$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a7bfd155-ec9a-4d86-bf47-6a3a8cd492c2.roa File: a7bfd155-ec9a-4d86-bf47-6a3a8cd492c2.roa (raw, json) Hash identifier: KEoght24nzImS9CMu8MfNV/UTnHnRq9kexsPEJNvY6k= Subject key identifier: 7E:19:99:FB:37:00:BF:40:AD:8F:09:6D:40:F0:62:23:CD:17:41:63 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 382851928D2CB2663917F3A0CCBFE6EC6136FF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a7bfd155-ec9a-4d86-bf47-6a3a8cd492c2.roa Signing time: Wed 24 Apr 2024 00:00:00 +0000 ROA not before: Wed 24 Apr 2024 00:00:00 +0000 ROA not after: Wed 29 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:c800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 09 May 2024 00:01:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:28:51:92:8d:2c:b2:66:39:17:f3:a0:cc:bf:e6:ec:61:36:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 24 00:00:00 2024 GMT Not After : May 29 23:59:59 2024 GMT Subject: serialNumber=639d6da96e7d9d5a805f13bb40b7f4e0300eda3bf6af561189b59fd7552fcca3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:f5:1d:ae:19:a5:83:68:d6:a1:77:14:a4:91: 6a:0a:2a:43:e1:a3:51:a0:9c:38:d2:f2:9d:a4:bb: fb:cb:6a:64:6f:95:5d:0f:35:56:64:9b:dc:aa:68: 8f:b2:be:4d:52:53:ff:1b:e2:5e:bc:13:b7:7a:eb: ed:6c:e3:4d:18:f8:b9:7c:bc:72:f1:67:bf:20:81: b3:29:6d:6e:ec:5d:c4:a1:c6:eb:71:7f:4b:8e:75: 94:32:13:0b:c6:d5:16:12:65:fe:91:78:cf:74:36: e4:5d:83:dd:97:b3:f0:b0:dc:a6:48:c9:0c:5e:2a: 34:db:16:41:14:5f:c3:b2:55:69:78:39:3e:88:a9: e2:58:00:49:05:1e:75:6b:a6:c3:24:a4:14:4e:b8: 02:d7:82:38:90:6d:b2:fe:c2:ca:0b:44:89:ca:e7: b0:3a:18:fe:97:a6:be:96:4d:01:8b:25:42:09:f9: 91:10:40:d2:aa:b1:6c:24:38:97:fd:0b:de:ff:c4: 05:ad:ad:fc:21:12:b3:0b:5a:b2:91:c8:70:43:e1: e2:e5:5b:38:df:93:83:57:d3:3e:de:80:5f:4d:37: cf:49:37:2e:85:c1:a9:1e:ba:3d:83:98:b2:e0:75: aa:bf:33:e9:cd:cb:2b:7c:a3:81:60:26:4e:76:63: bb:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:19:99:FB:37:00:BF:40:AD:8F:09:6D:40:F0:62:23:CD:17:41:63 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a7bfd155-ec9a-4d86-bf47-6a3a8cd492c2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:c800::/40 Signature Algorithm: sha256WithRSAEncryption 0e:66:67:1b:52:34:4a:1d:4d:77:1b:df:4a:00:72:68:45:5d: bd:7f:10:3e:66:47:f1:23:e9:57:70:69:ed:7a:37:be:7c:4f: 1a:29:94:43:55:ee:36:06:c0:d7:1c:5c:12:b5:da:b9:10:3d: b4:ee:90:2b:31:73:9d:83:f4:9d:c2:a6:26:17:b5:f0:e9:d5: ff:5a:19:41:dd:aa:fc:5d:54:1b:f5:07:f9:1d:ba:cb:21:85: 