$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a7b6771f-2f85-4683-b0d9-3a749bbe218a.roa File: a7b6771f-2f85-4683-b0d9-3a749bbe218a.roa (raw, json) Hash identifier: mNdL0Ty8Qnn+vAn76SPAN9b//w09fclH/8qlEeyGkm4= Subject key identifier: CD:AC:A9:7F:20:09:7C:94:EA:A7:84:43:3A:61:9B:C1:1B:F7:30:65 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 19E43BA214C64B3DA135D1758CC7D41129D5EA0B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a7b6771f-2f85-4683-b0d9-3a749bbe218a.roa Signing time: Mon 08 Jul 2024 00:00:00 +0000 ROA not before: Mon 08 Jul 2024 00:00:00 +0000 ROA not after: Mon 12 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab8:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 31 Jul 2024 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:e4:3b:a2:14:c6:4b:3d:a1:35:d1:75:8c:c7:d4:11:29:d5:ea:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 8 00:00:00 2024 GMT Not After : Aug 12 23:59:59 2024 GMT Subject: serialNumber=8606f575479aa85cc867719d16f4f559b7edb4d71172f00e3242d09e3ee59054, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:0d:86:1e:f1:a4:cb:fa:d8:4c:3e:74:9c:95: 58:1a:cf:dc:f1:71:a9:5e:be:c0:dc:e6:e6:f3:7f: 7c:ca:a3:08:87:f0:be:fa:29:dd:98:c3:74:eb:82: e8:82:14:3c:a1:fc:95:ff:88:aa:96:c8:dc:83:14: e6:7d:ba:3e:11:1f:37:4c:8d:2c:62:10:1f:97:34: 23:a2:36:68:95:66:dc:6f:c0:c3:9b:83:1f:df:13: 97:a8:86:17:9e:e2:0e:b2:a3:9e:3c:1d:10:a2:9c: 7d:15:00:3f:ef:f9:bc:bc:74:4b:52:62:fe:b4:4e: e3:e4:54:51:40:59:db:86:3f:3c:e9:11:09:30:a1: 5f:ba:ed:81:dc:dd:02:fe:62:ea:6e:3a:61:b9:f6: b4:f8:f4:fb:ab:c3:bd:61:45:c6:d0:7f:74:56:69: 38:65:51:b7:f9:0b:c0:44:89:06:86:3a:95:f7:8b: a2:be:2b:28:63:54:7c:ca:07:9d:b9:96:df:89:cd: 00:5e:75:8b:cb:60:2a:12:c6:ef:1e:d2:2f:66:40: fa:fe:75:c2:fa:df:d0:02:3a:2e:36:66:fa:ac:f6: 95:9a:6f:5a:ac:c5:02:04:3b:12:14:ae:03:53:e8: 58:64:fb:4f:73:2a:c4:c2:87:50:af:55:6a:db:31: fb:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:AC:A9:7F:20:09:7C:94:EA:A7:84:43:3A:61:9B:C1:1B:F7:30:65 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a7b6771f-2f85-4683-b0d9-3a749bbe218a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab8:6000::/40 Signature Algorithm: sha256WithRSAEncryption 58:b9:68:10:51:74:e3:a3:3c:c4:b2:4a:29:29:ae:c6:a6:d3: 4a:95:21:bb:d0:98:38:df:27:9e:c0:05:0f:51:64:f1:43:d7: 8b:93:bf:be:24:a9:80:7e:eb:41:34:f0:f4:d6:15:da:b8:c6: 1b:7c:67:ca:2b:24:f8:d9:87:84:66:23:80:58:16:69:53:4e: 66:2b:b8:29:4e:a7:f3:14:31:18:a2:2d:61:2a:bd:6f:ae:f4: 55:76:59:19:3a:c6:cd:21:47:e5:81:38:0c:53:ec:59:de:ba: 1a:77:6e:7d:de:c9:c5:58:df:fe:64:af:76:aa:49:61:d9:06: b4:6b:a1:48:31:c9:57:02:fa:ff:cf:cf:b9:45:5a:64:a2:3e: 0f:ee:87:e5:3d:30:c0:16:0d:82:b8:be:b0:38:51:5a:4b:c3: b2:a0:27:95:ca:b0:fb:f6:1a:82:d6:ca:1a:14:3f:f8:23:20: 59:42:21:52:96:59:e0:9d:d5:3a:f9:6a:51:34:fe:51:82:32: bf:07:f7:5b:2b:c9:e3:fe:9b:98:2b:0f:80:19:d8:e7:25:e0: 38:0b:42:a7:75:f8:b3:a3:4f:19:be:57:2c:07:b1:8e:72:cd: cf:3a:2c:06:91:4e:63:e4:11:25:85:04:7e:41:78:aa:b3:05: e4:bf:a6:f5 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGeQ7ohTGSz2hNdF1jMfUESnV6gswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcwODAwMDAwMFoX DTI0MDgxMjIzNTk1OVowejFJMEcGA1UEBRNAODYwNmY1NzU0NzlhYTg1Y2M4Njc3 MTlkMTZmNGY1NTliN2VkYjRkNzExNzJmMDBlMzI0MmQwOWUzZWU1OTA1NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtA2GHvGky/rYTD50nJVYGs/c8XGp Xr7A3Obm8398yqMIh/C++indmMN064LoghQ8ofyV/4iqlsjcgxTmfbo+ER83TI0s YhAflzQjojZolWbcb8DDm4Mf3xOXqIYXnuIOsqOePB0Qopx9FQA/7/m8vHRLUmL+ tE7j5FRRQFnbhj886REJMKFfuu2B3N0C/mLqbjphufa0+PT7q8O9YUXG0H90Vmk4 ZVG3+QvARIkGhjqV94uivisoY1R8ygeduZbfic0AXnWLy2AqEsbvHtIvZkD6/nXC +t/QAjouNmb6rPaVmm9arMUCBDsSFK4DU+hYZPtPcyrEwodQr1Vq2zH7gQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFM2sqX8gCXyU6qeEQzphm8Eb9zBlMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E3YjY3NzFmLTJmODUtNDY4My1iMGQ5LTNhNzQ5YmJlMjE4YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauGAwDQYJKoZIhvcNAQELBQADggEBAFi5aBBRdOOjPMSySikp rsam00qVIbvQmDjfJ57ABQ9RZPFD14uTv74kqYB+60E08PTWFdq4xht8Z8orJPjZ h4RmI4BYFmlTTmYruClOp/MUMRiiLWEqvW+u9FV2WRk6xs0hR+WBOAxT7Fneuhp3 bn3eycVY3/5kr3aqSWHZBrRroUgxyVcC+v/Pz7lFWmSiPg/uh+U9MMAWDYK4vrA4 UVpLw7KgJ5XKsPv2GoLWyhoUP/gjIFlCIVKWWeCd1Tr5alE0/lGCMr8H91sryeP+ m5grD4AZ2Ocl4DgLQqd1+LOjTxm+VywHsY5yzc86LAaRTmPkESWFBH5BeKqzBeS/ pvU= -----END CERTIFICATE-----Generated at Sat Jul 27 00:57:55 2024 by rpki-client on console-ams.rpki-client.org