$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/996cc3b8-0df0-4f17-97f0-d59aa845427c.roa File: 996cc3b8-0df0-4f17-97f0-d59aa845427c.roa (raw, json) Hash identifier: iQXQ9DilOU33fnHbs1O2/l7SJmlTlCCzPaxG24oEUL4= Subject key identifier: 4E:6E:CF:04:FC:41:26:9A:D9:59:1D:59:8D:82:65:EA:2B:A1:46:40 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2772BABF73434CCA5FFFCDE9117813FD436DECC8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/996cc3b8-0df0-4f17-97f0-d59aa845427c.roa Signing time: Tue 02 Jul 2024 00:00:00 +0000 ROA not before: Tue 02 Jul 2024 00:00:00 +0000 ROA not after: Tue 06 Aug 2024 23:59:59 +0000 asID: 14618 IP address blocks: 2406:da00:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:72:ba:bf:73:43:4c:ca:5f:ff:cd:e9:11:78:13:fd:43:6d:ec:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 2 00:00:00 2024 GMT Not After : Aug 6 23:59:59 2024 GMT Subject: serialNumber=1bd2c0741991e5e96474c4338ef67ba8ba83be3fef7dd13df616874b2e1c9077, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:cc:63:b2:7b:9f:1e:c3:fa:00:f8:b8:50:5c: b0:27:86:76:36:35:30:cf:ad:b8:52:3b:6c:82:b0: 5d:f3:3d:a5:8f:c1:1d:86:01:e8:ea:23:8c:53:da: 58:11:94:80:a6:88:c9:c2:59:39:aa:72:8a:09:c0: 4e:7d:91:1a:8e:6e:20:4a:3f:60:26:49:19:91:c0: 64:d3:86:e9:b1:47:60:b6:56:68:f2:29:a2:df:32: 3c:67:ef:e5:62:12:c6:2b:99:12:68:5d:64:5d:88: 61:81:81:e2:6e:9a:16:08:b5:b3:14:24:c9:29:8e: e9:aa:62:af:ee:2f:7f:d0:d5:a5:87:2a:fa:e8:f2: a1:1c:6e:f1:54:6f:f0:8c:e5:da:df:95:91:c1:8f: 4e:3a:2b:1c:eb:03:50:2f:0b:98:7e:f9:2d:f3:f4: 8c:21:80:98:e1:81:23:f4:da:cd:05:5c:ce:29:70: e9:13:4d:ea:fd:01:bf:3e:88:50:6e:94:50:65:75: ce:42:48:c7:2f:a3:90:d0:44:32:24:af:55:87:0a: 52:65:7d:f5:c7:90:5c:42:26:ef:92:b3:4c:d2:a4: b2:a5:a4:7a:0e:60:c9:b9:1b:fa:87:40:be:db:26: 3b:5a:e8:5f:bb:11:96:4f:0a:a3:84:d5:a3:5f:5d: a8:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:6E:CF:04:FC:41:26:9A:D9:59:1D:59:8D:82:65:EA:2B:A1:46:40 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/996cc3b8-0df0-4f17-97f0-d59aa845427c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:ff00::/48 Signature Algorithm: sha256WithRSAEncryption a3:99:44:e0:33:18:f0:23:53:81:9c:e4:2b:68:9d:cf:88:f1: 75:6f:f2:62:41:4e:e5:b8:49:34:bc:13:45:c9:1d:fc:36:84: e2:a0:38:1e:f2:96:81:01:8d:e6:3f:b1:a6:bc:a9:2a:f5:74: 25:ca:b1:c1:c3:a4:45:48:2b:8f:da:53:63:52:99:1e:7c:6d: a9:29:d9:cb:07:86:a6:1e:5f:55:ab:b8:f0:0e:d3:05:29:09: 1a:01:d5:ce:27:73:77:28:8d:18:32:fe:5a:0f:17:ab:c7:2b: a9:fc:1d:ff:fa:5c:d8:ea:80:93:41:1a:de:2f:6c:ba:60:15: 38:21:7c:f1:cd:89:8a:ea:62:03:71:ba:08:b8:df:fe:f5:cc: 7d:ee:12:b3:d2:a4:d5:eb:a6:ab:fe:1a:9b:f9:25:24:dc:47: b5:d8:71:9e:fc:03:de:0b:6c:47:42:07:6b:e1:e6:78:83:10: af:4a:bb:72:34:85:11:b7:28:d7:45:bf:26:22:27:a0:f6:06: 35:d9:46:76:e7:9b:bf:13:d3:7c:5a:89:a7:7b:b3:d1:8e:b6: 17:14:9a:11:4b:41:b6:1d:e5:fd:0b:12:c0:bf:03:10:64:fc: 04:06:a8:0e:03:1f:22:2f:7c:4c:e2:c5:c7:6b:09:9b:83:39: b5:06:1b:ab -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUJ3K6v3NDTMpf/83pEXgT/UNt7MgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcwMjAwMDAwMFoX DTI0MDgwNjIzNTk1OVowejFJMEcGA1UEBRNAMWJkMmMwNzQxOTkxZTVlOTY0NzRj NDMzOGVmNjdiYThiYTgzYmUzZmVmN2RkMTNkZjYxNjg3NGIyZTFjOTA3NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8xjsnufHsP6APi4UFywJ4Z2NjUw z624UjtsgrBd8z2lj8EdhgHo6iOMU9pYEZSApojJwlk5qnKKCcBOfZEajm4gSj9g JkkZkcBk04bpsUdgtlZo8imi3zI8Z+/lYhLGK5kSaF1kXYhhgYHibpoWCLWzFCTJ KY7pqmKv7i9/0NWlhyr66PKhHG7xVG/wjOXa35WRwY9OOisc6wNQLwuYfvkt8/SM IYCY4YEj9NrNBVzOKXDpE03q/QG/PohQbpRQZXXOQkjHL6OQ0EQyJK9VhwpSZX31 x5BcQibvkrNM0qSypaR6DmDJuRv6h0C+2yY7WuhfuxGWTwqjhNWjX12okQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFE5uzwT8QSaa2VkdWY2CZeoroUZAMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk5NmNjM2I4LTBkZjAtNGYxNy05N2YwLWQ1OWFhODQ1NDI3Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQCjmUTgMxjwI1OBnOQr aJ3PiPF1b/JiQU7luEk0vBNFyR38NoTioDge8paBAY3mP7GmvKkq9XQlyrHBw6RF SCuP2lNjUpkefG2pKdnLB4amHl9Vq7jwDtMFKQkaAdXOJ3N3KI0YMv5aDxerxyup /B3/+lzY6oCTQRreL2y6YBU4IXzxzYmK6mIDcboIuN/+9cx97hKz0qTV66ar/hqb +SUk3Ee12HGe/APeC2xHQgdr4eZ4gxCvSrtyNIURtyjXRb8mIieg9gY12UZ255u/ E9N8Womne7PRjrYXFJoRS0G2HeX9CxLAvwMQZPwEBqgOAx8iL3xM4sXHawmbgzm1 Bhur -----END CERTIFICATE-----Generated at Fri Jul 26 02:06:16 2024 by rpki-client on console-fra.rpki-client.org