$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ae920ed2-97d5-458b-804a-81fcd6f09e97.roa File: ae920ed2-97d5-458b-804a-81fcd6f09e97.roa (raw, json) Hash identifier: pV9SEWLES45/taZc6xeIn5yidGBhfmRRP6AIOd2Z+NM= Subject key identifier: 7B:B9:38:11:CE:6A:AB:C2:86:83:BF:50:0B:D0:69:98:B2:24:DE:DA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3712EBBC8DBD67D314A788C00E926DCA1880E892 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ae920ed2-97d5-458b-804a-81fcd6f09e97.roa Signing time: Mon 18 Sep 2023 00:00:00 +0000 ROA not before: Mon 18 Sep 2023 00:00:00 +0000 ROA not after: Mon 23 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafc:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 20 Sep 2023 03:07:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:12:eb:bc:8d:bd:67:d3:14:a7:88:c0:0e:92:6d:ca:18:80:e8:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 18 00:00:00 2023 GMT Not After : Oct 23 23:59:59 2023 GMT Subject: serialNumber=6879c12b1b1c5c90f3f7937bc36f0bf4ed8a9cb305748074c5c7333ef6b37ee2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:8e:fa:41:84:92:9e:e2:c4:6d:e2:0a:40:52: 6f:e8:15:43:43:f8:b1:48:c7:5f:c3:a5:ff:28:29: 3e:7c:0c:aa:8f:66:37:18:ee:58:71:35:5b:02:15: 41:aa:9d:97:68:88:7b:6e:e1:b8:05:ab:38:7d:2a: bb:6f:05:ba:1f:6d:7d:4f:54:86:f8:61:60:88:df: 7e:4e:f5:41:57:6b:b4:2b:0f:13:f4:fe:51:43:f0: 10:4a:b7:9c:91:94:e9:40:08:67:3c:6a:98:da:2a: 43:d0:e4:6b:e5:49:2b:74:53:59:45:29:b4:06:43: 7d:d7:5c:d9:d0:3f:5e:71:3b:6c:65:98:cd:c5:da: aa:50:e4:1d:f4:e2:e9:c8:14:88:ef:26:bd:7f:8c: bd:15:f4:43:b6:c8:7c:fc:55:61:b8:11:a3:17:16: 55:a4:85:65:a4:88:25:60:db:d2:d8:19:9c:43:fa: 99:30:51:dd:16:42:75:94:ab:c4:6b:b0:e3:03:39: 3b:02:91:92:8c:ce:d1:b8:ac:7e:72:ef:d1:ea:4c: db:65:15:ef:d6:9b:7d:13:c2:6c:fb:95:73:88:e1: ba:c1:61:4f:9e:8c:30:5c:35:26:8c:4a:3a:45:c5: 43:e5:59:13:d9:ba:61:2f:14:19:83:b6:81:b6:f1: 00:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:B9:38:11:CE:6A:AB:C2:86:83:BF:50:0B:D0:69:98:B2:24:DE:DA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ae920ed2-97d5-458b-804a-81fcd6f09e97.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafc:7000::/40 Signature Algorithm: sha256WithRSAEncryption 2c:31:62:bf:0e:05:6b:22:aa:6e:6e:c8:05:19:21:3e:ce:d5: e0:be:a2:15:5d:00:9c:38:f3:88:ae:a7:a6:9b:1c:d8:c1:c2: 6a:95:bd:1b:d2:72:4b:fe:38:ef:25:f6:09:60:f7:4f:08:bd: a3:0f:9d:a6:73:d2:02:a3:af:bc:51:51:61:2d:b9:99:2f:89: 0f:21:c2:04:2f:81:6f:16:2b:5b:fe:d6:6e:1b:40:a5:64:a5: af:b5:4b:69:eb:cc:3c:74:d0:6d:e7:18:f2:a3:cd:2c:d6:a4: fd:47:db:8d:c9:b6:71:da:a2:ef:41:b0:b9:33:8a:d1:c9:b1: dc:55:df:e9:2c:65:0b:46:07:14:f7:4b:85:52:90:e2:83:19: 2e:2b:48:42:19:85:e7:40:da:b0:6e:1d:0a:f5:5f:be:9b:c8: d8:d1:57:ac:8b:cb:67:8b:88:27:d6:64:e0:3a:83:45:34:c0: d8:93:8d:e3:48:d6:19:b0:68:3d:22:19:40:64:d5:f3:73:9d: 41:c6:d8:16:70:1c:65:7e:70:1f:f2:7d:e3:f1:03:90:39:c5: 11:c0:4f:66:78:fc:f0:37:00:97:20:25:b8:70:d1:05:87:f6: fb:09:e2:fd:ce:d8:b0:df:7a:3b:cf:be:a8:b0:2f:a7:db:3b: ea:43:80:68 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUNxLrvI29Z9MUp4jADpJtyhiA6JIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkxODAwMDAwMFoX DTIzMTAyMzIzNTk1OVowejFJMEcGA1UEBRNANjg3OWMxMmIxYjFjNWM5MGYzZjc5 MzdiYzM2ZjBiZjRlZDhhOWNiMzA1NzQ4MDc0YzVjNzMzM2VmNmIzN2VlMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwo76QYSSnuLEbeIKQFJv6BVDQ/ix SMdfw6X/KCk+fAyqj2Y3GO5YcTVbAhVBqp2XaIh7buG4Bas4fSq7bwW6H219T1SG +GFgiN9+TvVBV2u0Kw8T9P5RQ/AQSreckZTpQAhnPGqY2ipD0ORr5UkrdFNZRSm0 BkN911zZ0D9ecTtsZZjNxdqqUOQd9OLpyBSI7ya9f4y9FfRDtsh8/FVhuBGjFxZV pIVlpIglYNvS2BmcQ/qZMFHdFkJ1lKvEa7DjAzk7ApGSjM7RuKx+cu/R6kzbZRXv 1pt9E8Js+5VziOG6wWFPnowwXDUmjEo6RcVD5VkT2bphLxQZg7aBtvEA3wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHu5OBHOaqvChoO/UAvQaZiyJN7aMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FlOTIwZWQyLTk3ZDUtNDU4Yi04MDRhLTgxZmNkNmYwOWU5Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/HAwDQYJKoZIhvcNAQELBQADggEBACwxYr8OBWsiqm5uyAUZ IT7O1eC+ohVdAJw484iup6abHNjBwmqVvRvSckv+OO8l9glg908IvaMPnaZz0gKj r7xRUWEtuZkviQ8hwgQvgW8WK1v+1m4bQKVkpa+1S2nrzDx00G3nGPKjzSzWpP1H 243JtnHaou9BsLkzitHJsdxV3+ksZQtGBxT3S4VSkOKDGS4rSEIZhedA2rBuHQr1 X76byNjRV6yLy2eLiCfWZOA6g0U0wNiTjeNI1hmwaD0iGUBk1fNznUHG2BZwHGV+ cB/yfePxA5A5xRHAT2Z4/PA3AJcgJbhw0QWH9vsJ4v3O2LDfejvPvqiwL6fbO+pD gGg= -----END CERTIFICATE-----Generated at Mon Sep 18 15:40:40 2023 by rpki-client on console-ams.rpki-client.org