$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8fd06079-670b-45e2-8241-18b7a6b8c031.roa File: 8fd06079-670b-45e2-8241-18b7a6b8c031.roa (raw, json) Hash identifier: FHejOElYJX/oS3CPGXa+MCNBYU96+02H4UyNqs5Nj1A= Subject key identifier: FD:33:8C:00:16:EC:80:A9:9D:98:24:B8:04:E0:91:A0:A2:E4:20:3F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 674FE9FD9249576DD179ADEF6A6EEE72F2FB7AD7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8fd06079-670b-45e2-8241-18b7a6b8c031.roa Signing time: Wed 01 May 2024 00:00:00 +0000 ROA not before: Wed 01 May 2024 00:00:00 +0000 ROA not after: Wed 05 Jun 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:4800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 06 May 2024 15:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:4f:e9:fd:92:49:57:6d:d1:79:ad:ef:6a:6e:ee:72:f2:fb:7a:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 1 00:00:00 2024 GMT Not After : Jun 5 23:59:59 2024 GMT Subject: serialNumber=f2c781bad4c42eba6265722336d590df12f20bc3b8c41606ec07fff4f8e53600, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:48:db:cc:c8:15:81:e1:21:9b:a2:96:28:cd: 13:ca:72:6e:5f:bc:9e:f6:f2:9f:de:b8:8c:de:77: c6:61:32:13:17:47:d1:77:cc:be:94:29:4d:b1:6a: 27:51:96:10:6e:1d:f1:ab:e2:37:ff:14:04:8e:cf: 75:e7:b4:4c:f2:79:79:97:72:c6:2f:8f:b1:68:bc: 22:59:6f:26:d7:c4:bd:06:1b:56:bb:f2:c9:01:7e: 09:09:0a:c9:4e:2a:49:ea:b9:e8:7c:e9:b0:82:cd: 63:92:88:80:4b:39:24:62:56:63:43:a4:eb:bb:49: 56:af:4e:4e:4e:15:11:ee:f7:14:4d:6e:e0:a9:85: a3:1f:54:09:39:0a:6b:ce:08:15:05:0b:b7:6e:d6: 18:46:7a:b8:59:4d:05:d2:10:cb:20:3b:68:d3:6e: 5b:6f:69:a1:a6:47:93:1e:f4:18:88:11:82:0f:a5: 6b:81:09:d9:41:6c:74:67:8d:e2:05:0b:02:fa:54: ce:8d:ce:7c:47:3f:f3:45:fd:4d:7c:b9:62:e4:64: 30:c7:e6:8a:d1:cf:08:7b:c3:f0:32:54:53:a7:a4: eb:b4:f2:13:38:6c:09:35:02:d7:a7:3e:2f:41:dd: ec:34:6a:da:28:58:89:51:65:f5:dd:72:b6:3a:95: 0a:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:33:8C:00:16:EC:80:A9:9D:98:24:B8:04:E0:91:A0:A2:E4:20:3F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8fd06079-670b-45e2-8241-18b7a6b8c031.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:4800::/40 Signature Algorithm: sha256WithRSAEncryption 69:53:4f:97:4d:3f:cd:bf:05:a3:d3:de:cd:58:a8:d0:d2:3e: 83:96:60:bd:5c:e2:09:61:54:93:0e:a1:0a:6c:48:55:33:12: 53:8f:32:de:cf:c7:9e:36:b2:22:1e:56:4b:f6:ff:a0:ae:70: b8:b9:75:9b:8e:4e:ac:95:17:21:b2:57:10:de:f3:87:9b:76: 2f:80:bc:ae:8d:72:59:69:0d:e4:99:a0:96:7f:ad:dd:60:11: 47:c2:07:c0:56:73:5d:19:ae:39:ee:54:28:9a:df:a0:da:49: 40:35:aa:ea:ad:d2:92:2b:f1:ab:da:05:42:e4:31:bf:cb:7c: 0e:d4:0e:2f:d4:13:23:85:6e:c8:e6:38:fb:26:ce:fa:17:e3: ad:f9:9d:50:32:0e:94:a8:79:a4:be:fd:4f:c0:40:fc:71:5f: 11:b9:5a:12:82:5f:e0:84:e4:d4:ca:19:76:fa:fc:3e:a3:08: 16:bf:0b:be:dd:4f:6b:07:f4:9c:9a:1a:22:7b:85:7d:b3:30: 20:70:b0:1d:7d:5c:99:e3:c4:52:0d:4c:55:b2:17:be:18:e3: 6f:f1:6c:80:6f:57:4b:dc:4c:e2:02:dd:4d:30:28:be:3a:5d: fb:3e:f7:a5:ca:20:42:03:a0:58:a9:b1:f1:34:c0:b1:51:4c: e0:c5:2f:f2 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZ0/p/ZJJV23Rea3vam7ucvL7etcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUwMTAwMDAwMFoX DTI0MDYwNTIzNTk1OVowejFJMEcGA1UEBRNAZjJjNzgxYmFkNGM0MmViYTYyNjU3 MjIzMzZkNTkwZGYxMmYyMGJjM2I4YzQxNjA2ZWMwN2ZmZjRmOGU1MzYwMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8EjbzMgVgeEhm6KWKM0TynJuX7ye 9vKf3riM3nfGYTITF0fRd8y+lClNsWonUZYQbh3xq+I3/xQEjs9157RM8nl5l3LG L4+xaLwiWW8m18S9BhtWu/LJAX4JCQrJTipJ6rnofOmwgs1jkoiASzkkYlZjQ6Tr u0lWr05OThUR7vcUTW7gqYWjH1QJOQprzggVBQu3btYYRnq4WU0F0hDLIDto025b b2mhpkeTHvQYiBGCD6VrgQnZQWx0Z43iBQsC+lTOjc58Rz/zRf1NfLli5GQwx+aK 0c8Ie8PwMlRTp6TrtPITOGwJNQLXpz4vQd3sNGraKFiJUWX13XK2OpUKmwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFP0zjAAW7ICpnZgkuATgkaCi5CA/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhmZDA2MDc5LTY3MGItNDVlMi04MjQxLTE4YjdhNmI4YzAzMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9kgwDQYJKoZIhvcNAQELBQADggEBAGlTT5dNP82/BaPT3s1Y qNDSPoOWYL1c4glhVJMOoQpsSFUzElOPMt7Px542siIeVkv2/6CucLi5dZuOTqyV FyGyVxDe84ebdi+AvK6NcllpDeSZoJZ/rd1gEUfCB8BWc10ZrjnuVCia36DaSUA1 quqt0pIr8avaBULkMb/LfA7UDi/UEyOFbsjmOPsmzvoX4635nVAyDpSoeaS+/U/A QPxxXxG5WhKCX+CE5NTKGXb6/D6jCBa/C77dT2sH9JyaGiJ7hX2zMCBwsB19XJnj xFINTFWyF74Y42/xbIBvV0vcTOIC3U0wKL46Xfs+96XKIEIDoFipsfE0wLFRTODF L/I= -----END CERTIFICATE-----Generated at Thu May 2 17:40:59 2024 by rpki-client on console-fra.rpki-client.org