$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/94aecf12-a0a8-43cd-b24c-37950ef5429d.roa File: 94aecf12-a0a8-43cd-b24c-37950ef5429d.roa (raw, json) Hash identifier: M0G5gLJ3/brXgTNjLobSNYzZQCZju3ds90lPlPgeubc= Subject key identifier: 80:63:B7:36:49:A8:4F:47:95:A2:F3:AB:65:55:89:3F:F2:40:4E:51 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4BE6CD214B68188674A65EB94D2ADE0363373232 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/94aecf12-a0a8-43cd-b24c-37950ef5429d.roa Signing time: Mon 11 Sep 2023 00:00:00 +0000 ROA not before: Mon 11 Sep 2023 00:00:00 +0000 ROA not after: Mon 16 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da27::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 Sep 2023 03:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:e6:cd:21:4b:68:18:86:74:a6:5e:b9:4d:2a:de:03:63:37:32:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 11 00:00:00 2023 GMT Not After : Oct 16 23:59:59 2023 GMT Subject: serialNumber=3486803b73b6276930d0ebcdf54a93852fab5afb4bbcf65a9ef6ae37a73ecb91, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:b0:26:a0:dd:9c:ed:27:f5:84:5b:83:de:3e: 4a:b6:71:b0:da:97:ec:a5:15:da:17:67:65:86:10: 4d:eb:07:4c:78:19:e7:51:b9:aa:28:1f:03:d4:04: d4:bf:ee:e6:de:4a:54:bf:90:fa:76:75:bc:f5:e3: a4:ea:df:64:98:16:f2:12:4b:f1:1e:d9:f9:ce:ff: b7:57:a7:10:73:13:8c:ac:c3:0d:9a:01:d6:b5:4a: a3:e2:8f:88:b2:ad:33:63:1f:9f:a4:91:0a:63:12: e5:96:12:67:e5:65:93:bb:a2:f6:43:81:f3:c3:41: a9:cf:09:36:1f:fa:4a:d5:f7:6b:af:91:6b:15:22: b1:00:c6:ae:7c:6b:8a:55:10:84:de:b0:98:dd:d8: 62:fd:c1:94:23:df:05:ff:35:3d:f4:25:1c:d5:14: be:53:f3:36:61:5b:19:26:6d:2a:0b:fe:35:26:88: 6b:3d:33:09:e5:fc:5f:d4:db:f8:0c:58:48:3d:7b: cd:1a:08:c5:d4:98:a7:0f:11:0a:a1:29:ef:1b:27: a8:af:97:f5:34:5e:a1:b2:1f:3e:36:c0:1a:d4:20: f2:d0:4d:f6:b7:7f:71:13:10:81:ef:af:21:6e:d6: 0f:ee:bf:1a:5b:b6:c8:16:51:ef:dc:4f:90:db:d2: 3d:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:63:B7:36:49:A8:4F:47:95:A2:F3:AB:65:55:89:3F:F2:40:4E:51 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/94aecf12-a0a8-43cd-b24c-37950ef5429d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da27::/36 Signature Algorithm: sha256WithRSAEncryption bf:78:27:7c:7d:b8:6c:10:bc:aa:c1:89:dd:dc:18:81:58:54: fd:35:fc:2d:c3:41:28:db:08:fc:7c:0f:e9:ea:3a:7d:de:80: 2d:02:d3:24:0e:3d:c9:3d:66:f3:ba:e5:74:30:c5:37:a3:4b: 6b:11:89:b8:3e:0f:a4:d5:b3:92:a4:b5:20:7e:03:ae:38:d1: 63:4c:75:3c:3f:75:a9:61:67:f0:c7:8c:7e:c9:4e:e4:1e:3e: 4d:67:3d:b7:ed:82:76:ab:27:64:6d:15:97:60:b7:1e:48:68: 1d:4a:80:ce:f6:c5:39:f0:24:f5:15:32:10:a5:e8:84:19:31: 8f:ab:3d:bd:a4:dc:9f:52:f9:2f:69:2e:c1:0d:f1:59:d6:13: 75:40:b7:08:b0:73:ea:2c:13:10:45:a7:c6:eb:af:54:b9:9c: 64:bd:0d:53:32:75:09:32:5d:c5:77:f5:30:0e:59:48:a0:0e: 69:da:e5:f1:08:e8:a3:81:33:87:f8:72:23:90:a8:5b:47:f2: 23:6e:f6:81:50:5c:22:2a:82:d1:13:2e:42:3b:22:a9:0b:6a: c9:2a:6f:90:ec:95:a6:02:b6:83:b6:bd:02:e9:dc:a1:ea:a2: 1a:aa:e6:c6:be:1f:ab:4e:69:c3:46:66:2a:a4:bc:37:cc:1c: a0:f4:8a:55 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUS+bNIUtoGIZ0pl65TSreA2M3MjIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkxMTAwMDAwMFoX DTIzMTAxNjIzNTk1OVowejFJMEcGA1UEBRNAMzQ4NjgwM2I3M2I2Mjc2OTMwZDBl YmNkZjU0YTkzODUyZmFiNWFmYjRiYmNmNjVhOWVmNmFlMzdhNzNlY2I5MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLAmoN2c7Sf1hFuD3j5KtnGw2pfs pRXaF2dlhhBN6wdMeBnnUbmqKB8D1ATUv+7m3kpUv5D6dnW89eOk6t9kmBbyEkvx Htn5zv+3V6cQcxOMrMMNmgHWtUqj4o+Isq0zYx+fpJEKYxLllhJn5WWTu6L2Q4Hz w0Gpzwk2H/pK1fdrr5FrFSKxAMaufGuKVRCE3rCY3dhi/cGUI98F/zU99CUc1RS+ U/M2YVsZJm0qC/41JohrPTMJ5fxf1Nv4DFhIPXvNGgjF1JinDxEKoSnvGyeor5f1 NF6hsh8+NsAa1CDy0E32t39xExCB768hbtYP7r8aW7bIFlHv3E+Q29I9xwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIBjtzZJqE9HlaLzq2VViT/yQE5RMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk0YWVjZjEyLWEwYTgtNDNjZC1iMjRjLTM3OTUwZWY1NDI5ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaJwAwDQYJKoZIhvcNAQELBQADggEBAL94J3x9uGwQvKrBid3c GIFYVP01/C3DQSjbCPx8D+nqOn3egC0C0yQOPck9ZvO65XQwxTejS2sRibg+D6TV s5KktSB+A6440WNMdTw/dalhZ/DHjH7JTuQePk1nPbftgnarJ2RtFZdgtx5IaB1K gM72xTnwJPUVMhCl6IQZMY+rPb2k3J9S+S9pLsEN8VnWE3VAtwiwc+osExBFp8br r1S5nGS9DVMydQkyXcV39TAOWUigDmna5fEI6KOBM4f4ciOQqFtH8iNu9oFQXCIq gtETLkI7IqkLaskqb5DslaYCtoO2vQLp3KHqohqq5sa+H6tOacNGZiqkvDfMHKD0 ilU= -----END CERTIFICATE-----Generated at Mon Sep 11 15:37:31 2023 by rpki-client on console-fra.rpki-client.org