$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9ff3d168-754a-40d4-ad25-8b3a7db40970.roa File: 9ff3d168-754a-40d4-ad25-8b3a7db40970.roa (raw, json) Hash identifier: ZZQNf5zPDmmZ+/qPVhtb3Jh7SJqGciNF+MLjVJTQMas= Subject key identifier: 6C:36:4F:8E:BC:3C:B7:D9:3B:43:F4:C6:A7:A2:FE:0A:95:65:99:5F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 76C2628E7152E800C97094450F04F912D298616C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9ff3d168-754a-40d4-ad25-8b3a7db40970.roa Signing time: Tue 23 Apr 2024 00:00:00 +0000 ROA not before: Tue 23 Apr 2024 00:00:00 +0000 ROA not after: Tue 28 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab8:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 07 May 2024 00:10:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:c2:62:8e:71:52:e8:00:c9:70:94:45:0f:04:f9:12:d2:98:61:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 23 00:00:00 2024 GMT Not After : May 28 23:59:59 2024 GMT Subject: serialNumber=d0428f00cd4868fee51b1c530d67d66f443f314fc1140719e0fdd87d5307981b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:ba:fc:ae:69:bf:a9:01:fe:dd:f7:a2:23:fd: d3:2f:99:67:c2:39:ff:ad:fd:61:f2:81:18:63:38: 64:7b:ee:38:29:da:79:33:5a:96:39:bd:2b:9c:c3: e4:30:90:66:95:55:f6:b8:9b:c6:1c:e6:8e:23:f4: d4:10:7d:0b:ec:7f:d4:88:38:f1:08:be:99:a1:6f: 2c:a2:ea:0f:d7:b5:b9:76:16:9b:bc:67:1b:2f:1e: bf:e3:e1:9d:e9:fb:db:fc:6f:3e:a6:49:d1:bd:1e: 4d:58:23:44:81:8d:4f:dd:99:23:65:7b:c5:20:e3: f4:13:25:fb:09:76:91:e8:61:6c:9f:02:86:51:15: b5:75:34:14:16:1f:42:53:9d:0b:a1:70:7a:b0:d9: 82:4a:7d:62:d0:47:81:ab:33:b2:41:98:66:61:f5: 49:78:d8:54:eb:83:34:e2:40:e5:4a:29:c0:a1:7f: 38:67:51:e3:ed:6b:7a:6f:36:f9:0e:ce:c6:0a:a2: de:86:d1:db:1f:74:74:f8:9d:ea:db:66:3d:38:20: f5:99:5b:5e:bd:27:fc:29:c6:d3:f4:ba:31:56:26: e4:19:b5:09:ba:f8:a1:3b:15:35:08:ea:09:97:7f: a9:6b:06:19:35:6e:1f:91:d2:33:cc:1e:be:0f:ba: 0b:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:36:4F:8E:BC:3C:B7:D9:3B:43:F4:C6:A7:A2:FE:0A:95:65:99:5F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9ff3d168-754a-40d4-ad25-8b3a7db40970.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab8:7000::/40 Signature Algorithm: sha256WithRSAEncryption 8e:10:c6:20:c7:1f:a4:bf:c8:f2:c2:9d:d2:3d:71:cb:45:95: 61:4b:cb:c1:12:e0:82:59:e8:1f:a6:eb:d6:54:25:63:95:9e: 10:11:4e:b7:a4:bd:73:b4:47:65:b4:64:7e:57:d5:24:93:b0: a0:13:09:36:37:a8:4e:b1:72:b0:f2:f0:45:9e:75:e8:42:84: 0b:88:85:80:1a:37:ab:06:8a:ba:fe:ee:55:58:56:27:bc:c8: fe:a3:03:f0:82:54:4a:fa:84:c3:d4:0f:55:f1:ff:49:0c:4a: 2c:fe:6e:6d:8c:e3:3f:64:06:f5:ed:73:51:2e:1b:5e:fc:d0: 22:31:1d:42:99:f3:13:53:e3:a6:38:9b:0e:04:fc:f0:1b:88: 26:e3:c9:6e:ac:59:30:c5:91:99:2e:95:ee:08:10:de:06:5b: f5:52:72:4f:ea:7a:4d:7a:ba:96:cd:57:e5:46:8f:b9:2a:f3: f8:f9:ed:e4:f9:2c:62:c9:14:28:b7:68:13:4b:ff:fc:7f:77: 97:4a:d5:ea:ef:42:6d:bc:6e:86:ec:c5:f2:25:c5:5d:90:91: 8b:24:8a:0a:8e:b4:c4:89:5f:d2:56:7c:27:88:7d:7d:78:f6: 41:a8:4c:ff:39:db:cf:ba:d4:ab:87:d9:b6:35:7b:2b:a9:c9: e6:99:40:15 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUdsJijnFS6ADJcJRFDwT5EtKYYWwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQyMzAwMDAwMFoX DTI0MDUyODIzNTk1OVowejFJMEcGA1UEBRNAZDA0MjhmMDBjZDQ4NjhmZWU1MWIx YzUzMGQ2N2Q2NmY0NDNmMzE0ZmMxMTQwNzE5ZTBmZGQ4N2Q1MzA3OTgxYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7r8rmm/qQH+3feiI/3TL5lnwjn/ rf1h8oEYYzhke+44Kdp5M1qWOb0rnMPkMJBmlVX2uJvGHOaOI/TUEH0L7H/UiDjx CL6ZoW8souoP17W5dhabvGcbLx6/4+Gd6fvb/G8+pknRvR5NWCNEgY1P3ZkjZXvF IOP0EyX7CXaR6GFsnwKGURW1dTQUFh9CU50LoXB6sNmCSn1i0EeBqzOyQZhmYfVJ eNhU64M04kDlSinAoX84Z1Hj7Wt6bzb5Ds7GCqLehtHbH3R0+J3q22Y9OCD1mVte vSf8KcbT9LoxVibkGbUJuvihOxU1COoJl3+pawYZNW4fkdIzzB6+D7oLbwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGw2T468PLfZO0P0xqei/gqVZZlfMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzlmZjNkMTY4LTc1NGEtNDBkNC1hZDI1LThiM2E3ZGI0MDk3MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauHAwDQYJKoZIhvcNAQELBQADggEBAI4QxiDHH6S/yPLCndI9 cctFlWFLy8ES4IJZ6B+m69ZUJWOVnhARTrekvXO0R2W0ZH5X1SSTsKATCTY3qE6x crDy8EWedehChAuIhYAaN6sGirr+7lVYVie8yP6jA/CCVEr6hMPUD1Xx/0kMSiz+ bm2M4z9kBvXtc1EuG1780CIxHUKZ8xNT46Y4mw4E/PAbiCbjyW6sWTDFkZkule4I EN4GW/VSck/qek16upbNV+VGj7kq8/j57eT5LGLJFCi3aBNL//x/d5dK1ervQm28 bobsxfIlxV2QkYskigqOtMSJX9JWfCeIfX149kGoTP8528+61KuH2bY1eyupyeaZ QBU= -----END CERTIFICATE-----Generated at Fri May 3 00:47:15 2024 by rpki-client on console-ams.rpki-client.org