$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/aa0d983a-95e1-4b43-a953-b6dc2c882c45.roa File: aa0d983a-95e1-4b43-a953-b6dc2c882c45.roa (raw, json) Hash identifier: OBRi4iSw6aYxyQBwWz/BAkveKCw0g2Rc3Ft8SwBmfLA= Subject key identifier: 1A:41:A2:E9:A8:86:A8:04:B7:B8:E1:BE:9E:E6:C8:E6:F6:61:08:49 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1A040CBAD2F3224DACB7028180576A114E688501 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/aa0d983a-95e1-4b43-a953-b6dc2c882c45.roa Signing time: Sat 06 Apr 2024 00:00:00 +0000 ROA not before: Sat 06 Apr 2024 00:00:00 +0000 ROA not after: Sat 11 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf7:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 28 Apr 2024 00:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:04:0c:ba:d2:f3:22:4d:ac:b7:02:81:80:57:6a:11:4e:68:85:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 6 00:00:00 2024 GMT Not After : May 11 23:59:59 2024 GMT Subject: serialNumber=ae34e88888d2329fcefe4384aa6633cd36b263c020a378ef849efcef9ca1526e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:f5:68:dc:cc:76:0b:7e:0b:d6:8f:e9:92:78: 7e:db:09:57:81:6e:a4:4e:38:f6:cb:71:88:c3:0f: 98:f6:4d:1c:d4:eb:b8:61:04:93:02:5d:b8:4f:4b: b8:b6:b3:80:a5:b5:67:a6:cd:ad:e3:73:20:61:94: 78:90:1e:01:ba:d4:2f:96:95:2b:26:3c:61:96:37: 4b:66:d1:d9:69:47:79:99:d9:80:aa:75:67:0c:a9: 46:c0:5a:d5:11:60:2a:42:24:3b:d3:3a:63:d7:94: fb:0e:ec:d7:6a:4d:35:f9:51:e5:8a:69:d4:b1:b5: 3e:7f:26:f6:47:42:e1:bb:e4:c4:88:9b:79:a0:6e: 3a:5c:24:14:6e:1c:03:76:d6:86:51:3b:26:81:ba: d1:f5:5c:9a:90:60:1c:6c:0e:3a:e8:99:6f:3a:87: 3e:35:34:66:0f:f1:1e:d1:db:e4:5e:79:70:85:84: 99:4c:17:11:08:16:de:0d:4f:42:57:eb:9a:04:3b: 22:fb:a4:86:b9:5f:87:e3:76:97:d0:1b:6d:4d:26: 21:47:87:7b:da:13:3c:d4:0e:6c:e3:97:f6:33:05: 51:76:6e:85:25:ed:0b:e7:2b:9d:3d:ce:7e:d9:67: 9f:2f:dc:19:65:ad:c1:ae:15:87:84:dd:bb:49:d8: e0:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:41:A2:E9:A8:86:A8:04:B7:B8:E1:BE:9E:E6:C8:E6:F6:61:08:49 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/aa0d983a-95e1-4b43-a953-b6dc2c882c45.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf7:a000::/40 Signature Algorithm: sha256WithRSAEncryption 69:2d:aa:62:fc:a8:18:98:b0:f1:14:8b:8b:98:35:d8:1e:0f: 71:40:42:fe:6f:3d:9a:78:ff:1b:8f:fc:7a:71:42:9a:5a:cf: 3e:71:55:eb:c0:18:84:8c:60:02:5c:69:6d:ed:35:3f:bd:6c: 3d:62:eb:67:5f:63:ad:d3:9c:8e:21:e2:7d:5b:23:98:fd:d7: 59:53:05:ab:f5:26:ac:9d:e4:dc:bc:a8:d8:d3:24:9a:bc:a6: 3c:a2:49:99:bb:7f:9f:7e:6c:33:ce:d5:9e:8e:cc:2d:3a:f9: 63:c3:10:95:f8:60:de:e2:0b:9a:68:11:ea:0f:c7:d2:42:59: cf:c7:98:63:bb:32:f8:8b:55:0a:91:75:4c:f7:54:9d:f4:60: 7e:2f:e0:fa:9a:e5:38:b9:6c:1b:2e:51:ce:4a:4e:23:35:42: 4b:6f:64:bf:8b:76:c0:6d:fd:b0:8c:b0:6a:14:3d:60:09:3e: 14:18:81:a8:99:e2:aa:15:79:ad:cc:38:2e:24:1a:ff:73:dc: 73:c9:44:d7:0c:d8:3c:6e:5b:e4:aa:08:2e:38:2e:96:df:22: bd:e5:5d:bc:7b:63:87:5c:5f:92:a6:2b:8c:21:d4:63:0f:db: 3a:2d:1e:4f:02:e2:51:9c:ca:f8:cc:49:da:a4:4e:e8:5f:8b: 64:49:9d:36 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGgQMutLzIk2stwKBgFdqEU5ohQEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQwNjAwMDAwMFoX DTI0MDUxMTIzNTk1OVowejFJMEcGA1UEBRNAYWUzNGU4ODg4OGQyMzI5ZmNlZmU0 Mzg0YWE2NjMzY2QzNmIyNjNjMDIwYTM3OGVmODQ5ZWZjZWY5Y2ExNTI2ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvVo3Mx2C34L1o/pknh+2wlXgW6k Tjj2y3GIww+Y9k0c1Ou4YQSTAl24T0u4trOApbVnps2t43MgYZR4kB4ButQvlpUr JjxhljdLZtHZaUd5mdmAqnVnDKlGwFrVEWAqQiQ70zpj15T7DuzXak01+VHlimnU sbU+fyb2R0Lhu+TEiJt5oG46XCQUbhwDdtaGUTsmgbrR9VyakGAcbA466JlvOoc+ NTRmD/Ee0dvkXnlwhYSZTBcRCBbeDU9CV+uaBDsi+6SGuV+H43aX0BttTSYhR4d7 2hM81A5s45f2MwVRdm6FJe0L5yudPc5+2WefL9wZZa3BrhWHhN27Sdjg9wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBpBoumohqgEt7jhvp7myOb2YQhJMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FhMGQ5ODNhLTk1ZTEtNGI0My1hOTUzLWI2ZGMyYzg4MmM0NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba96AwDQYJKoZIhvcNAQELBQADggEBAGktqmL8qBiYsPEUi4uY NdgeD3FAQv5vPZp4/xuP/HpxQppazz5xVevAGISMYAJcaW3tNT+9bD1i62dfY63T nI4h4n1bI5j911lTBav1Jqyd5Ny8qNjTJJq8pjyiSZm7f59+bDPO1Z6OzC06+WPD EJX4YN7iC5poEeoPx9JCWc/HmGO7MviLVQqRdUz3VJ30YH4v4Pqa5Ti5bBsuUc5K TiM1QktvZL+LdsBt/bCMsGoUPWAJPhQYgaiZ4qoVea3MOC4kGv9z3HPJRNcM2Dxu W+SqCC44LpbfIr3lXbx7Y4dcX5KmK4wh1GMP2zotHk8C4lGcyvjMSdqkTuhfi2RJ nTY= -----END CERTIFICATE-----Generated at Wed Apr 24 05:31:46 2024 by rpki-client on console-fra.rpki-client.org