$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b470748f-5988-4a4c-a004-6bf2c03dec55.roa File: b470748f-5988-4a4c-a004-6bf2c03dec55.roa (raw, json) Hash identifier: TYxQKYnbuNcd+b8kw3VfjJBj9NFxmepBfBWYEq2loXk= Subject key identifier: B1:9D:3C:34:22:6F:DA:E8:0C:A1:1E:4F:A0:D4:61:08:9B:B1:91:50 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0924FA97C7FCC0F795AF98DA7838887AAF9A989A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b470748f-5988-4a4c-a004-6bf2c03dec55.roa Signing time: Wed 01 May 2024 00:00:00 +0000 ROA not before: Wed 01 May 2024 00:00:00 +0000 ROA not after: Wed 05 Jun 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafc:4800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 06 May 2024 15:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:24:fa:97:c7:fc:c0:f7:95:af:98:da:78:38:88:7a:af:9a:98:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 1 00:00:00 2024 GMT Not After : Jun 5 23:59:59 2024 GMT Subject: serialNumber=c32dadefdc01d46d888d7ede63354deda33ffc8bb24caeb8edc737fc0e6b1e32, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:b3:1c:39:4b:6d:38:54:e4:3a:23:8c:9e:69: 83:b8:db:1f:27:d8:3f:dd:ae:5d:a8:f1:cd:c5:0a: a0:82:9e:e1:d1:22:c9:43:af:08:e8:47:9b:e6:96: 63:e8:6f:48:dd:d3:30:56:b6:2e:7a:31:bf:43:94: f3:b4:cd:8e:a6:93:a9:48:8d:81:b6:e4:8c:6e:1b: e0:f8:0a:61:7a:0e:78:79:e0:8f:ad:e3:de:19:e4: 60:10:8b:c2:48:f0:63:92:17:c3:31:02:48:bc:9b: f2:57:f1:49:06:d9:63:6e:be:cf:d7:61:be:7c:9f: 3c:59:39:b9:5b:9f:89:8f:6c:4f:a6:2d:ab:57:6a: a6:28:a5:17:37:ea:45:a3:bc:5f:b8:3f:03:50:80: 67:c4:f1:f0:a3:bd:7b:73:61:3c:84:2f:71:86:bc: d9:10:61:22:e0:1f:8d:a4:db:8a:41:11:5e:ec:e3: 86:21:b1:70:fc:34:bb:88:5f:bd:36:fe:1d:9f:2a: c9:4b:ca:4b:f7:08:58:fc:40:a1:28:16:a2:e5:ed: db:c8:7e:03:e5:bb:a5:f2:ef:fb:9c:40:a3:8b:16: f6:79:d4:c5:78:92:ba:4a:3c:c1:ca:98:02:ea:56: bf:50:1c:e1:3e:6d:2c:03:16:51:5f:5b:42:23:88: 48:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:9D:3C:34:22:6F:DA:E8:0C:A1:1E:4F:A0:D4:61:08:9B:B1:91:50 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b470748f-5988-4a4c-a004-6bf2c03dec55.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafc:4800::/40 Signature Algorithm: sha256WithRSAEncryption 0f:c2:af:a4:f7:c1:2c:18:85:45:cf:43:5c:d7:19:9c:82:2c: 10:34:0d:33:da:3f:14:28:20:5d:e3:64:75:77:30:58:4f:fa: dc:65:a8:a5:d1:0e:e0:c0:a0:03:80:ad:ce:bf:6c:c2:95:93: 34:26:34:81:c1:b1:41:03:98:52:00:6a:71:c9:c0:dd:3c:0d: 48:13:b3:87:7b:2b:72:3a:30:89:29:ad:4c:25:01:4c:e7:d9: ca:49:85:e3:fc:9d:13:bd:5e:dd:4c:ef:19:00:19:54:12:81: c0:21:fd:3a:2e:9f:66:6c:8b:35:ff:0b:81:20:20:79:b3:bc: 13:f2:d8:2e:66:e3:44:08:bb:c0:6f:95:a2:d7:ab:f3:80:93: 9b:62:ba:c8:dc:a4:3b:e5:bb:5f:a6:b4:75:e9:e1:1d:c0:81: 71:4d:22:09:07:21:66:94:1f:e6:9e:f3:67:6e:fe:f0:ee:53: 1e:67:8c:c9:eb:06:2a:6f:76:00:1b:c2:25:6f:d2:f1:e6:d7: d0:59:1c:23:02:92:a0:e9:d2:f3:5c:3c:0b:a7:0b:b8:bb:b0: 45:67:97:32:84:fc:ce:63:33:e2:5e:3e:0a:9b:ed:8f:65:d4: c2:0a:91:35:c6:da:6c:ea:12:7b:13:87:68:ac:59:76:d5:b2: cb:d3:1a:ba -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUCST6l8f8wPeVr5jaeDiIeq+amJowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUwMTAwMDAwMFoX DTI0MDYwNTIzNTk1OVowejFJMEcGA1UEBRNAYzMyZGFkZWZkYzAxZDQ2ZDg4OGQ3 ZWRlNjMzNTRkZWRhMzNmZmM4YmIyNGNhZWI4ZWRjNzM3ZmMwZTZiMWUzMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLMcOUttOFTkOiOMnmmDuNsfJ9g/ 3a5dqPHNxQqggp7h0SLJQ68I6Eeb5pZj6G9I3dMwVrYuejG/Q5TztM2OppOpSI2B tuSMbhvg+Apheg54eeCPrePeGeRgEIvCSPBjkhfDMQJIvJvyV/FJBtljbr7P12G+ fJ88WTm5W5+Jj2xPpi2rV2qmKKUXN+pFo7xfuD8DUIBnxPHwo717c2E8hC9xhrzZ EGEi4B+NpNuKQRFe7OOGIbFw/DS7iF+9Nv4dnyrJS8pL9whY/EChKBai5e3byH4D 5bul8u/7nECjixb2edTFeJK6SjzBypgC6la/UBzhPm0sAxZRX1tCI4hI3QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLGdPDQib9roDKEeT6DUYQibsZFQMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2I0NzA3NDhmLTU5ODgtNGE0Yy1hMDA0LTZiZjJjMDNkZWM1NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/EgwDQYJKoZIhvcNAQELBQADggEBAA/Cr6T3wSwYhUXPQ1zX GZyCLBA0DTPaPxQoIF3jZHV3MFhP+txlqKXRDuDAoAOArc6/bMKVkzQmNIHBsUED mFIAanHJwN08DUgTs4d7K3I6MIkprUwlAUzn2cpJheP8nRO9Xt1M7xkAGVQSgcAh /Toun2ZsizX/C4EgIHmzvBPy2C5m40QIu8BvlaLXq/OAk5tiusjcpDvlu1+mtHXp 4R3AgXFNIgkHIWaUH+ae82du/vDuUx5njMnrBipvdgAbwiVv0vHm19BZHCMCkqDp 0vNcPAunC7i7sEVnlzKE/M5jM+JePgqb7Y9l1MIKkTXG2mzqEnsTh2isWXbVssvT Gro= -----END CERTIFICATE-----Generated at Thu May 2 23:18:30 2024 by rpki-client on console-ams.rpki-client.org