$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a9d7c5f5-36de-4340-a315-95bb96771dbe.roa File: a9d7c5f5-36de-4340-a315-95bb96771dbe.roa (raw, json) Hash identifier: POLFAFeaA+CgdMbhJyZFEkunxaKu+LiQrdY4GC8of8Q= Subject key identifier: 6C:F2:EF:71:3B:1B:44:5A:4C:1A:3A:AC:8B:D9:6E:AD:59:23:6A:72 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6126276ACC38533F42CDA5BC46512C383EF98D01 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a9d7c5f5-36de-4340-a315-95bb96771dbe.roa Signing time: Mon 08 Apr 2024 00:00:00 +0000 ROA not before: Mon 08 Apr 2024 00:00:00 +0000 ROA not after: Mon 13 May 2024 23:59:59 +0000 asID: 14618 IP address blocks: 27.0.0.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Apr 2024 00:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:26:27:6a:cc:38:53:3f:42:cd:a5:bc:46:51:2c:38:3e:f9:8d:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 8 00:00:00 2024 GMT Not After : May 13 23:59:59 2024 GMT Subject: serialNumber=9c91157533ee213afc242ee30fd9e051b8119ac9fe0c45af080ce80a0733d067, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:00:42:df:4b:70:2d:c9:21:db:36:70:6a:3d: d5:80:91:51:ca:39:07:f1:85:48:24:69:6c:a5:c7: 64:74:a9:cd:05:0d:d0:cc:f5:3a:e1:b2:14:e3:8c: 51:a2:fc:36:89:d5:0d:9a:26:a6:f8:bb:2d:ec:e3: 4f:3e:82:28:ea:9b:5b:f7:75:59:b0:7a:6a:f7:79: 13:eb:31:cd:9a:c3:1a:99:5b:63:32:67:1c:69:a1: a7:d6:43:d1:78:4a:50:33:a2:e4:62:1c:e7:10:1a: 13:45:da:c6:40:51:7b:ff:52:98:ff:c2:77:22:38: 10:2c:2e:0f:74:75:03:5d:ca:4b:c6:ec:c6:b9:c8: a3:c0:70:2b:c8:f9:30:48:e7:fb:26:78:b5:93:a6: 21:eb:b8:f5:0f:82:23:a3:63:b7:b8:bd:1f:5b:44: 6e:56:79:eb:ca:a3:08:3e:b0:ed:da:15:c1:37:35: 72:4f:0d:bc:bd:a1:6f:ab:56:4b:b1:95:73:8f:49: a0:21:cd:98:83:a8:7e:49:87:79:e7:bb:5c:2e:f6: 77:17:90:5d:be:8a:68:5e:e7:79:ea:8c:be:9c:5d: 4e:f6:49:f5:67:47:7a:69:80:e4:83:20:69:b1:2f: 99:18:34:75:fa:ba:49:f1:23:f3:98:c1:ec:66:50: 1f:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:F2:EF:71:3B:1B:44:5A:4C:1A:3A:AC:8B:D9:6E:AD:59:23:6A:72 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a9d7c5f5-36de-4340-a315-95bb96771dbe.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 27.0.0.0/22 Signature Algorithm: sha256WithRSAEncryption 7e:af:98:89:25:11:ca:f0:51:e2:92:00:76:19:5d:11:7a:70: e7:33:e5:0f:8e:0f:c3:bd:eb:04:50:87:0a:a3:8f:9a:ec:7a: 0a:13:d7:21:59:2a:3d:9a:ef:65:26:1a:fa:79:c7:a1:18:a7: 1a:76:a7:70:fb:b1:b8:ab:07:c5:d9:8a:76:6a:a0:a5:15:f1: 18:e2:8b:24:b4:79:11:5a:ef:08:3d:ec:16:96:5e:f6:c6:35: 17:a8:60:0f:73:00:87:40:95:f1:80:ed:50:93:e1:f7:40:a3: 24:1d:ec:3d:63:f0:c3:1d:ee:4f:81:06:59:cc:70:20:11:c5: 4f:c5:5a:d8:43:34:66:cf:64:14:05:56:dc:eb:a1:bd:b3:3c: 6b:0c:1e:0b:8e:b4:30:de:9a:54:c9:c0:e1:84:15:f6:27:ec: 4e:e0:2d:e4:d6:72:4c:ee:16:7f:76:84:39:f3:c6:c2:a4:64: 8e:a0:86:4d:b9:43:fc:dd:bb:e3:05:ab:ff:69:2f:8a:a9:65: ff:fc:03:44:7b:41:21:a0:8f:3a:5a:5a:78:db:44:4a:62:66: 4d:8e:aa:63:d0:dc:7d:55:dc:89:88:f3:f5:33:20:a6:5c:83: cd:65:0a:9c:51:c4:eb:00:ea:25:c8:98:93:df:17:be:13:20: 2c:ee:ec:79 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUYSYnasw4Uz9CzaW8RlEsOD75jQEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQwODAwMDAwMFoX DTI0MDUxMzIzNTk1OVowejFJMEcGA1UEBRNAOWM5MTE1NzUzM2VlMjEzYWZjMjQy ZWUzMGZkOWUwNTFiODExOWFjOWZlMGM0NWFmMDgwY2U4MGEwNzMzZDA2NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwBC30twLckh2zZwaj3VgJFRyjkH 8YVIJGlspcdkdKnNBQ3QzPU64bIU44xRovw2idUNmiam+Lst7ONPPoIo6ptb93VZ sHpq93kT6zHNmsMamVtjMmccaaGn1kPReEpQM6LkYhznEBoTRdrGQFF7/1KY/8J3 IjgQLC4PdHUDXcpLxuzGucijwHAryPkwSOf7Jni1k6Yh67j1D4Ijo2O3uL0fW0Ru VnnryqMIPrDt2hXBNzVyTw28vaFvq1ZLsZVzj0mgIc2Yg6h+SYd557tcLvZ3F5Bd vopoXud56oy+nF1O9kn1Z0d6aYDkgyBpsS+ZGDR1+rpJ8SPzmMHsZlAf4QIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFGzy73E7G0RaTBo6rIvZbq1ZI2pyMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E5ZDdjNWY1LTM2ZGUtNDM0MC1hMzE1LTk1YmI5Njc3MWRiZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCGwAAMA0GCSqGSIb3DQEBCwUAA4IBAQB+r5iJJRHK8FHikgB2GV0R enDnM+UPjg/DvesEUIcKo4+a7HoKE9chWSo9mu9lJhr6ecehGKcadqdw+7G4qwfF 2Yp2aqClFfEY4osktHkRWu8IPewWll72xjUXqGAPcwCHQJXxgO1Qk+H3QKMkHew9 Y/DDHe5PgQZZzHAgEcVPxVrYQzRmz2QUBVbc66G9szxrDB4LjrQw3ppUycDhhBX2 J+xO4C3k1nJM7hZ/doQ588bCpGSOoIZNuUP83bvjBav/aS+KqWX//ANEe0EhoI86 Wlp420RKYmZNjqpj0Nx9VdyJiPP1MyCmXIPNZQqcUcTrAOolyJiT3xe+EyAs7ux5 -----END CERTIFICATE-----Generated at Thu Apr 25 00:30:40 2024 by rpki-client on console-fra.rpki-client.org