$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/906d1094-02f1-42d9-b22e-24f2ee4caa70.roa File: 906d1094-02f1-42d9-b22e-24f2ee4caa70.roa (raw, json) Hash identifier: yah2WZqGKCnu0YYTZQ3EeJNtOtXtP0Fts9VLy+86l1c= Subject key identifier: 4A:D8:61:43:3A:A9:82:65:04:25:02:50:5C:07:E5:DD:09:26:0F:08 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 40328C227B38C51D153756F7F3659BB63B3E2E32 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/906d1094-02f1-42d9-b22e-24f2ee4caa70.roa Signing time: Tue 16 Jul 2024 00:00:00 +0000 ROA not before: Tue 16 Jul 2024 00:00:00 +0000 ROA not after: Tue 20 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:32:8c:22:7b:38:c5:1d:15:37:56:f7:f3:65:9b:b6:3b:3e:2e:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 16 00:00:00 2024 GMT Not After : Aug 20 23:59:59 2024 GMT Subject: serialNumber=290e7f2c665b63f4e4be3bd1eceb5505b75db4ca10c22e08b3b4bc5da541e68d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:86:01:a9:03:57:ba:34:89:48:6b:75:c4:73: a6:e7:99:e5:72:0f:d3:bf:4c:47:c5:ec:7e:99:44: 31:2a:d9:26:a4:4e:fb:45:a1:7f:fd:c9:3f:2f:bb: 37:3f:53:c0:47:e6:f6:26:6e:b9:b2:be:61:0c:0b: 03:6b:cc:e4:15:23:1e:5c:6d:44:82:82:75:40:41: d3:ad:61:7c:bd:98:93:7b:0f:8a:29:e0:e2:a9:7f: c0:3b:22:2f:3f:0f:33:0f:06:95:4a:bd:0a:4e:17: 2b:6c:1b:5c:a3:47:5b:c3:ca:6f:5c:f0:4b:75:81: 29:29:88:e6:ed:73:73:75:30:83:e6:ce:89:75:ac: 03:ba:e1:02:77:ca:ca:80:d9:4d:1e:13:a1:15:03: a5:e0:97:5c:73:5f:ce:08:6b:78:d9:1b:14:80:fc: 2b:c1:60:df:c4:a7:21:28:cf:51:f5:59:bb:85:ed: 43:6c:1e:b9:cb:f6:f5:75:3b:b2:a7:eb:0c:86:20: 1a:44:00:38:9f:fd:d8:58:a1:51:ca:ff:ee:d8:16: 63:61:a1:76:3d:55:bf:56:e0:4e:65:14:72:bb:1e: 22:d7:74:5f:fc:b7:53:2c:e8:0c:6f:7f:e5:88:bb: c5:37:c3:72:55:32:11:cc:34:5d:b0:7f:4e:f4:fd: d3:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:D8:61:43:3A:A9:82:65:04:25:02:50:5C:07:E5:DD:09:26:0F:08 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/906d1094-02f1-42d9-b22e-24f2ee4caa70.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:1000::/40 Signature Algorithm: sha256WithRSAEncryption c5:2e:bd:33:23:c0:0a:8e:a2:95:44:d9:df:d7:2e:ae:7f:4d: d4:8c:ca:04:1a:3c:16:22:8b:18:30:a1:1b:2e:31:6f:47:92: 63:f9:66:77:35:54:80:b8:2d:41:ac:d7:c1:5a:33:04:95:9d: cd:61:0a:23:e2:d9:49:86:94:ca:4c:92:ec:41:02:44:f7:60: 60:09:53:ef:5e:1b:51:79:d9:39:1f:be:2c:5c:b6:f0:63:58: 8e:d4:39:87:35:6e:bd:50:c7:73:cc:60:c1:cc:08:20:68:97: da:d8:a7:14:cb:15:e1:d4:64:b2:8d:8a:8c:3c:d5:62:90:ed: 6c:f1:8e:d8:69:6b:5a:1b:b2:37:ff:9d:94:0c:1d:1a:f4:e0: 9e:3d:57:fc:76:2c:e1:5e:f6:72:d1:ce:3d:27:ee:73:fd:8d: ea:d8:fb:ea:70:a5:18:83:2e:21:01:54:6e:68:50:3f:a0:7f: f8:0e:b8:50:1b:61:a8:93:f5:27:e0:8c:df:c8:da:27:bf:82: 5f:96:53:93:f0:80:39:19:35:ad:1e:7e:2b:de:a2:55:ea:7d: b0:c1:72:6c:f1:12:81:2e:22:20:7a:d3:35:b3:6a:fe:d1:d6: 46:18:9e:9c:ef:96:de:6b:37:0e:43:fe:88:fa:c6:a5:5f:e3: 2f:f4:28:bd -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQDKMIns4xR0VN1b382Wbtjs+LjIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcxNjAwMDAwMFoX DTI0MDgyMDIzNTk1OVowejFJMEcGA1UEBRNAMjkwZTdmMmM2NjViNjNmNGU0YmUz YmQxZWNlYjU1MDViNzVkYjRjYTEwYzIyZTA4YjNiNGJjNWRhNTQxZTY4ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4YBqQNXujSJSGt1xHOm55nlcg/T v0xHxex+mUQxKtkmpE77RaF//ck/L7s3P1PAR+b2Jm65sr5hDAsDa8zkFSMeXG1E goJ1QEHTrWF8vZiTew+KKeDiqX/AOyIvPw8zDwaVSr0KThcrbBtco0dbw8pvXPBL dYEpKYjm7XNzdTCD5s6JdawDuuECd8rKgNlNHhOhFQOl4Jdcc1/OCGt42RsUgPwr wWDfxKchKM9R9Vm7he1DbB65y/b1dTuyp+sMhiAaRAA4n/3YWKFRyv/u2BZjYaF2 PVW/VuBOZRRyux4i13Rf/LdTLOgMb3/liLvFN8NyVTIRzDRdsH9O9P3TJQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFErYYUM6qYJlBCUCUFwH5d0JJg8IMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzkwNmQxMDk0LTAyZjEtNDJkOS1iMjJlLTI0ZjJlZTRjYWE3MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOBAwDQYJKoZIhvcNAQELBQADggEBAMUuvTMjwAqOopVE2d/X Lq5/TdSMygQaPBYiixgwoRsuMW9HkmP5Znc1VIC4LUGs18FaMwSVnc1hCiPi2UmG lMpMkuxBAkT3YGAJU+9eG1F52TkfvixctvBjWI7UOYc1br1Qx3PMYMHMCCBol9rY pxTLFeHUZLKNiow81WKQ7Wzxjthpa1obsjf/nZQMHRr04J49V/x2LOFe9nLRzj0n 7nP9jerY++pwpRiDLiEBVG5oUD+gf/gOuFAbYaiT9SfgjN/I2ie/gl+WU5PwgDkZ Na0efiveolXqfbDBcmzxEoEuIiB60zWzav7R1kYYnpzvlt5rNw5D/oj6xqVf4y/0 KL0= -----END CERTIFICATE-----Generated at Fri Jul 26 01:58:40 2024 by rpki-client on console-ams.rpki-client.org