$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8746c50-b2c6-438f-ad79-3b608da68b61.roa File: a8746c50-b2c6-438f-ad79-3b608da68b61.roa (raw, json) Hash identifier: HwWjEGREO3CB5sa25FIpII1WsiPMzzwKoh7flidfdvQ= Subject key identifier: D6:97:D5:1B:21:EC:89:27:16:AA:CD:35:4D:3E:24:F1:D8:A3:CB:C5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3CBE5EA2BFF3E6C39480B3763AD00DFB4C9675CD Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8746c50-b2c6-438f-ad79-3b608da68b61.roa Signing time: Sat 06 Apr 2024 00:00:00 +0000 ROA not before: Sat 06 Apr 2024 00:00:00 +0000 ROA not after: Sat 11 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Apr 2024 00:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:be:5e:a2:bf:f3:e6:c3:94:80:b3:76:3a:d0:0d:fb:4c:96:75:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 6 00:00:00 2024 GMT Not After : May 11 23:59:59 2024 GMT Subject: serialNumber=88c1a7dcfd5fc1906461865c7d0796e5927a5ea23121b7b3839f5e0ac68d66a6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:af:99:35:1a:06:27:d4:e0:3d:a9:20:a6:2a: 93:be:51:ef:51:2d:44:fd:b1:d3:5f:61:87:20:32: ee:ea:f5:b6:00:2a:d6:16:30:b5:7b:d6:ff:e0:02: 08:d6:0a:41:c4:6c:54:46:c5:dd:bd:5e:ae:46:27: 45:0d:c4:73:c1:cf:62:6c:de:ce:af:da:b3:df:bb: af:7c:1e:25:1d:fe:66:47:36:0a:c5:a4:a7:c2:83: ab:3f:c0:b7:b1:8f:0c:b6:31:34:61:5b:4d:79:6d: 5e:4c:01:ab:8f:8a:67:a1:db:58:7d:cc:ea:06:e9: c9:5b:19:fd:c4:65:83:e3:7e:4c:ea:b6:59:2e:6c: 7b:56:79:e4:08:2a:d9:05:60:e0:5d:8d:22:5a:e9: aa:b4:53:91:42:49:1e:34:b5:5c:9b:3a:50:26:8f: 1c:d1:00:32:1b:98:91:d9:b5:6e:de:41:61:b8:00: c8:0e:24:e7:a8:67:2c:3c:09:1c:4e:be:c9:b7:9c: 32:f3:18:b9:da:7b:63:e0:9a:5d:0a:14:6c:a9:cc: 95:90:5f:a5:67:1e:b2:00:5c:32:25:86:26:42:53: 2d:c3:aa:8e:13:21:96:7a:7a:b2:84:cc:bd:3c:a6: cf:c2:77:d6:c8:b7:9f:11:8b:fa:11:31:eb:47:ce: 45:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:97:D5:1B:21:EC:89:27:16:AA:CD:35:4D:3E:24:F1:D8:A3:CB:C5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8746c50-b2c6-438f-ad79-3b608da68b61.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:6000::/40 Signature Algorithm: sha256WithRSAEncryption 80:0c:cc:2b:9a:da:40:f9:0a:a0:15:88:0b:43:b2:d7:a6:e7: 14:15:45:c7:43:07:63:a2:43:51:75:3e:0c:b1:6f:af:28:e2: d1:3d:e5:8e:c7:d2:b5:ec:c0:78:00:82:50:53:ba:7c:77:7f: cb:d2:ba:fb:04:f4:41:d5:92:0d:eb:08:14:94:62:15:a4:61: ca:81:05:de:f7:d3:00:eb:a2:53:30:5e:04:ae:2b:7e:1f:24: a9:be:7a:70:1d:50:7c:f7:6f:3b:4e:fa:7a:cc:27:df:6c:fd: 9d:36:4a:fa:f6:76:f1:96:40:87:b4:da:ed:f5:22:85:e8:c7: aa:78:ae:7c:18:ed:4f:a1:f0:87:07:fe:11:b3:6a:7a:01:10: 11:f0:20:54:1b:8a:a9:7a:59:ad:68:70:3d:87:db:af:fb:4d: b6:92:bf:d2:43:bd:90:1f:bd:b1:fb:b8:00:fe:49:d2:fa:14: f8:31:e4:f1:e4:cb:6d:db:65:4b:e6:a9:95:e3:b0:ab:37:5d: 0c:e8:55:88:cc:98:1b:85:b7:4f:fa:92:d4:e9:af:58:08:d2: 8c:10:96:09:61:6c:14:fe:85:b1:c8:aa:d6:e3:37:05:f5:67: 36:cb:a7:1b:dd:de:cc:52:d6:ce:9b:e1:e9:58:0d:e0:dc:78: 0d:3e:19:35 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPL5eor/z5sOUgLN2OtAN+0yWdc0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQwNjAwMDAwMFoX DTI0MDUxMTIzNTk1OVowejFJMEcGA1UEBRNAODhjMWE3ZGNmZDVmYzE5MDY0NjE4 NjVjN2QwNzk2ZTU5MjdhNWVhMjMxMjFiN2IzODM5ZjVlMGFjNjhkNjZhNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6+ZNRoGJ9TgPakgpiqTvlHvUS1E /bHTX2GHIDLu6vW2ACrWFjC1e9b/4AII1gpBxGxURsXdvV6uRidFDcRzwc9ibN7O r9qz37uvfB4lHf5mRzYKxaSnwoOrP8C3sY8MtjE0YVtNeW1eTAGrj4pnodtYfczq BunJWxn9xGWD435M6rZZLmx7VnnkCCrZBWDgXY0iWumqtFORQkkeNLVcmzpQJo8c 0QAyG5iR2bVu3kFhuADIDiTnqGcsPAkcTr7Jt5wy8xi52ntj4JpdChRsqcyVkF+l Zx6yAFwyJYYmQlMtw6qOEyGWenqyhMy9PKbPwnfWyLefEYv6ETHrR85FZQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNaX1Rsh7IknFqrNNU0+JPHYo8vFMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E4NzQ2YzUwLWIyYzYtNDM4Zi1hZDc5LTNiNjA4ZGE2OGI2MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaGAwDQYJKoZIhvcNAQELBQADggEBAIAMzCua2kD5CqAViAtD stem5xQVRcdDB2OiQ1F1Pgyxb68o4tE95Y7H0rXswHgAglBTunx3f8vSuvsE9EHV kg3rCBSUYhWkYcqBBd730wDrolMwXgSuK34fJKm+enAdUHz3bztO+nrMJ99s/Z02 Svr2dvGWQIe02u31IoXox6p4rnwY7U+h8IcH/hGzanoBEBHwIFQbiql6Wa1ocD2H 26/7TbaSv9JDvZAfvbH7uAD+SdL6FPgx5PHky23bZUvmqZXjsKs3XQzoVYjMmBuF t0/6ktTpr1gI0owQlglhbBT+hbHIqtbjNwX1ZzbLpxvd3sxS1s6b4elYDeDceA0+ GTU= -----END CERTIFICATE-----Generated at Thu Apr 25 00:30:40 2024 by rpki-client on console-fra.rpki-client.org