$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5e20664-bb4b-418f-9be3-4d905265deec.roa File: a5e20664-bb4b-418f-9be3-4d905265deec.roa (raw, json) Hash identifier: IM64PMLhxx9MIZwcVyvNLy7UkRLoxDnPSp0P35X3uB4= Subject key identifier: 0E:BD:0B:B8:08:5F:CA:DA:30:81:91:BD:A1:7B:13:EA:A5:83:7B:A8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 41444864AA10338AEC5BA963703645A1B41AE3F4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5e20664-bb4b-418f-9be3-4d905265deec.roa Signing time: Sat 06 Apr 2024 00:00:00 +0000 ROA not before: Sat 06 Apr 2024 00:00:00 +0000 ROA not after: Sat 11 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 28 Apr 2024 00:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:44:48:64:aa:10:33:8a:ec:5b:a9:63:70:36:45:a1:b4:1a:e3:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 6 00:00:00 2024 GMT Not After : May 11 23:59:59 2024 GMT Subject: serialNumber=870d481dc36e56979abaeebaa09d2c87f560508ce7f9eff768fc55ef0a936cc6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:13:bc:c5:17:cb:3b:fb:2f:04:d7:d1:ac:45: fd:93:b3:28:3c:85:81:c4:2b:53:d9:f9:cd:20:55: b0:21:2e:85:05:ec:84:99:b9:1b:db:b3:9e:53:6e: b6:76:53:fc:90:e8:88:e1:7f:74:4d:13:aa:ed:a0: 92:87:3a:b9:c6:f1:f5:0a:5a:c9:b4:40:ad:45:9b: 3c:90:bd:bc:63:0a:d9:3d:98:bc:12:ee:c1:0e:f3: 37:f7:d2:e5:dd:a2:30:63:22:cb:85:92:6d:54:96: 9c:04:2e:7f:25:df:80:a8:68:ff:0c:27:0b:83:00: 78:8b:6c:e7:c5:34:cb:fe:55:c6:33:6a:e9:ab:54: b6:cc:2f:2d:00:b1:e5:fa:67:14:f6:77:12:02:b5: 76:4c:b9:43:3b:11:f4:cb:f2:92:1a:3d:43:43:a7: 11:fa:3a:e4:0a:06:c7:1f:68:36:0c:7f:db:44:47: 0b:4f:2b:66:e4:44:79:68:e0:93:84:d2:f4:f3:ac: f9:1b:1e:89:37:f2:11:14:c2:23:b2:40:d4:31:f3: ff:77:09:bf:08:99:45:28:4e:d8:18:01:f4:cf:2b: 4f:29:99:61:6e:e4:52:33:a7:2e:77:2d:99:a3:da: 89:50:76:d2:ad:4b:39:f6:0c:9e:c7:a4:c1:35:45: c4:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:BD:0B:B8:08:5F:CA:DA:30:81:91:BD:A1:7B:13:EA:A5:83:7B:A8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5e20664-bb4b-418f-9be3-4d905265deec.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:8000::/40 Signature Algorithm: sha256WithRSAEncryption 95:5a:02:9c:47:f1:5f:e1:78:74:4d:4e:ed:27:a7:c7:0c:5f: 71:87:bc:15:f4:f8:70:9d:0c:1b:88:34:97:4c:72:0f:33:aa: fb:c7:ab:38:19:60:71:33:75:2b:93:a9:f5:37:1d:89:a8:ba: 4c:cf:23:d5:59:8c:4f:1a:7e:58:82:f1:11:38:df:46:ec:80: 65:65:f1:b5:24:1a:f6:3c:e3:dc:ce:72:53:48:1a:1e:eb:8e: b4:e0:67:a3:72:5c:cf:65:05:82:de:97:70:ba:96:ff:4c:27: f6:58:3e:ea:18:1d:0b:d7:55:3c:e8:eb:a2:a8:0c:d2:c1:4f: a0:b2:d9:9d:17:f6:51:26:85:d4:5e:b3:5e:45:db:bc:11:4c: 13:e2:ff:34:a7:28:b9:05:ee:2a:ca:9b:0c:88:53:1b:9b:ee: 33:51:99:2a:cd:b4:5d:de:9b:0b:f9:f7:5b:bf:06:fb:2d:45: c6:f7:6b:40:c7:24:8c:35:ba:a7:ac:0d:25:e4:8b:ca:fe:d5: 6d:ea:93:d0:67:89:d7:2c:77:14:a9:3d:2b:f8:c2:59:79:d4: 04:45:0f:85:53:a8:ba:96:f9:08:61:d3:85:ca:81:a6:31:f8: 46:47:24:2a:a2:d4:e7:a9:78:82:e2:db:bb:5f:cb:02:69:e3: c8:46:60:8c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQURIZKoQM4rsW6ljcDZFobQa4/QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQwNjAwMDAwMFoX DTI0MDUxMTIzNTk1OVowejFJMEcGA1UEBRNAODcwZDQ4MWRjMzZlNTY5NzlhYmFl ZWJhYTA5ZDJjODdmNTYwNTA4Y2U3ZjllZmY3NjhmYzU1ZWYwYTkzNmNjNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRO8xRfLO/svBNfRrEX9k7MoPIWB xCtT2fnNIFWwIS6FBeyEmbkb27OeU262dlP8kOiI4X90TROq7aCShzq5xvH1ClrJ tECtRZs8kL28YwrZPZi8Eu7BDvM399Ll3aIwYyLLhZJtVJacBC5/Jd+AqGj/DCcL gwB4i2znxTTL/lXGM2rpq1S2zC8tALHl+mcU9ncSArV2TLlDOxH0y/KSGj1DQ6cR +jrkCgbHH2g2DH/bREcLTytm5ER5aOCThNL086z5Gx6JN/IRFMIjskDUMfP/dwm/ CJlFKE7YGAH0zytPKZlhbuRSM6cudy2Zo9qJUHbSrUs59gyex6TBNUXEiQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFA69C7gIX8raMIGRvaF7E+qlg3uoMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E1ZTIwNjY0LWJiNGItNDE4Zi05YmUzLTRkOTA1MjY1ZGVlYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaIAwDQYJKoZIhvcNAQELBQADggEBAJVaApxH8V/heHRNTu0n p8cMX3GHvBX0+HCdDBuINJdMcg8zqvvHqzgZYHEzdSuTqfU3HYmoukzPI9VZjE8a fliC8RE430bsgGVl8bUkGvY849zOclNIGh7rjrTgZ6NyXM9lBYLel3C6lv9MJ/ZY PuoYHQvXVTzo66KoDNLBT6Cy2Z0X9lEmhdRes15F27wRTBPi/zSnKLkF7irKmwyI Uxub7jNRmSrNtF3emwv591u/BvstRcb3a0DHJIw1uqesDSXki8r+1W3qk9Bnidcs dxSpPSv4wll51ARFD4VTqLqW+Qhh04XKgaYx+EZHJCqi1OepeILi27tfywJp48hG YIw= -----END CERTIFICATE-----Generated at Wed Apr 24 01:54:32 2024 by rpki-client on console-ams.rpki-client.org