$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2514fe3-5779-4174-ba62-2a19e0c7ddf9.roa File: a2514fe3-5779-4174-ba62-2a19e0c7ddf9.roa (raw, json) Hash identifier: 5yHdVcnClxakUItBUANo0qVjHvhf8/52Uh5hdDcPkWg= Subject key identifier: D2:51:AD:04:FC:09:FA:77:C6:FB:47:7C:51:96:D6:EC:27:52:F4:45 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 455CB9380FA6B58911C926CEA3AB18583977062B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2514fe3-5779-4174-ba62-2a19e0c7ddf9.roa Signing time: Sat 30 Mar 2024 00:00:00 +0000 ROA not before: Sat 30 Mar 2024 00:00:00 +0000 ROA not after: Sat 04 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da21::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Apr 2024 12:21:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:5c:b9:38:0f:a6:b5:89:11:c9:26:ce:a3:ab:18:58:39:77:06:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 30 00:00:00 2024 GMT Not After : May 4 23:59:59 2024 GMT Subject: serialNumber=69fa989e5aabc30ff750a34c63f2b1961b30da11e7a316a09ba1a55c9c1615dc, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:ff:5c:d5:19:c6:b1:09:43:6c:ec:6e:b2:53: 45:11:fc:cb:9a:3d:e4:86:4d:0e:b5:38:e8:e2:85: 23:9d:b4:ab:2a:67:65:35:7a:d9:e6:20:52:18:78: 69:88:e9:d7:9f:27:82:37:15:40:d1:b4:cf:62:f0: 11:ab:1d:6f:a7:83:52:86:02:af:5b:7c:5f:4c:79: 3b:49:87:1b:e3:ee:7d:25:ba:dc:d0:bf:66:7b:0b: ec:d8:c0:a8:b8:99:90:df:e0:9a:b6:0d:d3:af:57: e4:24:d8:ab:0a:59:59:21:bf:4b:e8:07:9e:3e:8b: c8:55:d9:58:f9:ed:74:27:b9:ab:63:75:56:d9:33: 8c:8a:03:e2:5d:8c:16:b3:bb:c4:a1:bd:67:3b:6f: 04:b0:b1:a6:69:f8:8f:bc:bd:4f:30:b6:28:33:e9: 68:fe:c3:f2:93:cd:34:b7:1f:15:55:36:4f:bc:2b: 74:93:82:d2:12:34:a1:ed:cb:62:5d:44:59:01:fd: 8b:17:8e:ee:fe:b3:ff:62:76:ce:66:13:9c:c9:09: 04:9e:f6:95:26:94:16:0a:7c:b4:af:81:ac:87:68: de:c6:63:d5:03:ac:ba:6f:f2:04:55:dc:b9:a9:cc: 52:27:13:3b:57:35:c9:48:31:b7:29:a4:a6:be:c9: ab:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:51:AD:04:FC:09:FA:77:C6:FB:47:7C:51:96:D6:EC:27:52:F4:45 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2514fe3-5779-4174-ba62-2a19e0c7ddf9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da21::/36 Signature Algorithm: sha256WithRSAEncryption 3d:d5:3f:a8:c8:15:b6:90:08:b4:0d:bd:a4:16:76:59:03:a5: a3:9e:fc:71:83:d1:ea:33:ef:4b:64:a7:fd:62:81:9e:1b:e6: c9:5a:76:99:2c:29:1a:20:83:25:f0:5b:4d:4d:a0:e1:ac:5d: de:0f:77:e3:5f:d5:9c:7b:2d:6a:f7:36:a4:3f:cc:f1:7c:0a: 36:2c:58:ce:24:49:7d:5a:59:47:40:6d:28:3c:f8:20:5f:74: fc:d7:fb:db:10:be:4c:79:5b:42:bb:55:ef:51:58:f7:9f:f1: 89:9b:03:4d:5a:e6:05:fb:6e:ea:cb:d0:1d:1e:8e:b1:cf:3e: 2b:4b:d9:44:dd:4e:2b:d1:b1:55:95:de:77:1e:52:01:60:fe: 73:c1:ad:70:c6:e1:d7:9c:84:32:86:6d:74:49:24:95:7f:8d: 4a:69:ce:2c:a4:43:6b:42:bf:eb:3a:57:50:fb:ca:67:f1:0d: 92:88:0b:18:88:97:e3:11:06:9c:ba:17:89:0d:21:a5:f2:33: 4a:06:f2:16:b1:a9:32:eb:69:31:b3:e6:cc:78:92:d5:2b:7b: ca:a3:93:95:79:c2:44:90:dd:1a:ad:b8:cc:2b:e8:71:7a:f6: 94:eb:e7:7a:63:a9:7e:c0:31:6f:6d:ae:05:48:61:a3:02:0b: 50:9c:bd:4a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIURVy5OA+mtYkRySbOo6sYWDl3BiswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDMzMDAwMDAwMFoX DTI0MDUwNDIzNTk1OVowejFJMEcGA1UEBRNANjlmYTk4OWU1YWFiYzMwZmY3NTBh MzRjNjNmMmIxOTYxYjMwZGExMWU3YTMxNmEwOWJhMWE1NWM5YzE2MTVkYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsP9c1RnGsQlDbOxuslNFEfzLmj3k hk0OtTjo4oUjnbSrKmdlNXrZ5iBSGHhpiOnXnyeCNxVA0bTPYvARqx1vp4NShgKv W3xfTHk7SYcb4+59Jbrc0L9mewvs2MCouJmQ3+Catg3Tr1fkJNirCllZIb9L6Aee PovIVdlY+e10J7mrY3VW2TOMigPiXYwWs7vEob1nO28EsLGmafiPvL1PMLYoM+lo /sPyk800tx8VVTZPvCt0k4LSEjSh7ctiXURZAf2LF47u/rP/YnbOZhOcyQkEnvaV JpQWCny0r4Gsh2jexmPVA6y6b/IEVdy5qcxSJxM7VzXJSDG3KaSmvsmrjQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNJRrQT8Cfp3xvtHfFGW1uwnUvRFMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2EyNTE0ZmUzLTU3NzktNDE3NC1iYTYyLTJhMTllMGM3ZGRmOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaIQAwDQYJKoZIhvcNAQELBQADggEBAD3VP6jIFbaQCLQNvaQW dlkDpaOe/HGD0eoz70tkp/1igZ4b5sladpksKRoggyXwW01NoOGsXd4Pd+Nf1Zx7 LWr3NqQ/zPF8CjYsWM4kSX1aWUdAbSg8+CBfdPzX+9sQvkx5W0K7Ve9RWPef8Ymb A01a5gX7burL0B0ejrHPPitL2UTdTivRsVWV3nceUgFg/nPBrXDG4dechDKGbXRJ JJV/jUppziykQ2tCv+s6V1D7ymfxDZKICxiIl+MRBpy6F4kNIaXyM0oG8haxqTLr aTGz5sx4ktUre8qjk5V5wkSQ3RqtuMwr6HF69pTr53pjqX7AMW9trgVIYaMCC1Cc vUo= -----END CERTIFICATE-----Generated at Tue Apr 16 01:09:02 2024 by rpki-client on console-fra.rpki-client.org