05:af:8b:d0:93:2d:03:45:c4:27:2b:78:74:93:be:7a:cc:04: 0c:a5:89:e2:bb:2e:c8:5c:b2:15:4d:ac:59:54:88:c1:27:37: 77:11:bc:b9:5e:f4:10:1d:99:7e:2a:23:f6:8c:ec:e6:74:d6: 8c:37:b4:ff:54:77:7f:28:27:41:67:b9:ea:d1:96:bb:0e:9c: a5:42:10:83:63:57:97:66:66:48:ae:55:cd:83:b5:59:b1:06: 5a:da:ea:b4:cc:dc:be:90:17:ca:56:52:ab:d2:fe:21:66:d4: 07:2c:25:75:11:de:b5:1d:e4:e4:54:37:df:ea:d5:51:ff:e0: a1:20:4b:76:e9:56:9e:4b:94:59:d9:77:b8:89:b8:bd:c7:44: bf:4e:2b:42:a3:85:8b:c6:2f:05:f0:a2:15:48:a3:bc:57:7f: d7:78:b4:22 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgITOChRko0ssmY5F/OgzL/m7GE2/zANBgkqhkiG9w0BAQsF ADBKMRUwEwYDVQQDEwxBOTFGNjM1RjAwMDAxMTAvBgNVBAUTKDQwNzY4MjU1MjRE MkM2NkQyRTEwNDM2RkU2NUU5M0U4QzFCRDRBMzcwHhcNMjQwNDI0MDAwMDAwWhcN MjQwNTI5MjM1OTU5WjB6MUkwRwYDVQQFE0A2MzlkNmRhOTZlN2Q5ZDVhODA1ZjEz YmI0MGI3ZjRlMDMwMGVkYTNiZjZhZjU2MTE4OWI1OWZkNzU1MmZjY2EzMS0wKwYD VQQDEyRjMGJmMGZlOC03MTdjLTRmNzItOWI0NS1jOWM1MTkxMzJhODEwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQ9R2uGaWDaNahdxSkkWoKKkPho1Gg nDjS8p2ku/vLamRvlV0PNVZkm9yqaI+yvk1SU/8b4l68E7d66+1s400Y+Ll8vHLx Z78ggbMpbW7sXcShxutxf0uOdZQyEwvG1RYSZf6ReM90NuRdg92Xs/Cw3KZIyQxe KjTbFkEUX8OyVWl4OT6IqeJYAEkFHnVrpsMkpBROuALXgjiQbbL+wsoLRInK57A6 GP6Xpr6WTQGLJUIJ+ZEQQNKqsWwkOJf9C97/xAWtrfwhErMLWrKRyHBD4eLlWzjf k4NX0z7egF9NN89JNy6Fwakeuj2DmLLgdaq/M+nNyyt8o4FgJk52Y7v/AgMBAAGj ggJKMIICRjAdBgNVHQ4EFgQUfhmZ+zcAv0CtjwltQPBiI80XQWMwHwYDVR0jBBgw FoAUQHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUF BwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBv c2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RT eG0wdUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEv YTdiZmQxNTUtZWM5YS00ZDg2LWJmNDctNmEzYThjZDQ5MmMyLnJvYTCBlQYDVR0f BIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFt YXpvbmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUw YmVjOTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3Js MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E AgACMAgDBgAkBtrxyDANBgkqhkiG9w0BAQsFAAOCAQEADmZnG1I0Sh1NdxvfSgBy aEVdvX8QPmZH8SPpV3Bp7Xo3vnxPGimUQ1XuNgbA1xxcErXauRA9tO6QKzFznYP0 ncKmJhe18OnV/1oZQd2q/F1UG/UH+R26yyGFBa+L0JMtA0XEJyt4dJO+eswEDKWJ 4rsuyFyyFU2sWVSIwSc3dxG8uV70EB2Zfioj9ozs5nTWjDe0/1R3fygnQWe56tGW uw6cpUIQg2NXl2ZmSK5VzYO1WbEGWtrqtMzcvpAXylZSq9L+IWbUBywldRHetR3k 5FQ33+rVUf/goSBLdulWnkuUWdl3uIm4vcdEv04rQqOFi8YvBfCiFUijvFd/13i0 Ig== -----END CERTIFICATE-----Generated at Sun May 5 01:11:59 2024 by rpki-client on console-ams.rpki-client.org