$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/99f57a1e-3186-4e34-800e-52aeee0fb0a4.roa File: 99f57a1e-3186-4e34-800e-52aeee0fb0a4.roa (raw, json) Hash identifier: +s8/jIG190cYIbi+fiUJCds5XIs3ckSnVVrRfdPL8Ig= Subject key identifier: 4C:C1:2F:06:CF:43:95:FC:EA:CF:BB:01:55:D4:B9:C5:45:5D:D4:6F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 02ABCCE52009F76970052190F890B495D060318D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/99f57a1e-3186-4e34-800e-52aeee0fb0a4.roa Signing time: Sat 20 Apr 2024 00:00:00 +0000 ROA not before: Sat 20 Apr 2024 00:00:00 +0000 ROA not after: Sat 25 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da18:8000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 06 May 2024 15:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:ab:cc:e5:20:09:f7:69:70:05:21:90:f8:90:b4:95:d0:60:31:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 20 00:00:00 2024 GMT Not After : May 25 23:59:59 2024 GMT Subject: serialNumber=ac2211cf22e6e0ce31f407fbd4dcfbe94b5cdf6dc2a169e152d783a811f4dfb6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:88:53:4b:14:fd:62:45:10:b6:54:34:f2:a3: 2b:02:a5:d1:e0:be:7e:09:8d:91:47:36:dc:4a:bb: 13:0e:34:27:93:e7:25:9d:0a:8c:ce:52:f9:17:1e: a6:78:55:c2:01:91:63:50:11:a9:f7:c6:14:2f:78: f2:be:f5:ae:2d:ff:6b:89:c0:6a:23:ca:46:43:ac: 72:da:3d:43:61:a7:83:0c:09:44:1d:8a:65:e2:14: 0b:da:bc:7a:93:b9:2f:64:ef:d2:68:a7:3a:8e:8c: b5:ba:e7:f9:e6:71:5b:1e:99:ef:52:cd:cb:3b:4b: 95:2e:85:0b:7c:f2:55:08:38:e2:a9:86:4d:a6:c5: 3b:fe:47:02:c7:dd:d5:c5:94:e3:40:d1:7d:7c:9f: 37:66:ad:de:ec:53:e5:c4:b0:24:63:c5:18:c7:84: f8:15:24:44:6f:6b:25:74:1c:70:ae:5b:5f:f0:62: d2:0b:71:8f:06:db:e9:88:9d:0c:c2:f0:cf:32:7f: 15:5d:1a:1a:a2:05:10:61:79:ec:bd:70:1a:39:c6: 59:39:e1:a8:50:f9:14:82:f4:3e:80:ff:64:81:73: 3a:8d:01:48:34:c0:ad:85:ef:e1:98:57:31:75:54: d0:20:50:45:f7:9a:50:6a:82:80:b8:90:8e:c1:29: 6b:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:C1:2F:06:CF:43:95:FC:EA:CF:BB:01:55:D4:B9:C5:45:5D:D4:6F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/99f57a1e-3186-4e34-800e-52aeee0fb0a4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da18:8000::/36 Signature Algorithm: sha256WithRSAEncryption aa:68:08:c2:43:5f:a1:cf:be:86:2d:9f:8d:de:88:06:a6:3f: ce:98:ed:8b:57:74:60:14:83:42:28:f8:46:76:06:51:70:e4: a3:91:89:be:3d:6b:67:69:31:98:7f:ba:fa:bb:43:84:27:0a: 3d:69:04:ee:5c:e8:c7:24:62:a1:06:00:48:7a:8a:59:97:69: fc:96:e5:0a:6b:aa:7f:6c:f9:52:c8:f5:a8:44:c8:dc:3e:62: 95:fc:66:55:ae:dc:db:85:0a:2a:72:53:b5:da:40:91:b8:3a: d9:ae:84:5c:60:38:20:de:df:0e:1b:51:83:3e:92:a5:bc:97: ab:32:a6:e4:7a:92:6a:85:4f:9b:ad:d2:61:b0:0a:d8:75:ab: f5:19:df:57:96:ef:84:cb:ce:78:fb:bc:0e:c4:38:0a:3b:cd: bc:e4:1d:5d:7f:77:93:03:fd:57:8a:76:3f:fa:ad:3f:81:7b: 5f:d1:e0:70:af:65:a6:f5:bc:59:0a:69:b7:a4:32:e3:a1:63: 4e:ba:89:8c:be:6e:e3:6b:96:a8:21:d8:d2:67:54:7b:68:64: ca:3b:53:e2:17:ec:f7:ba:81:57:4c:ad:d2:24:8d:02:ff:31: 99:74:2f:e5:77:7c:37:8c:9b:35:09:04:c1:b6:65:64:a5:25: e7:d7:77:92 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUAqvM5SAJ92lwBSGQ+JC0ldBgMY0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQyMDAwMDAwMFoX DTI0MDUyNTIzNTk1OVowejFJMEcGA1UEBRNAYWMyMjExY2YyMmU2ZTBjZTMxZjQw N2ZiZDRkY2ZiZTk0YjVjZGY2ZGMyYTE2OWUxNTJkNzgzYTgxMWY0ZGZiNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYhTSxT9YkUQtlQ08qMrAqXR4L5+ CY2RRzbcSrsTDjQnk+clnQqMzlL5Fx6meFXCAZFjUBGp98YUL3jyvvWuLf9ricBq I8pGQ6xy2j1DYaeDDAlEHYpl4hQL2rx6k7kvZO/SaKc6joy1uuf55nFbHpnvUs3L O0uVLoULfPJVCDjiqYZNpsU7/kcCx93VxZTjQNF9fJ83Zq3e7FPlxLAkY8UYx4T4 FSREb2sldBxwrltf8GLSC3GPBtvpiJ0MwvDPMn8VXRoaogUQYXnsvXAaOcZZOeGo UPkUgvQ+gP9kgXM6jQFINMCthe/hmFcxdVTQIFBF95pQaoKAuJCOwSlrPQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEzBLwbPQ5X86s+7AVXUucVFXdRvMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk5ZjU3YTFlLTMxODYtNGUzNC04MDBlLTUyYWVlZTBmYjBhNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaGIAwDQYJKoZIhvcNAQELBQADggEBAKpoCMJDX6HPvoYtn43e iAamP86Y7YtXdGAUg0Io+EZ2BlFw5KORib49a2dpMZh/uvq7Q4QnCj1pBO5c6Mck YqEGAEh6ilmXafyW5Qprqn9s+VLI9ahEyNw+YpX8ZlWu3NuFCipyU7XaQJG4Otmu hFxgOCDe3w4bUYM+kqW8l6sypuR6kmqFT5ut0mGwCth1q/UZ31eW74TLznj7vA7E OAo7zbzkHV1/d5MD/VeKdj/6rT+Be1/R4HCvZab1vFkKabekMuOhY066iYy+buNr lqgh2NJnVHtoZMo7U+IX7Pe6gVdMrdIkjQL/MZl0L+V3fDeMmzUJBMG2ZWSlJefX d5I= -----END CERTIFICATE-----Generated at Thu May 2 17:40:59 2024 by rpki-client on console-fra.rpki-client.org