$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2514fe3-5779-4174-ba62-2a19e0c7ddf9.roa File: a2514fe3-5779-4174-ba62-2a19e0c7ddf9.roa (raw, json) Hash identifier: hvEI/ukugf23RcaQ/ScnGmMNvK5uBwpol5WgnvoKdaM= Subject key identifier: CF:45:46:F7:81:99:F0:31:71:15:D5:65:88:CF:E6:AA:27:3B:00:92 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3FD475F827A51CB32546BC9D636CA60ADC26DC23 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2514fe3-5779-4174-ba62-2a19e0c7ddf9.roa Signing time: Mon 11 Sep 2023 00:00:00 +0000 ROA not before: Mon 11 Sep 2023 00:00:00 +0000 ROA not after: Mon 16 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da21::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 Sep 2023 03:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:d4:75:f8:27:a5:1c:b3:25:46:bc:9d:63:6c:a6:0a:dc:26:dc:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 11 00:00:00 2023 GMT Not After : Oct 16 23:59:59 2023 GMT Subject: serialNumber=f329a098fa060081ff21af6a108024f0708ed9f57287bd61232e6e0624cc1640, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:5a:25:c5:94:61:47:2d:1d:b0:e7:b2:45:07: 85:01:99:f2:7e:fa:2e:0e:a5:95:2c:ff:2d:b4:66: 6e:f8:1f:ed:ba:af:62:f2:5b:ea:dd:8e:71:ee:18: 67:ef:04:b3:4a:80:a4:4d:40:47:f8:4f:cf:90:c9: 1a:35:8a:ba:87:24:65:f3:84:86:e2:00:b2:a6:77: 5e:77:31:0a:11:45:61:44:f2:f4:b7:16:7e:a9:3c: dd:d8:42:6c:43:4a:36:7d:4e:89:dd:c5:a2:20:28: 43:ea:1f:2f:81:cd:ad:60:84:a6:8f:f8:7d:89:8c: bd:53:1b:63:60:ba:9d:73:43:cb:a7:44:6a:df:02: 3f:12:13:5d:cd:f8:a6:fb:c7:9b:19:55:12:49:b0: 03:10:12:86:8b:0d:83:80:52:49:11:08:55:a8:31: 5c:a0:24:81:81:99:25:52:34:a6:18:c6:cc:a8:91: 72:c9:17:d8:84:64:a1:dc:5d:0f:90:3e:6a:d9:90: 95:51:56:54:0b:de:0f:d8:2a:f3:72:5e:a6:d3:59: cf:c6:d6:de:f9:0f:b9:63:7d:9c:d7:b6:0b:b4:28: b2:b1:2e:7f:01:ca:2e:51:4d:bf:01:a7:6a:c2:f4: d2:3f:a2:49:df:a9:1d:51:cf:31:e3:f3:dd:18:fe: c0:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:45:46:F7:81:99:F0:31:71:15:D5:65:88:CF:E6:AA:27:3B:00:92 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2514fe3-5779-4174-ba62-2a19e0c7ddf9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da21::/36 Signature Algorithm: sha256WithRSAEncryption 8b:62:8d:98:47:8b:c8:7f:98:0e:b7:bf:a0:be:ca:b7:13:d8: 00:39:9a:9b:22:2b:e4:aa:a4:93:f6:c2:48:03:ff:22:89:ed: 07:0a:8b:64:a6:15:24:cc:36:7d:e9:7c:da:ed:1b:22:dd:82: 5d:8d:1a:ce:89:ab:7e:d7:21:e4:d6:08:0c:25:4e:28:e9:8a: 07:6d:12:b7:10:16:6a:de:ea:79:1b:22:07:0e:dc:61:d4:c9: 6d:5b:7b:94:a2:e5:3a:5d:fd:29:12:66:92:11:b0:a9:90:76: 37:bb:50:0a:c6:04:75:95:ef:dd:f2:3d:07:2b:7f:db:e2:d7: 79:0c:14:1f:83:c4:ad:c9:64:b6:30:a9:7d:7f:00:d9:5f:a5: 7d:97:6e:2e:12:fd:ce:c1:2c:6b:b9:9a:e5:a4:fc:8f:3d:d2: ba:6e:02:56:8d:c0:ba:d9:2a:de:ea:89:05:8e:ac:ef:b4:bf: 2e:2a:45:db:e4:02:31:b2:13:7c:e6:a3:b6:63:09:53:ae:d4: bd:b9:54:db:69:cc:52:89:72:e5:fb:4e:10:74:7f:97:57:3b: af:3e:aa:81:21:d0:ab:f5:85:5c:d7:1f:f0:66:c2:99:80:38: 5b:77:23:d5:a9:99:41:4a:19:e3:19:11:cc:25:60:61:a0:73: ce:26:35:ad -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUP9R1+CelHLMlRrydY2ymCtwm3CMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkxMTAwMDAwMFoX DTIzMTAxNjIzNTk1OVowejFJMEcGA1UEBRNAZjMyOWEwOThmYTA2MDA4MWZmMjFh ZjZhMTA4MDI0ZjA3MDhlZDlmNTcyODdiZDYxMjMyZTZlMDYyNGNjMTY0MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlolxZRhRy0dsOeyRQeFAZnyfvou DqWVLP8ttGZu+B/tuq9i8lvq3Y5x7hhn7wSzSoCkTUBH+E/PkMkaNYq6hyRl84SG 4gCypndedzEKEUVhRPL0txZ+qTzd2EJsQ0o2fU6J3cWiIChD6h8vgc2tYISmj/h9 iYy9UxtjYLqdc0PLp0Rq3wI/EhNdzfim+8ebGVUSSbADEBKGiw2DgFJJEQhVqDFc oCSBgZklUjSmGMbMqJFyyRfYhGSh3F0PkD5q2ZCVUVZUC94P2Crzcl6m01nPxtbe +Q+5Y32c17YLtCiysS5/AcouUU2/AadqwvTSP6JJ36kdUc8x4/PdGP7APwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFM9FRveBmfAxcRXVZYjP5qonOwCSMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2EyNTE0ZmUzLTU3NzktNDE3NC1iYTYyLTJhMTllMGM3ZGRmOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaIQAwDQYJKoZIhvcNAQELBQADggEBAItijZhHi8h/mA63v6C+ yrcT2AA5mpsiK+SqpJP2wkgD/yKJ7QcKi2SmFSTMNn3pfNrtGyLdgl2NGs6Jq37X IeTWCAwlTijpigdtErcQFmre6nkbIgcO3GHUyW1be5Si5Tpd/SkSZpIRsKmQdje7 UArGBHWV793yPQcrf9vi13kMFB+DxK3JZLYwqX1/ANlfpX2Xbi4S/c7BLGu5muWk /I890rpuAlaNwLrZKt7qiQWOrO+0vy4qRdvkAjGyE3zmo7ZjCVOu1L25VNtpzFKJ cuX7ThB0f5dXO68+qoEh0Kv1hVzXH/BmwpmAOFt3I9WpmUFKGeMZEcwlYGGgc84m Na0= -----END CERTIFICATE-----Generated at Mon Sep 11 15:37:31 2023 by rpki-client on console-fra.rpki-client.org