$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/996cc3b8-0df0-4f17-97f0-d59aa845427c.roa File: 996cc3b8-0df0-4f17-97f0-d59aa845427c.roa (raw, json) Hash identifier: WTx3RLdB0vK5zZjhr2eU4KHJfNRZDehHfaBBaCwI3wY= Subject key identifier: B6:41:B8:CC:65:16:12:53:28:34:95:B4:72:57:E7:8D:36:41:5C:63 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 50CFB85F24CB153B4F9F728D1D630A791D88AD60 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/996cc3b8-0df0-4f17-97f0-d59aa845427c.roa Signing time: Wed 17 Apr 2024 00:00:00 +0000 ROA not before: Wed 17 Apr 2024 00:00:00 +0000 ROA not after: Wed 22 May 2024 23:59:59 +0000 asID: 14618 IP address blocks: 2406:da00:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 23 Apr 2024 00:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:cf:b8:5f:24:cb:15:3b:4f:9f:72:8d:1d:63:0a:79:1d:88:ad:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 17 00:00:00 2024 GMT Not After : May 22 23:59:59 2024 GMT Subject: serialNumber=34936bdb7620bd6542309bfdc0fbec324a39e22c081bce85eeac41aec926e389, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:2a:a4:2c:77:cb:77:87:8e:69:7e:bd:8b:26: 47:73:dc:48:90:1b:4b:25:db:87:d3:d9:21:4c:e3: 67:b1:20:c5:2e:ca:16:e1:e7:d8:91:5e:fb:bf:45: 70:4b:07:57:1d:03:df:90:ec:12:ff:3e:63:81:7e: 7b:a0:e4:86:8e:c7:b6:50:1c:40:d1:82:62:1c:ed: 30:8a:87:ea:54:1d:88:2d:8c:b2:6c:48:ea:ba:7c: 72:47:a9:5d:89:ec:1c:ad:7b:fb:3e:d4:10:38:f8: 3c:8f:57:ff:b3:01:e9:b5:5e:88:72:d7:91:52:e4: 40:ea:53:a0:a8:19:4b:fc:c2:9c:7d:94:43:f9:30: 12:8e:b5:18:66:f7:0a:64:38:81:61:41:a0:72:0a: 9a:a1:fd:a9:4f:ac:d3:4a:59:a6:67:5f:e2:cb:19: 47:64:93:a1:ae:49:b6:6b:1d:f0:50:98:ba:b6:b6: 07:d8:5a:fd:94:5e:68:cc:10:17:b7:ed:27:60:60: 71:3b:70:04:88:62:9a:e2:3e:7f:5b:99:a3:26:32: 0c:38:fd:86:74:25:0b:14:24:5f:1b:0a:b9:b4:70: 71:d5:43:c5:1b:d5:50:0e:68:ac:0a:e8:b9:74:be: 40:e5:e1:3b:3f:cb:91:db:b4:8b:18:9a:29:51:3f: b1:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:41:B8:CC:65:16:12:53:28:34:95:B4:72:57:E7:8D:36:41:5C:63 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/996cc3b8-0df0-4f17-97f0-d59aa845427c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 2f:e5:1e:04:21:50:ec:ef:2d:e4:dd:bb:74:85:94:8d:16:69: 42:29:5c:20:30:d0:8b:15:49:08:39:ed:e2:39:f3:a9:da:50: 0d:00:43:f6:7a:fe:27:4c:02:8e:b3:4f:de:d1:97:2d:65:59: 11:cd:b8:94:95:b0:1f:28:36:b4:ae:72:31:4e:7f:04:eb:7c: 6f:3e:e0:b0:67:d3:64:8c:f2:90:5b:5a:0a:4e:58:be:26:61: 55:71:fc:00:79:f8:ff:67:a1:b5:1a:ca:14:8f:b5:d8:8c:ac: bc:fd:16:3e:0d:59:ec:1f:b7:03:bf:62:b2:0c:ad:af:55:09: f7:f1:66:a0:b7:1f:fa:e3:0b:bb:64:f3:b7:a8:53:7e:d5:76: c4:ca:50:0e:14:ea:af:e2:80:3d:96:46:25:c9:31:01:23:e3: 9d:61:1d:a6:39:87:f7:3d:d0:ff:57:63:27:06:94:3a:14:fd: 70:b8:01:43:5a:f3:80:bc:6f:90:49:e4:af:7d:cf:60:c3:79: b9:80:dd:33:13:89:11:6d:61:a1:28:20:d5:31:f4:13:d3:ac: ad:86:6f:25:8d:73:17:99:66:14:f2:c3:57:50:6f:b3:b5:68: 7f:4e:77:dd:39:94:b8:47:cf:5d:dc:03:c0:ed:ad:62:96:1b: 0f:93:01:38 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUUM+4XyTLFTtPn3KNHWMKeR2IrWAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQxNzAwMDAwMFoX DTI0MDUyMjIzNTk1OVowejFJMEcGA1UEBRNAMzQ5MzZiZGI3NjIwYmQ2NTQyMzA5 YmZkYzBmYmVjMzI0YTM5ZTIyYzA4MWJjZTg1ZWVhYzQxYWVjOTI2ZTM4OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuiqkLHfLd4eOaX69iyZHc9xIkBtL JduH09khTONnsSDFLsoW4efYkV77v0VwSwdXHQPfkOwS/z5jgX57oOSGjse2UBxA 0YJiHO0wiofqVB2ILYyybEjqunxyR6ldiewcrXv7PtQQOPg8j1f/swHptV6IcteR UuRA6lOgqBlL/MKcfZRD+TASjrUYZvcKZDiBYUGgcgqaof2pT6zTSlmmZ1/iyxlH ZJOhrkm2ax3wUJi6trYH2Fr9lF5ozBAXt+0nYGBxO3AEiGKa4j5/W5mjJjIMOP2G dCULFCRfGwq5tHBx1UPFG9VQDmisCui5dL5A5eE7P8uR27SLGJopUT+xRwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLZBuMxlFhJTKDSVtHJX5402QVxjMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk5NmNjM2I4LTBkZjAtNGYxNy05N2YwLWQ1OWFhODQ1NDI3Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQAv5R4EIVDs7y3k3bt0 hZSNFmlCKVwgMNCLFUkIOe3iOfOp2lANAEP2ev4nTAKOs0/e0ZctZVkRzbiUlbAf KDa0rnIxTn8E63xvPuCwZ9NkjPKQW1oKTli+JmFVcfwAefj/Z6G1GsoUj7XYjKy8 /RY+DVnsH7cDv2KyDK2vVQn38Wagtx/64wu7ZPO3qFN+1XbEylAOFOqv4oA9lkYl yTEBI+OdYR2mOYf3PdD/V2MnBpQ6FP1wuAFDWvOAvG+QSeSvfc9gw3m5gN0zE4kR bWGhKCDVMfQT06ythm8ljXMXmWYU8sNXUG+ztWh/TnfdOZS4R89d3APA7a1ilhsP kwE4 -----END CERTIFICATE-----Generated at Fri Apr 19 00:30:57 2024 by rpki-client on console-fra.rpki-client.org