$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9ff3d168-754a-40d4-ad25-8b3a7db40970.roa File: 9ff3d168-754a-40d4-ad25-8b3a7db40970.roa (raw, json) Hash identifier: 0TE1L0+P4a7W/4mGBj3UI25sib2Yl020gkU8rQfM1sU= Subject key identifier: C8:7F:3E:C0:7F:7B:35:8B:8E:4A:3C:6C:FD:2E:FE:4B:A1:5D:6D:03 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 722E410C5442F3C93FA591B6C1C0F3E0F7681534 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9ff3d168-754a-40d4-ad25-8b3a7db40970.roa Signing time: Mon 08 Jul 2024 00:00:00 +0000 ROA not before: Mon 08 Jul 2024 00:00:00 +0000 ROA not after: Mon 12 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab8:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:2e:41:0c:54:42:f3:c9:3f:a5:91:b6:c1:c0:f3:e0:f7:68:15:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 8 00:00:00 2024 GMT Not After : Aug 12 23:59:59 2024 GMT Subject: serialNumber=3e5c9ad04c1aaed07ee016165cebff50b9f8a2cd8ffc2e93f7e4a6de48adf16c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:27:fa:82:aa:4a:28:93:32:5a:95:76:2c:51: 7e:92:84:b5:83:eb:51:2a:34:e3:e4:e6:2e:cc:2f: 66:88:17:03:de:a7:7b:db:d1:4f:f4:48:1e:8b:fe: 32:b3:6e:c0:67:88:5f:9b:65:34:ee:1d:67:99:b0: d6:06:f6:53:32:cf:14:26:74:04:cc:55:9e:fd:91: 44:15:b1:60:25:08:7a:52:be:74:a2:6f:9d:60:01: 6b:a8:b7:98:0c:24:19:b5:c0:65:82:34:5a:6c:95: 4b:14:13:ca:49:7b:c6:8b:3c:14:27:76:2c:f0:ea: 18:b1:e6:9c:1f:73:23:e9:a0:68:20:84:ad:50:ca: dc:6c:23:cf:a2:65:3a:fc:0b:6f:55:a5:bb:60:68: eb:67:f0:7c:0d:97:8e:07:52:3e:9f:83:30:54:db: 3a:c8:f6:ce:55:26:ce:5e:44:96:dd:cb:ad:12:74: 4b:29:19:44:86:26:10:f2:1c:7e:2b:de:69:83:94: 84:7d:60:7b:1e:36:99:56:41:3f:75:79:d0:ab:c1: be:3f:11:17:0a:87:94:a3:d0:d0:1a:02:e4:07:87: ed:16:3b:89:a4:ee:f1:18:2d:02:17:5b:dc:ff:5c: 9f:b4:3e:d3:01:b4:83:59:ef:f1:45:a4:a3:53:26: a8:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:7F:3E:C0:7F:7B:35:8B:8E:4A:3C:6C:FD:2E:FE:4B:A1:5D:6D:03 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9ff3d168-754a-40d4-ad25-8b3a7db40970.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab8:7000::/40 Signature Algorithm: sha256WithRSAEncryption ac:31:5b:e5:7b:65:62:2f:14:82:f4:4e:4f:f2:ca:d5:79:a5: 2c:d8:43:e6:5d:da:c4:6b:92:e6:54:30:3f:0c:4e:0b:88:c3: 3a:f6:f8:21:5d:a1:c1:88:e3:a9:26:38:be:a2:16:27:2d:82: 7c:7a:66:a3:66:fc:62:5d:05:c6:52:f2:8f:b1:1b:f5:82:11: 2f:98:48:eb:f9:63:09:7a:ca:3d:9c:bf:cb:24:20:a1:af:52: d8:60:f6:14:95:e1:f6:0a:03:19:a4:aa:ab:b7:a7:b6:32:86: 0a:93:6d:de:be:4f:ac:f3:17:4a:e8:bf:43:6d:20:98:62:cb: f9:22:af:ec:90:ed:5b:e6:f9:4a:30:83:0d:9c:6b:1d:c7:22: d9:91:07:4e:d6:ac:31:ed:a9:e4:17:97:a1:3d:b0:96:f5:da: a8:94:9d:02:2b:e9:b3:65:60:6b:13:2e:19:94:ea:4b:96:80: 28:24:5d:88:5b:3e:9e:f2:0d:12:6f:d9:31:5a:a5:01:a5:9c: 95:c5:14:de:ee:9f:78:13:e3:31:6a:1d:dc:c5:24:12:61:e4: c2:bc:90:16:3e:d6:a8:fb:dd:27:da:39:97:f6:2e:59:85:8c: 0f:42:2c:48:dc:b5:64:af:83:2a:09:04:33:c1:7e:53:e4:f1: 7d:27:81:f1 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUci5BDFRC88k/pZG2wcDz4PdoFTQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcwODAwMDAwMFoX DTI0MDgxMjIzNTk1OVowejFJMEcGA1UEBRNAM2U1YzlhZDA0YzFhYWVkMDdlZTAx NjE2NWNlYmZmNTBiOWY4YTJjZDhmZmMyZTkzZjdlNGE2ZGU0OGFkZjE2YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Cf6gqpKKJMyWpV2LFF+koS1g+tR KjTj5OYuzC9miBcD3qd729FP9Egei/4ys27AZ4hfm2U07h1nmbDWBvZTMs8UJnQE zFWe/ZFEFbFgJQh6Ur50om+dYAFrqLeYDCQZtcBlgjRabJVLFBPKSXvGizwUJ3Ys 8OoYseacH3Mj6aBoIIStUMrcbCPPomU6/AtvVaW7YGjrZ/B8DZeOB1I+n4MwVNs6 yPbOVSbOXkSW3cutEnRLKRlEhiYQ8hx+K95pg5SEfWB7HjaZVkE/dXnQq8G+PxEX CoeUo9DQGgLkB4ftFjuJpO7xGC0CF1vc/1yftD7TAbSDWe/xRaSjUyaoSQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMh/PsB/ezWLjko8bP0u/kuhXW0DMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzlmZjNkMTY4LTc1NGEtNDBkNC1hZDI1LThiM2E3ZGI0MDk3MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauHAwDQYJKoZIhvcNAQELBQADggEBAKwxW+V7ZWIvFIL0Tk/y ytV5pSzYQ+Zd2sRrkuZUMD8MTguIwzr2+CFdocGI46kmOL6iFictgnx6ZqNm/GJd BcZS8o+xG/WCES+YSOv5Ywl6yj2cv8skIKGvUthg9hSV4fYKAxmkqqu3p7YyhgqT bd6+T6zzF0rov0NtIJhiy/kir+yQ7Vvm+Uowgw2cax3HItmRB07WrDHtqeQXl6E9 sJb12qiUnQIr6bNlYGsTLhmU6kuWgCgkXYhbPp7yDRJv2TFapQGlnJXFFN7un3gT 4zFqHdzFJBJh5MK8kBY+1qj73SfaOZf2LlmFjA9CLEjctWSvgyoJBDPBflPk8X0n gfE= -----END CERTIFICATE-----Generated at Fri Jul 26 01:58:41 2024 by rpki-client on console-ams.rpki-client.org