$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b470748f-5988-4a4c-a004-6bf2c03dec55.roa File: b470748f-5988-4a4c-a004-6bf2c03dec55.roa (raw, json) Hash identifier: ffy17AroQaIfJVIBd8ymm3QcRCgHnyAo8oU60JjvFWA= Subject key identifier: F6:B8:E1:09:41:71:DC:78:F2:B2:31:18:03:3B:97:B2:E9:B8:A9:D6 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 466FE1A07590EB782590EBCE1992172314130074 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b470748f-5988-4a4c-a004-6bf2c03dec55.roa Signing time: Tue 16 Jul 2024 00:00:00 +0000 ROA not before: Tue 16 Jul 2024 00:00:00 +0000 ROA not after: Tue 20 Aug 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafc:4800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:6f:e1:a0:75:90:eb:78:25:90:eb:ce:19:92:17:23:14:13:00:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 16 00:00:00 2024 GMT Not After : Aug 20 23:59:59 2024 GMT Subject: serialNumber=040af789e5e2cf803edb5f9de429862b96d7e8ae9319c955a8621fb68e9774a3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:e7:1d:05:8e:90:75:7d:b9:01:c9:e9:ca:4b: aa:26:65:09:7a:12:0f:d5:80:89:d7:f7:cd:96:d3: e3:6b:f5:e6:cc:f1:96:7b:c2:8a:cd:33:77:d3:59: 73:02:8f:73:8b:f4:34:af:c2:eb:c6:70:19:cd:3b: 03:45:a6:8c:07:f4:80:29:64:6a:ed:f6:39:ec:85: a7:c4:62:79:06:60:f0:ec:5a:59:1e:47:dc:bb:34: 9a:8d:ea:89:01:b2:90:a3:a9:c8:ee:5a:72:73:e6: 1c:60:a0:1c:5c:78:3f:e6:19:84:e2:3f:33:08:de: 3c:bc:f4:4c:7f:d1:fd:f5:7a:30:d5:42:b3:e6:ad: cd:6e:1f:51:66:f2:7f:1a:09:98:e6:55:4f:fb:10: 66:fa:89:e3:d6:36:56:ed:48:c7:49:21:9a:8e:51: 8b:50:33:7f:b9:43:ae:d7:bd:8b:21:ab:75:9c:17: 37:b2:fa:3f:32:88:e5:e3:2f:c7:42:22:2f:72:b8: 75:c9:af:fb:a4:71:da:72:40:22:e8:16:ff:c0:09: 5c:2a:54:c0:8b:6a:91:b0:87:1d:92:ae:bd:d6:9a: 58:0d:21:74:fc:99:53:cf:fe:81:de:2f:b7:8e:94: 1e:24:fc:29:28:f4:82:cb:73:7a:de:14:e3:8b:2c: cb:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:B8:E1:09:41:71:DC:78:F2:B2:31:18:03:3B:97:B2:E9:B8:A9:D6 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b470748f-5988-4a4c-a004-6bf2c03dec55.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafc:4800::/40 Signature Algorithm: sha256WithRSAEncryption 10:03:3b:5a:1d:ce:0e:81:af:29:7c:ba:33:60:9c:67:c3:0a: b6:f9:a3:81:35:ba:c6:c6:c0:4b:e4:09:85:5e:ed:7d:4e:49: d6:40:a9:c4:17:03:f3:3e:9a:aa:b9:95:12:2a:76:e4:e8:28: 9f:05:1b:54:a5:27:ea:f9:fc:42:aa:78:e4:db:83:f9:1f:b9: ec:d6:67:cb:ce:d0:cf:d4:af:de:fd:76:96:9b:da:fe:c0:56: 5c:ac:b5:cb:4a:a9:c6:df:6f:70:34:b4:4c:a8:be:3c:4d:b2: 70:5a:9c:40:12:81:7b:07:2d:9a:af:be:20:42:78:a8:c4:4b: c2:c5:e6:2e:5c:2c:c1:45:e2:59:23:c0:ec:25:e8:3c:d2:20: 0d:97:55:d8:47:87:bc:1c:0f:8a:ba:de:9f:d4:2e:4e:d8:cb: 90:b2:96:13:eb:2e:95:22:74:ef:58:7f:14:54:74:f1:ed:cd: f1:a8:18:46:da:f9:cb:ea:5a:e7:d0:73:90:ae:21:3d:c8:d1: dd:8d:98:35:e6:55:0b:43:63:3c:4b:1f:70:fc:54:84:4e:15: cc:08:c5:db:f9:c0:e1:a1:56:0c:54:3d:04:7b:e6:b6:ac:8d: 67:a1:46:e5:27:67:c0:93:4b:15:96:a7:1c:47:95:ea:8b:a2: 19:94:1c:d8 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIURm/hoHWQ63glkOvOGZIXIxQTAHQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcxNjAwMDAwMFoX DTI0MDgyMDIzNTk1OVowejFJMEcGA1UEBRNAMDQwYWY3ODllNWUyY2Y4MDNlZGI1 ZjlkZTQyOTg2MmI5NmQ3ZThhZTkzMTljOTU1YTg2MjFmYjY4ZTk3NzRhMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApecdBY6QdX25AcnpykuqJmUJehIP 1YCJ1/fNltPja/XmzPGWe8KKzTN301lzAo9zi/Q0r8LrxnAZzTsDRaaMB/SAKWRq 7fY57IWnxGJ5BmDw7FpZHkfcuzSajeqJAbKQo6nI7lpyc+YcYKAcXHg/5hmE4j8z CN48vPRMf9H99Xow1UKz5q3Nbh9RZvJ/GgmY5lVP+xBm+onj1jZW7UjHSSGajlGL UDN/uUOu172LIat1nBc3svo/Mojl4y/HQiIvcrh1ya/7pHHackAi6Bb/wAlcKlTA i2qRsIcdkq691ppYDSF0/JlTz/6B3i+3jpQeJPwpKPSCy3N63hTjiyzLIQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPa44QlBcdx48rIxGAM7l7LpuKnWMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2I0NzA3NDhmLTU5ODgtNGE0Yy1hMDA0LTZiZjJjMDNkZWM1NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/EgwDQYJKoZIhvcNAQELBQADggEBABADO1odzg6Bryl8ujNg nGfDCrb5o4E1usbGwEvkCYVe7X1OSdZAqcQXA/M+mqq5lRIqduToKJ8FG1SlJ+r5 /EKqeOTbg/kfuezWZ8vO0M/Ur979dpab2v7AVlystctKqcbfb3A0tEyovjxNsnBa nEASgXsHLZqvviBCeKjES8LF5i5cLMFF4lkjwOwl6DzSIA2XVdhHh7wcD4q63p/U Lk7Yy5CylhPrLpUidO9YfxRUdPHtzfGoGEba+cvqWufQc5CuIT3I0d2NmDXmVQtD YzxLH3D8VIROFcwIxdv5wOGhVgxUPQR75rasjWehRuUnZ8CTSxWWpxxHleqLohmU HNg= -----END CERTIFICATE-----Generated at Fri Jul 26 01:58:41 2024 by rpki-client on console-ams.rpki-client.org