:4f:4c:d2:87:ee:92:19:74:7a:07:af:6d:c2:25:f0:80:33: 09:7b:46:f4:af:05:64:64:b4:55:4d:7e:5f:24:27:59:ee:f1: 42:1e:31:b6 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZg0RMtpRTmKUQwTe6dUVeXRwzWgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcxNjAwMDAwMFoX DTI0MDgyMDIzNTk1OVowejFJMEcGA1UEBRNANDI3YmNlOTExYTc0MzA2YzFkOTM0 N2I2MjM5ZTRiNjM2YjdjYWEzMDM1OTZmMWQwZjY4Y2JkYTRkZmYwZGNhNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxEyXNkN458UyQ9wqiYKQb5n3Muf v5O6fHS7Xi3iAquEf1KIc7XPQj5xYAqjhoKOwrxZIPsQnzerC+Ld+z6AdxMm4Fad bOep7+keb55k0M0/q2D6wr93FuJFLi1RIONF+gtlaZqppSTaV665z/eA0BIQ0dF7 suS7GNZ7j7lKne60rSfOGcM1Xfa4xhRJiQofz9u8xRSPO4/BQjU4u1vT+zsJl0oL w9KZx/mp+xJQo86y9UJiUd1FUNw7OQVBUJlO37NzMZPxoru5VPoZfign1nPS0jCE k/kU/wNdbkQQYL24ankcccolQ6g3hIVKlls1+epfQHYvncqe5N2uY1mkVQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMF5kznt+VL409CL4gKt/FRS0yJzMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhmZDA2MDc5LTY3MGItNDVlMi04MjQxLTE4YjdhNmI4YzAzMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9kgwDQYJKoZIhvcNAQELBQADggEBADl42bsDaG/sjZO8bq/Q 9sSgsfJXhbWYf56J+kPcAmxEBet3ESLTrm+KtLOJbbuWDHi0F67D7vxdX/tbpcLm DHenC9eXXOhemyYddodUViAvJv+Xv8zBrPe1xR5o+ansjlhS70c+aGOVBLhkrBSF w+LebcpgJhT22XyC8sHhxw7azBsvdGBNsSS/dzUUy0igMX/pNeDQekfKjrZ3Y9E8 ueu1szq9CH9sRh3FI6J7K1NOVz0XHuFbCuRA2L3aaBUeL9oh9caDGMMeu0RT5oDK Sd+YkG+Ny4FKL4pPTNKH7pIZdHoHr23CJfCAMwl7RvSvBWRktFVNfl8kJ1nu8UIe MbY= -----END CERTIFICATE-----Generated at Fri Jul 26 01:58:40 2024 by rpki-client on console-ams.rpki-client.org