$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b81f820a-8152-41e4-ab9c-7dcf49c640dc.roa File: b81f820a-8152-41e4-ab9c-7dcf49c640dc.roa (raw, json) Hash identifier: DHONOGt3zyqKPFZMEvyfdiiFTaGMRZG4Ig6GuwuFwsM= Subject key identifier: F2:E7:32:8E:4A:C6:F9:2F:F0:E6:6E:C7:15:89:69:87:89:41:6E:F7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0F6C8E2989B47CD2F243A2F4119007EC015BB8D1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b81f820a-8152-41e4-ab9c-7dcf49c640dc.roa Signing time: Wed 24 Apr 2024 00:00:00 +0000 ROA not before: Wed 24 Apr 2024 00:00:00 +0000 ROA not after: Wed 29 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf0:c800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 09 May 2024 00:01:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:6c:8e:29:89:b4:7c:d2:f2:43:a2:f4:11:90:07:ec:01:5b:b8:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 24 00:00:00 2024 GMT Not After : May 29 23:59:59 2024 GMT Subject: serialNumber=d854095e48a1f4a35a0229df6b0d8ddcad2f84812f758d2497b1bc9b7ed1814b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:52:db:28:07:ae:09:d0:c6:71:f1:13:6c:3a: 4c:05:7a:e4:45:3b:e5:84:1e:2a:de:28:8b:ec:ea: b8:f6:d5:f6:4c:d9:d6:fb:45:ee:1a:a3:6c:56:38: 5f:f9:52:2b:19:03:80:fe:24:1f:2f:23:90:5f:f2: a0:da:af:82:34:a7:05:65:64:08:d5:76:04:94:95: 8f:dd:2e:50:16:19:d2:c6:63:28:39:c6:a0:44:eb: b6:98:02:8b:d7:7f:76:21:9c:2d:ac:b5:b6:7d:87: 49:52:6c:3a:4d:a4:e1:05:cc:bb:d5:cc:82:9f:cb: e6:3b:3a:da:55:32:d6:50:f0:b0:9f:a1:4c:85:5b: 18:b2:2e:28:d6:b2:dd:f3:0b:ad:62:25:ec:23:3a: 20:4a:5a:61:d4:e8:e0:14:75:f3:cb:23:58:7b:2e: 23:b3:47:80:7a:a7:5a:47:48:5e:f3:3a:82:2e:f4: 24:04:9e:6a:f6:9e:8b:68:f4:d0:6d:e6:08:10:4e: be:17:23:91:42:6c:6b:36:74:03:87:76:fb:72:e1: b4:37:73:dd:f2:4b:33:1e:16:c8:eb:ca:3c:8f:97: 56:e7:65:35:b2:63:e2:b6:bd:2f:21:a4:3a:89:07: 71:2d:85:10:03:6d:8c:15:d8:8e:b7:4f:72:62:fd: 15:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:E7:32:8E:4A:C6:F9:2F:F0:E6:6E:C7:15:89:69:87:89:41:6E:F7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b81f820a-8152-41e4-ab9c-7dcf49c640dc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf0:c800::/40 Signature Algorithm: sha256WithRSAEncryption 0f:72:81:f8:48:39:f5:35:71:b9:3e:46:91:b6:82:8b:d2:ae: 01:fd:7c:e9:b0:ef:1a:81:e7:46:1c:83:f8:e6:b9:f7:6d:a0: 6b:5d:f3:3b:ab:8a:00:3e:6d:db:f8:2c:b3:37:0c:20:b1:7d: 57:30:7c:28:d8:4c:30:ee:99:e1:8b:c8:cb:f9:69:f4:fd:b5: bf:2b:7e:5e:5f:d7:23:d6:9e:01:a9:36:31:91:ce:7a:75:db: 02:43:d9:d5:c7:37:75:1b:b9:77:65:b7:eb:df:b3:fa:63:c0: 9e:b5:50:e1:e3:b3:19:ef:b7:ee:6e:63:4e:da:46:20:a3:ed: 27:6f:29:0d:99:e7:92:ba:ee:28:c8:ab:f6:35:a8:bc:7f:e2: c6:71:23:e0:9a:ad:61:37:67:c6:52:63:cf:2d:3d:fe:20:ff: 16:31:db:df:68:0f:0b:b0:9c:f2:8d:d3:70:a7:87:3c:78:bf: c0:22:61:02:fc:87:7b:6c:83:88:0f:13:17:5c:20:64:a9:0c: f0:e3:87:7a:20:13:00:16:d3:65:36:8b:66:3b:a3:da:64:ac: 1a:e6:40:34:d6:3c:ce:8b:a1:71:18:63:bb:50:de:c8:53:23: e2:b8:e1:04:15:2a:84:14:5c:71:de:e7:1c:78:2e:22:74:a7: ac:12:a6:c6 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUD2yOKYm0fNLyQ6L0EZAH7AFbuNEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQyNDAwMDAwMFoX DTI0MDUyOTIzNTk1OVowejFJMEcGA1UEBRNAZDg1NDA5NWU0OGExZjRhMzVhMDIy OWRmNmIwZDhkZGNhZDJmODQ4MTJmNzU4ZDI0OTdiMWJjOWI3ZWQxODE0YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1LbKAeuCdDGcfETbDpMBXrkRTvl hB4q3iiL7Oq49tX2TNnW+0XuGqNsVjhf+VIrGQOA/iQfLyOQX/Kg2q+CNKcFZWQI 1XYElJWP3S5QFhnSxmMoOcagROu2mAKL1392IZwtrLW2fYdJUmw6TaThBcy71cyC n8vmOzraVTLWUPCwn6FMhVsYsi4o1rLd8wutYiXsIzogSlph1OjgFHXzyyNYey4j s0eAeqdaR0he8zqCLvQkBJ5q9p6LaPTQbeYIEE6+FyORQmxrNnQDh3b7cuG0N3Pd 8kszHhbI68o8j5dW52U1smPitr0vIaQ6iQdxLYUQA22MFdiOt09yYv0VVQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPLnMo5Kxvkv8OZuxxWJaYeJQW73MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2I4MWY4MjBhLTgxNTItNDFlNC1hYjljLTdkY2Y0OWM2NDBkYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8MgwDQYJKoZIhvcNAQELBQADggEBAA9ygfhIOfU1cbk+RpG2 govSrgH9fOmw7xqB50Ycg/jmufdtoGtd8zurigA+bdv4LLM3DCCxfVcwfCjYTDDu meGLyMv5afT9tb8rfl5f1yPWngGpNjGRznp12wJD2dXHN3UbuXdlt+vfs/pjwJ61 UOHjsxnvt+5uY07aRiCj7SdvKQ2Z55K67ijIq/Y1qLx/4sZxI+CarWE3Z8ZSY88t Pf4g/xYx299oDwuwnPKN03Cnhzx4v8AiYQL8h3tsg4gPExdcIGSpDPDjh3ogEwAW 02U2i2Y7o9pkrBrmQDTWPM6LoXEYY7tQ3shTI+K44QQVKoQUXHHe5xx4LiJ0p6wS psY= -----END CERTIFICATE-----Generated at Sun May 5 01:20:22 2024 by rpki-client on console-fra.rpki-client.org