$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9c0c2fd2-a3e6-4530-a632-2b2fbb4434c8.roa File: 9c0c2fd2-a3e6-4530-a632-2b2fbb4434c8.roa (raw, json) Hash identifier: msZ4xWGdn5vguie92eq/9WXGXlaVMbmFSeQSOuELgms= Subject key identifier: 17:53:D6:A4:78:39:6D:10:F2:72:BF:7B:15:23:FC:E8:FA:5B:D7:58 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 22DEE24EA80851F8301A228C99D89A55DB825090 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9c0c2fd2-a3e6-4530-a632-2b2fbb4434c8.roa Signing time: Wed 10 Apr 2024 00:00:00 +0000 ROA not before: Wed 10 Apr 2024 00:00:00 +0000 ROA not after: Wed 15 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 28 Apr 2024 00:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:de:e2:4e:a8:08:51:f8:30:1a:22:8c:99:d8:9a:55:db:82:50:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 10 00:00:00 2024 GMT Not After : May 15 23:59:59 2024 GMT Subject: serialNumber=b7e6dc90944e162bd92bd1cb1e06237d08eae8c2f3819e51708b96bfa0ee8329, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:57:c1:fd:e1:e4:6e:12:2c:71:1f:17:cd:2b: ff:43:ae:e7:c7:ca:21:2e:75:49:07:22:df:a7:ff: 2b:27:cb:97:8a:3b:28:f0:87:d0:af:84:97:a8:02: 18:46:33:8b:08:f5:fb:00:47:84:a1:9e:f7:cd:40: 29:8f:25:9b:df:09:4b:04:9d:c7:ed:9d:ac:5b:26: 2a:34:a3:27:b1:62:a9:3d:95:35:40:1e:bb:9b:db: f0:b4:c2:e7:53:39:6d:7c:be:f6:f5:21:b0:1e:e0: d2:4f:c6:67:c2:14:ac:6b:24:ee:ff:de:4d:ae:a9: be:34:e4:bc:fa:65:b4:31:9d:78:02:0f:a1:a1:d0: d4:5d:40:b7:b9:c4:3b:fc:e5:c2:df:1c:f4:ab:d7: e3:de:61:ec:75:07:72:b9:38:ec:f6:f2:5b:dc:23: e3:57:28:45:b4:4e:fa:e8:e7:d9:c5:04:7d:fb:e4: 23:19:be:ce:ba:c5:dd:b8:7f:89:af:7a:c3:15:f7: 0c:86:e6:3d:e0:de:6c:83:a4:74:94:3b:44:f6:1e: c4:c9:68:fa:09:5d:6e:b2:fd:53:17:8a:20:81:8c: 7c:bf:96:59:68:39:bd:94:20:29:10:ca:c6:76:14: 82:f4:94:59:87:01:5b:e7:ac:38:53:b0:d2:ea:2d: 38:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:53:D6:A4:78:39:6D:10:F2:72:BF:7B:15:23:FC:E8:FA:5B:D7:58 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9c0c2fd2-a3e6-4530-a632-2b2fbb4434c8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:2000::/40 Signature Algorithm: sha256WithRSAEncryption 0f:ed:b0:4f:ce:7e:55:50:ed:e6:97:6c:9b:b9:d3:e8:3f:df: da:55:2a:eb:8a:5c:b3:a8:68:d7:48:b9:7e:14:3d:54:9c:96: af:29:e4:5c:4c:ad:1e:f2:59:aa:f1:29:db:d0:15:e6:cf:3a: b3:77:4e:2a:9e:54:4a:1f:e7:66:6b:d0:62:cf:73:f9:39:18: a1:e8:88:99:54:de:9f:69:d9:84:31:da:38:2e:20:c9:da:8f: 9a:23:7a:7d:0f:31:16:83:99:96:af:7b:9d:3d:1d:17:c5:fa: b3:d2:ea:fb:05:4e:93:06:d4:81:51:e6:42:c6:bf:9b:08:e8: 9d:98:ff:fd:b1:cc:53:cf:3e:98:84:6e:27:17:50:8d:a5:37: 13:d8:ac:ca:ec:49:16:23:4f:32:9f:a1:1a:f0:67:a1:f2:02: d5:5b:d6:42:b3:84:bf:29:e3:da:32:79:4e:4a:f5:56:5c:fc: f5:25:8e:d3:01:16:25:23:93:48:b3:79:dc:db:e4:6d:39:a5: 9a:a9:61:9c:a0:d2:51:69:60:49:5d:86:f9:be:65:7b:cc:e7: 2f:ea:d3:29:65:24:84:dc:56:84:08:ac:73:2c:2f:0e:11:11: 56:74:70:d4:af:f7:39:a4:24:db:d2:9b:9c:79:18:6e:a1:6c: 93:a1:74:d2 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUIt7iTqgIUfgwGiKMmdiaVduCUJAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQxMDAwMDAwMFoX DTI0MDUxNTIzNTk1OVowejFJMEcGA1UEBRNAYjdlNmRjOTA5NDRlMTYyYmQ5MmJk MWNiMWUwNjIzN2QwOGVhZThjMmYzODE5ZTUxNzA4Yjk2YmZhMGVlODMyOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3FfB/eHkbhIscR8XzSv/Q67nx8oh LnVJByLfp/8rJ8uXijso8IfQr4SXqAIYRjOLCPX7AEeEoZ73zUApjyWb3wlLBJ3H 7Z2sWyYqNKMnsWKpPZU1QB67m9vwtMLnUzltfL729SGwHuDST8ZnwhSsayTu/95N rqm+NOS8+mW0MZ14Ag+hodDUXUC3ucQ7/OXC3xz0q9fj3mHsdQdyuTjs9vJb3CPj VyhFtE766OfZxQR9++QjGb7OusXduH+Jr3rDFfcMhuY94N5sg6R0lDtE9h7EyWj6 CV1usv1TF4oggYx8v5ZZaDm9lCApEMrGdhSC9JRZhwFb56w4U7DS6i04CQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBdT1qR4OW0Q8nK/exUj/Oj6W9dYMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzljMGMyZmQyLWEzZTYtNDUzMC1hNjMyLTJiMmZiYjQ0MzRjOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/yAwDQYJKoZIhvcNAQELBQADggEBAA/tsE/OflVQ7eaXbJu5 0+g/39pVKuuKXLOoaNdIuX4UPVSclq8p5FxMrR7yWarxKdvQFebPOrN3TiqeVEof 52Zr0GLPc/k5GKHoiJlU3p9p2YQx2jguIMnaj5ojen0PMRaDmZave509HRfF+rPS 6vsFTpMG1IFR5kLGv5sI6J2Y//2xzFPPPpiEbicXUI2lNxPYrMrsSRYjTzKfoRrw Z6HyAtVb1kKzhL8p49oyeU5K9VZc/PUljtMBFiUjk0izedzb5G05pZqpYZyg0lFp YEldhvm+ZXvM5y/q0yllJITcVoQIrHMsLw4REVZ0cNSv9zmkJNvSm5x5GG6hbJOh dNI= -----END CERTIFICATE-----Generated at Wed Apr 24 05:31:46 2024 by rpki-client on console-fra.rpki-client.org