$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8746c50-b2c6-438f-ad79-3b608da68b61.roa File: a8746c50-b2c6-438f-ad79-3b608da68b61.roa (raw, json) Hash identifier: 4jRmnFKk25R2lxTTn4Ws2PUIeht0p0kWVQn7JaGYRSs= Subject key identifier: A3:4F:E1:83:E5:D6:15:4F:C3:98:E5:48:FD:23:F1:FF:A0:2A:66:51 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 26723AC21B1A4C516D8ECE160C69FF76D51E75E8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8746c50-b2c6-438f-ad79-3b608da68b61.roa Signing time: Tue 16 Jul 2024 00:00:00 +0000 ROA not before: Tue 16 Jul 2024 00:00:00 +0000 ROA not after: Tue 20 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:72:3a:c2:1b:1a:4c:51:6d:8e:ce:16:0c:69:ff:76:d5:1e:75:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 16 00:00:00 2024 GMT Not After : Aug 20 23:59:59 2024 GMT Subject: serialNumber=7a62b3b065b185daae1fe5d496fc4ff965fecb52b2565c3dd2e7e835aeb2765a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:6d:18:e6:6e:6d:9f:2a:0f:5c:98:4b:91:5c: 5e:e5:d5:7d:56:33:52:93:c8:7f:15:96:79:ff:2f: 58:bc:e6:2b:3b:75:d5:7e:ef:88:ba:cc:13:fc:35: 31:8a:14:23:80:cf:54:f2:51:ac:c8:a6:de:5a:09: 6a:4e:29:cb:44:e5:8d:92:5a:a3:74:25:74:eb:90: 09:43:ec:c9:71:25:49:7a:1c:dd:ae:0d:1e:89:e1: be:12:a9:87:b7:ed:6b:55:51:97:5d:2f:58:e1:44: e4:1d:59:81:84:3f:70:b0:97:8e:c5:79:06:03:67: a2:53:42:0c:c2:a9:f4:de:93:b4:b9:b9:64:b5:48: 21:a3:11:4f:02:da:88:ea:2d:cd:54:4c:e9:9c:0e: 4a:85:b8:2c:2c:18:da:32:57:97:29:0a:1d:48:9b: 8a:c8:83:97:58:b2:2f:b4:c1:fe:de:27:bb:04:a3: 8d:23:92:23:75:cc:f3:d7:9f:c1:8c:b1:66:ec:cf: 4e:2c:ef:d3:f5:8f:c4:1a:90:df:ee:1b:30:07:d0: 17:e1:57:a6:9b:71:43:d6:c0:cb:00:b1:28:e5:fa: fb:2b:d0:9b:76:36:51:44:61:f2:53:81:d7:54:db: e3:57:2c:09:95:69:16:d9:a6:a5:cf:c3:33:e2:ff: a9:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:4F:E1:83:E5:D6:15:4F:C3:98:E5:48:FD:23:F1:FF:A0:2A:66:51 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8746c50-b2c6-438f-ad79-3b608da68b61.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:6000::/40 Signature Algorithm: sha256WithRSAEncryption 54:db:47:ef:8e:c2:d7:88:e2:45:85:99:00:44:5f:8d:ca:2a: 3d:aa:31:88:3d:d1:f0:51:d1:d7:8e:df:4e:97:f4:03:ad:b9: f8:d0:56:90:a1:6b:0a:77:0a:59:e7:5c:02:d9:60:7e:d1:b3: 7c:bb:4a:e1:e0:fe:ac:0d:1d:77:d2:72:15:66:01:c0:70:a5: 95:e5:ee:47:87:91:46:12:12:b7:68:54:e8:3c:2f:0b:85:0c: 64:3a:b7:c7:99:94:ad:09:ef:91:f2:dc:f0:76:67:a9:31:10: 79:e0:f0:f3:05:62:f8:53:38:71:0f:57:a4:5f:43:91:d7:ec: df:ca:dd:f9:0d:29:90:0f:aa:cb:c0:f4:c4:c9:af:a0:62:ee: eb:be:c4:5a:c2:8c:c8:c1:78:7f:32:ca:21:2c:f2:27:ef:c7: f7:c2:7d:2d:a7:a2:37:40:a0:f7:e3:8c:d4:f5:c3:2a:41:af: 39:40:47:f8:4f:39:68:52:cb:d2:8b:e9:b1:c0:92:69:cc:51: d0:82:8d:99:82:14:95:4f:35:4d:e2:91:d8:be:4e:68:50:16: 17:f6:16:5a:fb:e7:98:0f:da:81:b4:56:7f:41:c3:5b:32:b2: c9:a6:63:90:10:bf:f4:5c:da:51:6d:e2:67:62:74:56:47:76: b9:9e:67:1d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJnI6whsaTFFtjs4WDGn/dtUedegwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcxNjAwMDAwMFoX DTI0MDgyMDIzNTk1OVowejFJMEcGA1UEBRNAN2E2MmIzYjA2NWIxODVkYWFlMWZl NWQ0OTZmYzRmZjk2NWZlY2I1MmIyNTY1YzNkZDJlN2U4MzVhZWIyNzY1YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp20Y5m5tnyoPXJhLkVxe5dV9VjNS k8h/FZZ5/y9YvOYrO3XVfu+IuswT/DUxihQjgM9U8lGsyKbeWglqTinLROWNklqj dCV065AJQ+zJcSVJehzdrg0eieG+EqmHt+1rVVGXXS9Y4UTkHVmBhD9wsJeOxXkG A2eiU0IMwqn03pO0ublktUghoxFPAtqI6i3NVEzpnA5KhbgsLBjaMleXKQodSJuK yIOXWLIvtMH+3ie7BKONI5Ijdczz15/BjLFm7M9OLO/T9Y/EGpDf7hswB9AX4Vem m3FD1sDLALEo5fr7K9CbdjZRRGHyU4HXVNvjVywJlWkW2aalz8Mz4v+pIwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKNP4YPl1hVPw5jlSP0j8f+gKmZRMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E4NzQ2YzUwLWIyYzYtNDM4Zi1hZDc5LTNiNjA4ZGE2OGI2MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaGAwDQYJKoZIhvcNAQELBQADggEBAFTbR++OwteI4kWFmQBE X43KKj2qMYg90fBR0deO306X9AOtufjQVpChawp3ClnnXALZYH7Rs3y7SuHg/qwN HXfSchVmAcBwpZXl7keHkUYSErdoVOg8LwuFDGQ6t8eZlK0J75Hy3PB2Z6kxEHng 8PMFYvhTOHEPV6RfQ5HX7N/K3fkNKZAPqsvA9MTJr6Bi7uu+xFrCjMjBeH8yyiEs 8ifvx/fCfS2nojdAoPfjjNT1wypBrzlAR/hPOWhSy9KL6bHAkmnMUdCCjZmCFJVP NU3ikdi+TmhQFhf2Flr755gP2oG0Vn9Bw1syssmmY5AQv/Rc2lFt4mdidFZHdrme Zx0= -----END CERTIFICATE-----Generated at Fri Jul 26 02:06:16 2024 by rpki-client on console-fra.rpki-client.org