$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9a05c69b-927d-4e32-8626-8e91ace5c11e.roa File: 9a05c69b-927d-4e32-8626-8e91ace5c11e.roa (raw, json) Hash identifier: KJ2mKX+Rvy2BLyIKVovvIDxAqfGyjTtEp9AgO07pDkQ= Subject key identifier: 94:70:BA:E1:84:A6:52:48:8A:09:62:A8:D4:0F:58:C4:20:5C:28:34 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5BF3FA795D163B4C81F618CFFE9712986492A29D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9a05c69b-927d-4e32-8626-8e91ace5c11e.roa Signing time: Wed 01 May 2024 00:00:00 +0000 ROA not before: Wed 01 May 2024 00:00:00 +0000 ROA not after: Wed 05 Jun 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da30:c800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 May 2024 00:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:f3:fa:79:5d:16:3b:4c:81:f6:18:cf:fe:97:12:98:64:92:a2:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 1 00:00:00 2024 GMT Not After : Jun 5 23:59:59 2024 GMT Subject: serialNumber=694a9bc668d99109c7632fcdb7c21fd74232698b627191b8b57349ee109bdea3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:6f:e4:64:20:99:c3:33:21:32:34:fd:54:c2: d9:7e:b6:9b:0c:80:c7:27:f6:3a:b0:70:27:bd:46: 62:a8:27:99:54:41:fe:7d:d8:0c:0d:a8:b7:37:4a: 70:fe:9e:fb:d5:d0:52:f6:58:42:23:49:89:1f:8b: cf:f2:1c:9c:1d:91:bc:76:93:3e:14:0a:ed:14:be: cd:cb:61:e8:af:82:f0:3a:e9:35:99:6c:89:e5:92: 35:21:08:d2:21:59:b1:ca:3e:40:ad:0d:f5:70:12: 1b:4a:27:c2:f1:3b:b6:d6:98:f4:bb:8d:e9:c5:49: cf:b9:cd:36:36:70:79:73:1a:d5:a6:ce:68:94:45: 98:8c:eb:8e:22:42:ae:19:2c:19:e9:88:8a:ad:55: d9:4d:8a:ce:ed:fe:11:ea:cf:25:9b:48:28:3b:bb: 0d:19:c7:18:e8:3f:24:d3:ce:09:0b:4b:67:65:63: fb:f4:23:36:2c:60:20:36:7d:fe:45:2e:d8:9c:5e: 6e:f4:67:3f:60:04:e6:b3:37:89:dd:52:31:52:06: fe:8c:49:70:ef:52:7f:d2:4e:3a:be:fb:c7:c3:8a: 65:2d:73:23:e0:ef:a6:c0:81:58:96:e6:f6:97:98: ce:10:2d:6d:17:20:f0:cd:19:c7:47:98:8f:13:64: 55:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:70:BA:E1:84:A6:52:48:8A:09:62:A8:D4:0F:58:C4:20:5C:28:34 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9a05c69b-927d-4e32-8626-8e91ace5c11e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da30:c800::/40 Signature Algorithm: sha256WithRSAEncryption 71:3b:91:ba:c4:be:80:a6:f1:ff:25:da:3c:54:0d:fb:ef:9f: 8e:ae:9f:d1:47:23:54:6e:00:67:1a:41:a3:3d:60:60:a5:2f: f2:7d:d1:e2:85:54:94:71:0e:ca:03:79:67:a4:54:c2:2d:09: 7e:d7:31:6a:e8:11:af:8c:a9:08:e0:f9:d7:76:ac:60:ac:08: bc:c9:a0:10:6f:07:1e:10:27:35:1d:a5:2a:58:11:8f:73:90: 2c:2a:13:f8:5e:7c:62:f3:eb:6d:5b:cd:9f:5b:5a:27:73:3c: 78:53:88:8b:12:72:40:6c:87:2d:2c:55:6d:5c:07:cf:2b:81: a8:8b:d7:38:d6:d7:21:24:d9:e6:9a:3e:05:96:b0:7c:a2:6d: 68:38:4b:c3:04:f7:9e:0a:50:64:24:3d:23:77:4b:22:3f:9c: f6:68:d8:c7:98:98:92:d8:ec:32:91:57:ba:22:15:0b:4c:25: 84:18:68:c1:ad:fb:1c:c6:b6:ad:8d:44:43:8a:38:9b:43:3e: 7a:00:a2:3f:8a:3d:a4:c0:ce:6d:e7:06:03:ed:46:ae:da:29: ae:57:35:34:81:69:eb:43:41:8a:4f:de:b8:9a:ff:8e:1a:8a: 4c:30:fd:1c:e5:50:f1:75:09:c9:7a:2a:0d:9f:52:f5:9f:cd: f4:24:a9:39 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUW/P6eV0WO0yB9hjP/pcSmGSSop0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUwMTAwMDAwMFoX DTI0MDYwNTIzNTk1OVowejFJMEcGA1UEBRNANjk0YTliYzY2OGQ5OTEwOWM3NjMy ZmNkYjdjMjFmZDc0MjMyNjk4YjYyNzE5MWI4YjU3MzQ5ZWUxMDliZGVhMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApG/kZCCZwzMhMjT9VMLZfrabDIDH J/Y6sHAnvUZiqCeZVEH+fdgMDai3N0pw/p771dBS9lhCI0mJH4vP8hycHZG8dpM+ FArtFL7Ny2Hor4LwOuk1mWyJ5ZI1IQjSIVmxyj5ArQ31cBIbSifC8Tu21pj0u43p xUnPuc02NnB5cxrVps5olEWYjOuOIkKuGSwZ6YiKrVXZTYrO7f4R6s8lm0goO7sN GccY6D8k084JC0tnZWP79CM2LGAgNn3+RS7YnF5u9Gc/YATmszeJ3VIxUgb+jElw 71J/0k46vvvHw4plLXMj4O+mwIFYlub2l5jOEC1tFyDwzRnHR5iPE2RVZwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJRwuuGEplJIigliqNQPWMQgXCg0MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzlhMDVjNjliLTkyN2QtNGUzMi04NjI2LThlOTFhY2U1YzExZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaMMgwDQYJKoZIhvcNAQELBQADggEBAHE7kbrEvoCm8f8l2jxU Dfvvn46un9FHI1RuAGcaQaM9YGClL/J90eKFVJRxDsoDeWekVMItCX7XMWroEa+M qQjg+dd2rGCsCLzJoBBvBx4QJzUdpSpYEY9zkCwqE/hefGLz621bzZ9bWidzPHhT iIsSckBshy0sVW1cB88rgaiL1zjW1yEk2eaaPgWWsHyibWg4S8ME954KUGQkPSN3 SyI/nPZo2MeYmJLY7DKRV7oiFQtMJYQYaMGt+xzGtq2NREOKOJtDPnoAoj+KPaTA zm3nBgPtRq7aKa5XNTSBaetDQYpP3ria/44aikww/RzlUPF1Ccl6Kg2fUvWfzfQk qTk= -----END CERTIFICATE-----Generated at Wed May 22 00:23:04 2024 by rpki-client on console-fra.rpki-client.org