$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b81ad493-1f3b-421d-8c43-f9ccfdf997a3.roa File: b81ad493-1f3b-421d-8c43-f9ccfdf997a3.roa (raw, json) Hash identifier: JhtbPhBIrXwXncHFzWGthNgXkXfFA8uzVs6+7BuTEhQ= Subject key identifier: A9:8F:C1:97:47:CD:A6:FD:11:17:D6:A7:9F:5F:E6:0E:2C:BF:13:86 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3A185D68E7F6E6FCA39C13FC7AF13E6E7AF2D1AF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b81ad493-1f3b-421d-8c43-f9ccfdf997a3.roa Signing time: Mon 18 Sep 2023 00:00:00 +0000 ROA not before: Mon 18 Sep 2023 00:00:00 +0000 ROA not after: Mon 23 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da70:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 20 Sep 2023 03:07:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:18:5d:68:e7:f6:e6:fc:a3:9c:13:fc:7a:f1:3e:6e:7a:f2:d1:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 18 00:00:00 2023 GMT Not After : Oct 23 23:59:59 2023 GMT Subject: serialNumber=8be1aa137a5eaa0344428c3bad9ad75cc700ed345d5838cd226aa4d3d1f19ca8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:0d:f3:c8:00:88:b0:be:9f:04:38:02:2a:a6: 9d:d1:9c:d1:83:a5:35:be:2a:b1:d4:e2:09:fc:51: 40:fe:a0:78:83:10:66:e3:e7:22:d0:48:94:21:0a: 4a:28:1d:64:b6:2f:e3:db:55:14:e4:35:32:fb:bb: fa:53:40:b5:ad:4f:12:a6:89:23:ff:98:2b:94:52: ed:65:d3:15:00:63:de:ec:96:be:c7:33:33:62:67: 98:18:f4:27:91:28:f5:f8:76:ce:a7:3f:3a:97:e5: ae:38:47:3c:50:60:cc:41:73:89:a8:03:85:19:7b: 28:5e:bb:58:a4:84:47:dd:26:e0:f8:1e:40:f0:ed: ef:a8:5a:3f:c5:b7:f7:7b:38:65:c8:be:c9:f2:a7: 9b:bf:c5:14:39:02:77:25:45:64:a6:bb:9c:8d:3e: ce:7f:cd:34:55:d5:b7:aa:56:72:a2:5a:22:5b:f6: 66:69:41:0b:cb:f4:26:93:03:fe:62:eb:d5:9d:1c: f6:d0:de:7d:c8:a5:20:b8:47:21:85:40:14:85:94: e3:72:d6:04:b1:b7:4a:53:a1:6d:a0:17:31:91:7d: af:e1:c8:43:43:73:ca:c4:61:84:99:7b:9e:25:75: 1d:31:5f:04:a6:1d:9c:52:42:14:d8:ed:e4:80:d7: 58:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:8F:C1:97:47:CD:A6:FD:11:17:D6:A7:9F:5F:E6:0E:2C:BF:13:86 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b81ad493-1f3b-421d-8c43-f9ccfdf997a3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da70:e000::/40 Signature Algorithm: sha256WithRSAEncryption b7:86:7e:8b:d8:22:ee:ae:bc:05:44:20:0f:3f:40:54:f8:d8: 32:5a:3b:cc:98:0a:e9:09:12:37:32:9b:8c:31:42:a5:af:c1: b3:1a:42:34:dd:ab:9f:31:b0:6f:e7:b4:f9:c8:6d:75:a4:83: 99:2d:18:2c:01:89:a2:15:07:99:90:a0:dd:21:06:d2:d9:d3: ab:b8:4b:d1:86:d6:13:d3:59:bb:a3:94:8b:48:2b:15:0b:4a: 8e:86:9c:b3:bf:29:8d:f3:70:52:91:87:1d:65:06:22:a1:af: 57:32:a8:06:ed:f7:9e:8d:3f:6e:50:8d:cb:a2:e8:6e:b2:7f: 3d:de:8f:59:98:74:6b:25:85:aa:78:33:c4:e1:38:ad:ff:7e: 63:6c:95:9f:ba:28:c3:9f:a0:50:bf:9f:9e:be:71:21:62:86: 02:61:5a:15:74:d3:23:4b:f3:14:73:df:41:23:2b:8a:74:ab: d3:67:f3:d8:eb:77:02:8b:90:bf:4a:a0:b1:14:83:ec:ca:ed: 48:04:83:94:66:65:85:89:bc:a1:d5:1d:84:e5:60:b4:34:9e: cf:3c:37:5b:7c:25:91:9b:2b:1a:dd:c4:f6:37:4d:bb:19:8b: f5:76:23:64:c3:01:d2:33:5d:c6:c2:27:ae:11:cb:13:d2:68: c9:7f:fb:cc -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUOhhdaOf25vyjnBP8evE+bnry0a8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkxODAwMDAwMFoX DTIzMTAyMzIzNTk1OVowejFJMEcGA1UEBRNAOGJlMWFhMTM3YTVlYWEwMzQ0NDI4 YzNiYWQ5YWQ3NWNjNzAwZWQzNDVkNTgzOGNkMjI2YWE0ZDNkMWYxOWNhODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0A3zyACIsL6fBDgCKqad0ZzRg6U1 viqx1OIJ/FFA/qB4gxBm4+ci0EiUIQpKKB1kti/j21UU5DUy+7v6U0C1rU8Spokj /5grlFLtZdMVAGPe7Ja+xzMzYmeYGPQnkSj1+HbOpz86l+WuOEc8UGDMQXOJqAOF GXsoXrtYpIRH3Sbg+B5A8O3vqFo/xbf3ezhlyL7J8qebv8UUOQJ3JUVkprucjT7O f800VdW3qlZyoloiW/ZmaUELy/QmkwP+YuvVnRz20N59yKUguEchhUAUhZTjctYE sbdKU6FtoBcxkX2v4chDQ3PKxGGEmXueJXUdMV8Eph2cUkIU2O3kgNdYCQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKmPwZdHzab9ERfWp59f5g4svxOGMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2I4MWFkNDkzLTFmM2ItNDIxZC04YzQzLWY5Y2NmZGY5OTdhMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbacOAwDQYJKoZIhvcNAQELBQADggEBALeGfovYIu6uvAVEIA8/ QFT42DJaO8yYCukJEjcym4wxQqWvwbMaQjTdq58xsG/ntPnIbXWkg5ktGCwBiaIV B5mQoN0hBtLZ06u4S9GG1hPTWbujlItIKxULSo6GnLO/KY3zcFKRhx1lBiKhr1cy qAbt956NP25Qjcui6G6yfz3ej1mYdGslhap4M8ThOK3/fmNslZ+6KMOfoFC/n56+ cSFihgJhWhV00yNL8xRz30EjK4p0q9Nn89jrdwKLkL9KoLEUg+zK7UgEg5RmZYWJ vKHVHYTlYLQ0ns88N1t8JZGbKxrdxPY3TbsZi/V2I2TDAdIzXcbCJ64RyxPSaMl/ +8w= -----END CERTIFICATE-----Generated at Mon Sep 18 15:24:46 2023 by rpki-client on console-fra.rpki-client.org