$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9a9d41bd-0bed-4bc0-8365-34453f074020.roa File: 9a9d41bd-0bed-4bc0-8365-34453f074020.roa (raw, json) Hash identifier: H1LjX7kJ95i15wXWljCasaipu8sVjTyD8sbrMyOYlxw= Subject key identifier: CF:DA:FB:B3:FB:35:16:FC:74:9D:F0:1F:22:65:22:09:89:C8:7B:88 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0CDBB101AA78D824C3B204E48DBEB737A06A3CF4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9a9d41bd-0bed-4bc0-8365-34453f074020.roa Signing time: Mon 18 Sep 2023 00:00:00 +0000 ROA not before: Mon 18 Sep 2023 00:00:00 +0000 ROA not after: Mon 23 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafe:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 20 Sep 2023 03:07:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:db:b1:01:aa:78:d8:24:c3:b2:04:e4:8d:be:b7:37:a0:6a:3c:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 18 00:00:00 2023 GMT Not After : Oct 23 23:59:59 2023 GMT Subject: serialNumber=9808625be9220f64ffeeec861722759d1262f8b259a9170bc55e5fc8a7966c4c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:88:5e:b5:3f:8f:c3:d0:61:50:f5:6e:86:11:72: 0d:b3:6d:b3:b3:ed:0b:41:70:bc:00:ce:0a:0d:8e: 00:b2:e6:c5:33:e5:e0:62:ba:78:94:4a:e2:b7:08: c5:87:e7:1f:d8:c5:5a:76:2b:5c:05:aa:b8:e5:92: 7d:b6:d1:ca:3d:12:03:73:69:b1:ae:fa:64:7c:47: 7b:fa:2c:62:9b:90:23:5a:bf:c7:6c:1d:50:d8:88: 65:28:a6:be:05:cf:ac:46:d8:37:17:98:e1:bc:4c: bf:9b:8c:28:3b:af:44:a3:16:09:62:ff:18:3a:59: 94:9f:9d:3b:ce:7d:14:8f:f7:71:62:32:bb:e5:79: 05:6d:15:78:8e:11:b1:2a:d4:48:4f:e6:e7:83:eb: 8b:75:27:5c:84:cb:5f:95:64:a0:b7:35:6f:bc:97: 61:9e:51:85:10:78:be:67:eb:78:9e:c0:7f:9e:3b: 45:53:2a:b7:71:54:31:16:1c:aa:64:8c:de:18:ff: 20:c9:ea:37:c9:2b:01:db:3f:49:86:55:11:e4:7e: f4:c7:fd:16:d3:44:a9:0b:2e:b5:c2:1a:03:21:34: 07:6e:1a:67:97:4d:dc:8e:19:df:5b:9a:3f:5a:d8: 31:98:dc:d7:4f:c0:5d:3a:14:45:48:32:19:33:1d: 85:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:DA:FB:B3:FB:35:16:FC:74:9D:F0:1F:22:65:22:09:89:C8:7B:88 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9a9d41bd-0bed-4bc0-8365-34453f074020.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafe:e000::/40 Signature Algorithm: sha256WithRSAEncryption b3:c4:c5:4b:f6:d4:62:00:fe:bd:5c:f9:51:a2:f4:33:68:c3: fd:d0:9a:4d:a1:90:46:30:4f:09:a1:9d:06:c2:5b:5b:be:39: 71:27:a3:ff:32:64:3a:a0:0a:25:97:26:c2:aa:13:ce:53:fb: 2d:f7:45:93:dd:78:97:c4:8d:28:a4:47:bd:b3:bc:cc:5a:70: 2c:2e:03:b5:29:8f:ae:7b:c3:ba:51:33:f3:49:58:86:97:15: 39:46:d4:4a:1a:7e:5d:22:21:fb:34:bd:54:f7:5d:67:12:59: 20:93:6a:86:fc:21:45:a5:f5:07:51:c2:66:e5:bf:b6:27:f3: 2c:4f:17:c2:23:d3:b6:e5:e1:6b:f5:7b:90:80:b0:3e:10:9b: 1c:ae:1d:ba:08:af:3e:72:e4:3d:0b:13:b6:2b:08:fa:90:2b: e5:62:60:26:82:5e:ba:f4:f7:83:c3:61:0b:f1:14:1c:f0:c4: 6a:b6:3e:67:8b:09:1d:73:3a:da:31:b0:2f:1a:55:4a:49:42: 91:0c:0e:cb:5e:4e:ea:2f:22:45:b7:ad:17:0a:8b:16:e5:41: 0a:0e:6d:bf:c8:a5:2d:b2:03:3e:23:57:ff:bd:f8:b8:c5:cf: 1f:c1:82:79:16:3e:ed:8f:e2:6a:8e:a5:96:48:4b:f6:35:a0: cd:82:01:b8 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUDNuxAap42CTDsgTkjb63N6BqPPQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkxODAwMDAwMFoX DTIzMTAyMzIzNTk1OVowejFJMEcGA1UEBRNAOTgwODYyNWJlOTIyMGY2NGZmZWVl Yzg2MTcyMjc1OWQxMjYyZjhiMjU5YTkxNzBiYzU1ZTVmYzhhNzk2NmM0YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiF61P4/D0GFQ9W6GEXINs22zs+0L QXC8AM4KDY4AsubFM+XgYrp4lEritwjFh+cf2MVaditcBaq45ZJ9ttHKPRIDc2mx rvpkfEd7+ixim5AjWr/HbB1Q2IhlKKa+Bc+sRtg3F5jhvEy/m4woO69EoxYJYv8Y OlmUn507zn0Uj/dxYjK75XkFbRV4jhGxKtRIT+bng+uLdSdchMtflWSgtzVvvJdh nlGFEHi+Z+t4nsB/njtFUyq3cVQxFhyqZIzeGP8gyeo3ySsB2z9JhlUR5H70x/0W 00SpCy61whoDITQHbhpnl03cjhnfW5o/WtgxmNzXT8BdOhRFSDIZMx2FXwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFM/a+7P7NRb8dJ3wHyJlIgmJyHuIMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzlhOWQ0MWJkLTBiZWQtNGJjMC04MzY1LTM0NDUzZjA3NDAyMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/uAwDQYJKoZIhvcNAQELBQADggEBALPExUv21GIA/r1c+VGi 9DNow/3Qmk2hkEYwTwmhnQbCW1u+OXEno/8yZDqgCiWXJsKqE85T+y33RZPdeJfE jSikR72zvMxacCwuA7Upj657w7pRM/NJWIaXFTlG1Eoafl0iIfs0vVT3XWcSWSCT aob8IUWl9QdRwmblv7Yn8yxPF8Ij07bl4Wv1e5CAsD4QmxyuHboIrz5y5D0LE7Yr CPqQK+ViYCaCXrr094PDYQvxFBzwxGq2PmeLCR1zOtoxsC8aVUpJQpEMDsteTuov IkW3rRcKixblQQoObb/IpS2yAz4jV/+9+LjFzx/BgnkWPu2P4mqOpZZIS/Y1oM2C Abg= -----END CERTIFICATE-----Generated at Mon Sep 18 15:24:45 2023 by rpki-client on console-fra.rpki-client.org