$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b81ad493-1f3b-421d-8c43-f9ccfdf997a3.roa File: b81ad493-1f3b-421d-8c43-f9ccfdf997a3.roa (raw, json) Hash identifier: jhK9UqpxJJuAYwQWhjSdSjpbD9NxjF4iQ+ztp54k4BY= Subject key identifier: F3:CD:FD:E7:6A:FC:F3:35:1A:47:C5:4A:EF:AC:4A:44:77:4C:8B:79 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 58F88DB90A99A126E55811AB781725944CF1AA96 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b81ad493-1f3b-421d-8c43-f9ccfdf997a3.roa Signing time: Sat 06 Apr 2024 00:00:00 +0000 ROA not before: Sat 06 Apr 2024 00:00:00 +0000 ROA not after: Sat 11 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da70:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 23 Apr 2024 00:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:f8:8d:b9:0a:99:a1:26:e5:58:11:ab:78:17:25:94:4c:f1:aa:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 6 00:00:00 2024 GMT Not After : May 11 23:59:59 2024 GMT Subject: serialNumber=ac629b1ae56464d273c2359fa100577a3e076f8499193e27afa4bf66913b7375, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:d9:d2:aa:2d:91:43:66:13:29:82:b2:cb:32: ea:15:b0:fe:a9:16:3f:9f:9c:62:2f:2a:12:a7:ab: 24:5c:e4:d1:85:97:47:15:4d:b3:e0:9b:34:92:ff: 62:f4:89:f6:fa:8e:f5:84:b9:0c:c3:77:cf:58:02: 51:77:d3:1a:8b:e6:70:ad:1c:99:de:6c:50:cf:05: d6:f2:36:d0:b3:9b:12:4e:c7:e3:7d:6e:a7:2e:50: b0:c5:8e:58:f8:1b:92:d6:68:a4:e0:23:d3:00:d7: ba:3a:b6:eb:bd:32:fe:e3:65:2a:23:fe:62:68:98: 9a:aa:60:e1:52:8c:c3:f3:c2:b2:ac:18:9d:67:73: 4b:51:a0:6e:b1:cb:03:f9:59:a7:43:9b:ec:e5:10: 2a:34:00:f7:6f:6f:7f:90:c5:62:a5:bc:4e:1b:e2: 71:ad:15:b0:ba:24:a9:35:c4:a9:2c:cf:0b:ba:b9: 06:9e:4d:02:2f:70:c2:2a:ce:4e:a3:6c:ed:d2:54: 86:67:c9:fd:2b:0f:67:8c:17:50:f5:83:d8:70:96: f5:62:63:7b:b5:6e:f3:03:1a:17:09:59:9b:b5:b9: e6:34:73:1b:d1:86:01:39:85:ef:f9:88:e1:03:89: 75:1e:0e:09:3f:af:4e:07:19:e8:a9:46:0c:98:70: e9:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:CD:FD:E7:6A:FC:F3:35:1A:47:C5:4A:EF:AC:4A:44:77:4C:8B:79 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b81ad493-1f3b-421d-8c43-f9ccfdf997a3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da70:e000::/40 Signature Algorithm: sha256WithRSAEncryption 20:22:3c:ac:da:0b:7a:75:ec:af:4b:40:48:3e:95:6b:8d:c7: 3f:50:20:ca:f2:be:19:6b:1f:8b:51:da:05:de:a8:62:b4:08: ad:8c:e3:3d:9e:20:49:09:93:35:2b:0e:1d:c3:f8:08:b1:f1: f6:3a:51:42:d8:1b:96:ff:aa:15:e3:4c:cc:c8:6f:e9:88:0a: 78:c3:ed:06:8d:89:85:6a:cf:33:3a:f5:58:b1:aa:88:ec:65: c2:6b:b2:15:0f:bb:d3:65:0e:c6:2d:01:9f:c9:54:c6:31:86: 9e:db:1b:38:a2:be:18:36:91:59:fd:ad:e5:56:7f:5d:81:00: f9:17:c6:29:bc:ab:ac:fc:00:47:5b:98:7d:cd:c2:00:72:a1: aa:fd:be:ad:29:2a:89:23:c2:fb:46:b6:87:e3:57:33:f4:22: e0:41:79:af:29:60:75:da:d0:17:4d:26:77:ef:61:a1:6d:2c: fd:d2:04:c7:ad:8e:40:aa:48:55:95:de:e7:18:ec:3b:6a:6a: 2a:11:97:14:a2:d8:54:67:7e:e6:0e:5a:cb:a0:ae:7b:0d:97: 2f:aa:c4:1a:a5:61:f6:10:cd:e7:ae:1f:77:e6:06:a8:80:f9: ae:60:7a:13:54:ee:b5:e2:51:df:73:07:8b:02:e6:95:92:81: 84:78:5c:e3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUWPiNuQqZoSblWBGreBcllEzxqpYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQwNjAwMDAwMFoX DTI0MDUxMTIzNTk1OVowejFJMEcGA1UEBRNAYWM2MjliMWFlNTY0NjRkMjczYzIz NTlmYTEwMDU3N2EzZTA3NmY4NDk5MTkzZTI3YWZhNGJmNjY5MTNiNzM3NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9nSqi2RQ2YTKYKyyzLqFbD+qRY/ n5xiLyoSp6skXOTRhZdHFU2z4Js0kv9i9In2+o71hLkMw3fPWAJRd9Mai+ZwrRyZ 3mxQzwXW8jbQs5sSTsfjfW6nLlCwxY5Y+BuS1mik4CPTANe6OrbrvTL+42UqI/5i aJiaqmDhUozD88KyrBidZ3NLUaBuscsD+VmnQ5vs5RAqNAD3b29/kMVipbxOG+Jx rRWwuiSpNcSpLM8LurkGnk0CL3DCKs5Oo2zt0lSGZ8n9Kw9njBdQ9YPYcJb1YmN7 tW7zAxoXCVmbtbnmNHMb0YYBOYXv+YjhA4l1Hg4JP69OBxnoqUYMmHDpEwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPPN/edq/PM1GkfFSu+sSkR3TIt5MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2I4MWFkNDkzLTFmM2ItNDIxZC04YzQzLWY5Y2NmZGY5OTdhMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbacOAwDQYJKoZIhvcNAQELBQADggEBACAiPKzaC3p17K9LQEg+ lWuNxz9QIMryvhlrH4tR2gXeqGK0CK2M4z2eIEkJkzUrDh3D+Aix8fY6UULYG5b/ qhXjTMzIb+mICnjD7QaNiYVqzzM69VixqojsZcJrshUPu9NlDsYtAZ/JVMYxhp7b Gziivhg2kVn9reVWf12BAPkXxim8q6z8AEdbmH3NwgByoar9vq0pKokjwvtGtofj VzP0IuBBea8pYHXa0BdNJnfvYaFtLP3SBMetjkCqSFWV3ucY7DtqaioRlxSi2FRn fuYOWsugrnsNly+qxBqlYfYQzeeuH3fmBqiA+a5gehNU7rXiUd9zB4sC5pWSgYR4 XOM= -----END CERTIFICATE-----Generated at Fri Apr 19 00:50:21 2024 by rpki-client on console-ams.rpki-client.org