$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2f37184-69cc-42f7-b4f9-eac706fa0820.roa File: a2f37184-69cc-42f7-b4f9-eac706fa0820.roa (raw, json) Hash identifier: ZnNy/jTx2JWXQPWCmxn0oRnlPupUu4qh2naaHyPBVRY= Subject key identifier: E3:22:05:B6:DD:E7:3D:31:89:88:19:2A:BF:5D:43:16:F4:D7:E7:82 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 333695890565DA8A2E7C488500BE565FD9BE06BC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2f37184-69cc-42f7-b4f9-eac706fa0820.roa Signing time: Mon 18 Sep 2023 00:00:00 +0000 ROA not before: Mon 18 Sep 2023 00:00:00 +0000 ROA not after: Mon 23 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 20 Sep 2023 03:07:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:36:95:89:05:65:da:8a:2e:7c:48:85:00:be:56:5f:d9:be:06:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 18 00:00:00 2023 GMT Not After : Oct 23 23:59:59 2023 GMT Subject: serialNumber=73b9a509a122267f3489d51fed217f89140e489d5b838e3fa1116e549024fbc1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:6f:e5:d0:7e:f6:51:52:b1:74:5d:c3:8c:cf: 5f:51:ad:b0:42:85:83:c2:0b:c7:99:6f:62:04:77: 7f:2c:51:d5:f2:c7:97:1e:7a:89:ee:c8:18:cf:0f: 26:17:dd:95:59:20:0c:a3:98:b5:a3:17:64:ae:88: 5d:22:ba:ae:bd:06:58:d2:8f:7e:99:f0:77:57:a4: df:09:63:72:36:31:07:9f:f5:78:a8:bc:ee:31:4c: a0:f4:0f:b1:ee:80:5d:18:e7:3c:fe:e9:53:7c:29: 69:1e:b6:08:3f:dc:7e:4d:43:1c:8c:1b:e2:2d:63: b8:54:fd:99:d4:a8:16:57:f1:3f:e6:3f:81:a7:f8: 6d:7b:c6:c7:e0:56:e9:f7:4f:28:57:d3:00:db:e0: bb:2b:92:1a:48:f3:bb:d1:9f:b8:84:93:d2:9d:17: d4:3c:f5:1e:65:88:3c:89:21:54:9b:1e:df:49:89: f6:39:be:35:81:38:3d:72:70:34:b9:75:00:37:8a: 90:5a:b9:7c:99:a5:e4:de:a1:01:cd:40:16:dc:c6: 47:a4:eb:08:bb:35:af:26:ef:d8:a2:e9:c0:a0:8c: 53:04:51:f5:24:71:6f:36:56:6e:2f:b7:ea:dd:b3: ed:e0:d2:60:4e:d0:3e:28:ca:10:fa:21:5c:df:48: 7e:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:22:05:B6:DD:E7:3D:31:89:88:19:2A:BF:5D:43:16:F4:D7:E7:82 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2f37184-69cc-42f7-b4f9-eac706fa0820.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:2000::/40 Signature Algorithm: sha256WithRSAEncryption 39:19:12:74:10:e9:28:06:c0:94:e9:18:0a:52:99:92:99:79: 25:cf:63:5f:99:70:fa:ac:df:06:aa:97:17:ef:09:25:6a:bf: 1c:1f:ff:16:88:1f:ec:2b:03:66:63:b0:40:bf:f0:ee:81:4a: 2a:57:e9:67:c3:ec:05:cb:66:65:f7:74:9d:20:aa:a8:b0:f5: 1e:08:da:b0:a0:19:9a:32:da:29:a7:d5:77:62:e7:f6:75:49: ed:98:21:9d:8c:18:81:6a:fc:63:27:97:86:9d:a9:6a:17:d8: 95:45:66:99:76:c1:3f:30:71:ac:38:dd:44:38:27:8c:08:f6: 3c:e5:9d:90:9a:f9:c6:72:58:bc:6e:c1:ad:0a:c7:ff:a2:d8: 5e:94:f7:39:a8:00:1d:61:9f:3f:08:58:e1:9b:c8:37:74:4c: 79:38:33:02:7c:59:5b:05:ad:25:06:27:2a:00:2c:b9:20:2e: f6:70:98:32:69:a4:fd:5f:db:ab:79:2f:0e:00:a5:1e:54:f1: 2d:c5:d7:c0:ae:31:ea:82:d5:17:eb:d1:f5:64:51:ea:0c:31: 90:fc:cd:c1:6a:96:ff:ac:58:52:51:69:dd:97:b5:4d:d1:e9: 8f:0f:75:c5:9c:4f:1e:09:60:e9:97:a8:24:0a:72:b5:ab:33: 4f:b9:fd:c6 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUMzaViQVl2ooufEiFAL5WX9m+BrwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkxODAwMDAwMFoX DTIzMTAyMzIzNTk1OVowejFJMEcGA1UEBRNANzNiOWE1MDlhMTIyMjY3ZjM0ODlk NTFmZWQyMTdmODkxNDBlNDg5ZDViODM4ZTNmYTExMTZlNTQ5MDI0ZmJjMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnm/l0H72UVKxdF3DjM9fUa2wQoWD wgvHmW9iBHd/LFHV8seXHnqJ7sgYzw8mF92VWSAMo5i1oxdkrohdIrquvQZY0o9+ mfB3V6TfCWNyNjEHn/V4qLzuMUyg9A+x7oBdGOc8/ulTfClpHrYIP9x+TUMcjBvi LWO4VP2Z1KgWV/E/5j+Bp/hte8bH4Fbp908oV9MA2+C7K5IaSPO70Z+4hJPSnRfU PPUeZYg8iSFUmx7fSYn2Ob41gTg9cnA0uXUAN4qQWrl8maXk3qEBzUAW3MZHpOsI uzWvJu/YounAoIxTBFH1JHFvNlZuL7fq3bPt4NJgTtA+KMoQ+iFc30h+BwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOMiBbbd5z0xiYgZKr9dQxb01+eCMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2EyZjM3MTg0LTY5Y2MtNDJmNy1iNGY5LWVhYzcwNmZhMDgyMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaACAwDQYJKoZIhvcNAQELBQADggEBADkZEnQQ6SgGwJTpGApS mZKZeSXPY1+ZcPqs3waqlxfvCSVqvxwf/xaIH+wrA2ZjsEC/8O6BSipX6WfD7AXL ZmX3dJ0gqqiw9R4I2rCgGZoy2imn1Xdi5/Z1Se2YIZ2MGIFq/GMnl4adqWoX2JVF Zpl2wT8wcaw43UQ4J4wI9jzlnZCa+cZyWLxuwa0Kx/+i2F6U9zmoAB1hnz8IWOGb yDd0THk4MwJ8WVsFrSUGJyoALLkgLvZwmDJppP1f26t5Lw4ApR5U8S3F18CuMeqC 1Rfr0fVkUeoMMZD8zcFqlv+sWFJRad2XtU3R6Y8PdcWcTx4JYOmXqCQKcrWrM0+5 /cY= -----END CERTIFICATE-----Generated at Mon Sep 18 15:40:40 2023 by rpki-client on console-ams.rpki-client.org