$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/be7285bb-f342-4843-b8c8-dad47fe44460.roa File: be7285bb-f342-4843-b8c8-dad47fe44460.roa (raw, json) Hash identifier: pkYY+d7850eS0h8GeS620iUtgF30EB+6xJVe5HA2Yho= Subject key identifier: B7:70:CB:07:5B:E4:09:B6:0D:1A:83:2A:4F:CC:5B:77:41:DF:75:85 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4BCC3DC8D5952EA12FBAF165EEFB40ACD5B279EA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/be7285bb-f342-4843-b8c8-dad47fe44460.roa Signing time: Sat 06 Apr 2024 00:00:00 +0000 ROA not before: Sat 06 Apr 2024 00:00:00 +0000 ROA not after: Sat 11 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Apr 2024 00:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:cc:3d:c8:d5:95:2e:a1:2f:ba:f1:65:ee:fb:40:ac:d5:b2:79:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 6 00:00:00 2024 GMT Not After : May 11 23:59:59 2024 GMT Subject: serialNumber=3563c1112e003cdffbea7de4e1bd2d398035322e11a39020dd14b9d9356c08cd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:be:78:43:75:64:f1:7d:68:c7:7f:4f:d9:13: 91:a8:d9:4e:99:1b:56:2c:e0:87:a1:6c:2d:b8:d2: 69:b6:ab:27:70:5d:e4:b2:ee:05:58:e9:97:53:ef: ce:b0:c1:37:7f:8b:21:69:79:89:82:b1:bb:8d:e8: 30:6b:5a:61:84:60:84:f4:a1:be:b8:46:b0:ff:c4: f6:d9:55:70:1f:a1:07:a5:cd:0b:a9:df:88:b2:4b: 6e:e7:6c:3e:e4:0b:ed:6a:83:8e:b1:77:c8:f9:b3: a3:e9:59:0f:ce:75:ba:8b:20:65:e5:5a:ee:8f:66: 98:e8:8b:25:06:b8:ce:91:52:2e:4f:30:4a:3d:f5: 5d:4d:d0:18:ac:b7:aa:31:8d:7d:d2:8d:6d:72:f6: c3:43:40:c9:4c:de:a8:47:9e:fa:bd:c0:19:b2:cd: 32:e0:6d:59:2d:d7:b6:79:97:25:52:db:b9:eb:84: 49:41:07:d8:74:94:bb:17:48:35:d0:83:52:df:00: 6d:54:48:4a:7c:c1:3b:25:6d:67:cb:24:dd:92:d6: 5e:19:9c:41:5a:3a:5d:78:00:8e:24:3c:7b:fe:c0: b8:51:c6:7a:9a:e5:c2:1f:57:5b:56:ed:46:fd:c5: 3d:ba:26:69:03:5e:8c:6a:7d:f8:a3:d6:42:89:4a: 8b:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:70:CB:07:5B:E4:09:B6:0D:1A:83:2A:4F:CC:5B:77:41:DF:75:85 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/be7285bb-f342-4843-b8c8-dad47fe44460.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:e000::/40 Signature Algorithm: sha256WithRSAEncryption 57:71:2d:16:db:a0:6c:9a:37:c3:bb:87:51:cc:72:ac:d0:47: 90:21:fe:2f:ac:14:f7:8b:a8:b3:5e:0e:12:19:1e:58:ca:5a: 6b:32:2c:74:a9:28:a5:bb:d2:1d:97:45:5c:61:1d:a6:99:8b: 93:d1:7e:3c:eb:db:14:69:04:8e:48:0d:d2:4a:bb:99:33:82: cd:0c:2d:cc:a8:be:f7:67:20:fc:a4:30:b6:85:92:50:d5:60: dc:36:84:c2:c0:55:8d:a0:bf:33:d1:eb:fc:15:ac:8e:b5:d5: 7d:8f:b4:c5:fd:d3:67:45:d2:1d:f1:66:08:9d:8b:c3:b3:12: 22:29:78:a9:8e:6c:df:f7:bd:14:01:ee:65:b4:dc:a4:3d:05: 69:77:5d:da:4f:72:8b:98:97:fc:98:85:24:16:81:ed:49:81: df:1d:c2:d1:f5:65:99:4e:2c:1c:95:89:07:41:6f:2e:0a:b0: fe:b2:05:b0:8e:6a:9c:3e:fb:22:79:24:51:bc:19:a0:3e:c8: 5c:0a:77:4f:c2:c6:80:2d:32:fb:e9:29:9c:9b:87:8b:f2:83: 8e:bb:08:64:bc:c4:69:89:b5:70:2b:2b:62:5c:8d:af:bb:c1: 42:fe:ce:f2:7a:f6:db:11:c1:ed:42:aa:e1:ba:fc:04:c3:81: 21:bd:5d:66 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUS8w9yNWVLqEvuvFl7vtArNWyeeowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQwNjAwMDAwMFoX DTI0MDUxMTIzNTk1OVowejFJMEcGA1UEBRNAMzU2M2MxMTEyZTAwM2NkZmZiZWE3 ZGU0ZTFiZDJkMzk4MDM1MzIyZTExYTM5MDIwZGQxNGI5ZDkzNTZjMDhjZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAur54Q3Vk8X1ox39P2RORqNlOmRtW LOCHoWwtuNJptqsncF3ksu4FWOmXU+/OsME3f4shaXmJgrG7jegwa1phhGCE9KG+ uEaw/8T22VVwH6EHpc0Lqd+Isktu52w+5AvtaoOOsXfI+bOj6VkPznW6iyBl5Vru j2aY6IslBrjOkVIuTzBKPfVdTdAYrLeqMY190o1tcvbDQ0DJTN6oR576vcAZss0y 4G1ZLde2eZclUtu564RJQQfYdJS7F0g10INS3wBtVEhKfME7JW1nyyTdktZeGZxB WjpdeACOJDx7/sC4UcZ6muXCH1dbVu1G/cU9uiZpA16Man34o9ZCiUqLGwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLdwywdb5Am2DRqDKk/MW3dB33WFMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JlNzI4NWJiLWYzNDItNDg0My1iOGM4LWRhZDQ3ZmU0NDQ2MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaeAwDQYJKoZIhvcNAQELBQADggEBAFdxLRbboGyaN8O7h1HM cqzQR5Ah/i+sFPeLqLNeDhIZHljKWmsyLHSpKKW70h2XRVxhHaaZi5PRfjzr2xRp BI5IDdJKu5kzgs0MLcyovvdnIPykMLaFklDVYNw2hMLAVY2gvzPR6/wVrI611X2P tMX902dF0h3xZgidi8OzEiIpeKmObN/3vRQB7mW03KQ9BWl3XdpPcouYl/yYhSQW ge1Jgd8dwtH1ZZlOLByViQdBby4KsP6yBbCOapw++yJ5JFG8GaA+yFwKd0/CxoAt MvvpKZybh4vyg467CGS8xGmJtXArK2Jcja+7wUL+zvJ69tsRwe1CquG6/ATDgSG9 XWY= -----END CERTIFICATE-----Generated at Thu Apr 25 00:30:40 2024 by rpki-client on console-fra.rpki-client.org